Add a Microsoft Azure account to Deep Security

Once you've installed Deep Security Manager, you can add and protect Microsoft Azure virtual machines by connecting a Microsoft Azure account to the Deep Security Manager. Virtual machines appear on the Computers page, where you can manage them like any other computer.

Topics in this section:

What are the benefits of adding an Azure account?

The benefits of adding an Azure account (through Deep Security Manager > Computers > Add Azure Account) instead of adding individual Azure virtual machines (through Deep Security Manager > Computers > Add Computer), are:

  • Changes in your Azure virtual machine inventory are automatically reflected in Deep Security Manager. For example, if you delete a number of instances in Azure, those instances disappear automatically from the manager. By contrast, if you use Computers > Add Computer, Azure instances that are deleted from Azure remain visible in the manager until they are manually deleted.
  • Virtual machines are organized into their own branch in the manager, which lets you easily see which Azure instances are protected and which are not. Without the Azure account, all your virtual machines appear at the same root level under Computers.

Configure a proxy setting for the Azure account

You can configure the Deep Security Manager to use a proxy server to access resources in Azure accounts. For details, see Connect to cloud accounts via proxy.

Add virtual machines from a Microsoft Azure account to Deep Security

Add your Microsoft Azure account to Deep Security following the instructions below.

  1. Before you begin, create an Azure app for Deep Security.
  2. In Deep Security Manager, go to Computers > Add > Add Azure Account.

    As of Deep Security Manager 12.0, 'Quick' mode is no longer available. If you used Quick mode in prior releases, there is no impact to your deployment. All new Azure Cloud accounts must use the advanced method.

  3. Enter a Display name, and then enter the following Azure access information you recorded in step 1:
    • Directory ID
    • Subscription ID
    • Application ID

    If you are upgrading from the Azure classic connector to the Azure Resource Manager connector, the Display name and the Subscription ID of the existing connector will be used.

    If you have multiple Azure subscriptions, specify only one in the Subscription ID field. You can add the rest later.

  4. Select the type of application credential that you want to use (Password or Certificate) and then provide the credential information:
    • For Password:
      • In the Application Password field, enter the client secret.
    • For Certificate:
      • Next to Certificate, click Choose File and upload the certificate.
      • Next to Private Key, click Choose File and upload the private key.
      • If the private key is protected by a password, enter it in Private Key Password (optional).

      The certificate must be in X.509 PEM text format and must be within its validity period. Binary format is not supported.

  5. Click Next.
  6. Review the summary information, and then click Finish.
  7. Repeat this procedure for each Azure subscription, specifying a different Subscription ID each time.

The Azure virtual machines will appear in the Deep Security Manager under their own branch on the Computers page.

You can right-click your Azure account name and select Synchronize Now to see the latest set of Azure VMs.

You will see all the virtual machines in the account. If you'd like to only see certain virtual machines, use smart folders to limit your results. See Group computers dynamically with smart folders for more information.

If you have previously added virtual machines from this Azure account, they will be moved under this account in the Computers tree.

Manage Azure classic virtual machines with the Azure Resource Manager connector

You can also manage virtual machines that were added with the Azure classic connector with the Azure Resource Manager connector, allowing you to manage both your Azure classic and Azure Resource Manager virtual machines with a single connector.

For more information, see Why should I upgrade to the new Azure Resource Manager connection functionality?

  1. On the Computers page, in the Computers tree, right-click the Azure classic portal and then click Properties.
  2. Click Enable Resource Manager connection.
  3. Click Next. Follow the corresponding procedure above.

Remove an Azure account

Removing an Azure account from the Deep Security Manager will permanently remove the account from the Deep Security database. This will not affect the Azure account. Virtual machines with Deep Security Agents will continue to be protected, but will not receive security updates. If you later import these virtual machines from the same Azure account, the Deep Security Agents will download the latest security updates at the next scheduled update.

  1. Go to the Computers page, right-click on the Microsoft Azure account in the navigation panel, and select Remove Cloud Account.
  2. Confirm that you want to remove the account.
  3. The account is removed from the Deep Security Manager.

Synchronize an Azure account

When you synchronize (sync) an Azure account, Deep Security Manager connects to the Azure API to obtain and display the latest set of Azure VMs.

To force a sync immediately:

  1. In Deep Security Manager, click Computers.
  2. On the left, right-click your Azure account and select Synchronize Now.

There is also a background sync that occurs every 10 minutes, and this interval is not configurable. If you force a sync, the background sync is unaffected and continues to occur according to its original schedule.