Azure Manager

Azure Active Directory is now Microsoft Entra ID. You can learn more about this change from Microsoft.

Integrating your Entra ID (formerly Azure) account with Security Manager will require the following identifiers:

  • Tenant ID is a unique identifier of your Entra ID instance.

  • Application (client) ID is a unique identifier of your registered application.

  • Client Secret Value is a key created that serves as proof you own the application ID.

To add a Microsoft Entra ID device (Azure Manager), complete the following steps.

Step 1: Configure the Device

FireMon strives to provide up-to-date product information, however we are not always aware when vendors change their device UI. If any Configure the Device procedure differs from your device version (UI location of fields, not information needed), please consult your device's user guide.

  1. Log on to Microsoft Azure portal.
  2. Copy the following to notepad: 
    • The Tenant ID. Microsoft Entra ID > Properties > Tenant ID.
  3. Register an application.
    1. Microsoft Entra ID > App registrations and click New registration.
    2. Enter a Name for the application.
    3. For Supported account types, select Accounts in this organizational directory only.
    4. Leave Redirect URL (optional) blank.
    5. Click Register.
    6. Copy the Application (client) ID to notepad.
  4. Create a client secret.
    1. From the Manage menu, click Certificates & secrets.
    2. Click New client secret.
    3. Enter a Description for the client secret key.
    4. Select an Expires option from the list that meets your business standards.
    5. Click Add.
    6. Copy the data in the Value field to notepad.

Caution! Save the secret values before you leave the Certificates & secrets page. Once you leave the page, you will not be able to view the secret value again.

  1. Grant access from Microsoft Entra ID to Security Manager.
    1. Open the subscription.
    2. Click Access control (IAM).
    3. Click Add.
    4. For the Role field, select Reader.
    5. Leave the Assign access to field as is.
    6. In the Select field, find the name of your application (used in step 3).
    7. Click Save.
  2. Set a Proxy Server (optional).

Step 2: Onboard the Device in the Administration Module

  1. On the toolbar, click Device > Management Stations.
  2. Click Create, and then click Microsoft > Azure Manager.
  1. Complete the General Properties section.
  1. In the Name box, type the name of the device as you want to see it in SIP.
  2. In the Description box, type an optional description of the device being added.
  3. The Management IP Address box can be left blank.

    A Management IP Address is not needed, however assigning an arbitrary, but unique IP is suggested. For example, 0.0.0.0 or 1.1.1.1 with an incremental increase for each similar vendor management station used (0.0.0.0, 0.0.0.1, 0.0.0.2, etc.). If you don't enter an IP address, logs about the device are sent to a specific directory that is named after the device ID. If you have the IP address in the system it will be used to name the directory, which makes it easier for support to find. For example, a non-IP address device would have a directory with domain_deviceID (example: 1_61).

  1. In the Data Collector box, type the IP address of the data collector that will collect data from this device.
  2. In the Central Syslog Server box, type the syslog server from the list (optional).

Syslog fields are optional if the device uses the same IP for syslog and management.
A central syslog server is required only if syslog messages come from a different IP. A central syslog server must be created before it can be assigned to a device. To track usage via syslog, the device must support Level 3+.

  1. In the Syslog Match Names box, type the syslog match names (optional). You can enter multiple names separated by a comma.
  2. By default, the Automatically Retrieve Configuration check box is selected.
  3. In the External ID box, type a unique identifier to be used when the device identifier is different than what is displayed in SIP.
  1. Device Settings section.

    Credentials

  1. Enter the Tenant ID in the Directory ID field.
  2. Enter the Application (client) ID in the Application ID field.
  3. Enter the client secret Value in the Key field, and then enter it again.

    Proxy

  1. Enter the Proxy Server.
  2. Enter the Proxy Username.
  3. Enter the Proxy Password, and then enter it again.
  1. Retrieval section.

Scheduled Retrieval

Select the Enable Scheduled Retrieval check box to perform a retrieval at a set time regardless of change detection. This will activate additional fields to complete.

  • Set the Scheduled Retrieval Time to fit your requirements.

  • Select the Scheduled Retrieval Time Zone from the list.

Check for Change Retrieval

Select the Enable Check for Change check box to check for configuration changes after the specified interval and perform a retrieval if changes are detected. This will activate an additional field to complete.

  • The default Check for Change Interval time is 1440 minutes (every 24 hours). You can change the check interval time to best fit your requirements. The minimum required interval is 60 minutes (1 hour).

  1. Click Save.
    Devices being managed will be listed in the Discovered Devices section.