Forum Discussion

Neil Goldstein's avatar
Neil Goldstein
Iron Contributor
Dec 22, 2017
Solved

Two CAS's? -- confused about discovery through agents on windows clients vs firewall log

There seems to be two Cloud Access Discovery products that have two different "discovery" methods. One seems to be released in late 2015 and seems to get data collection by deploying agents to wind...
Cloud App Security
Cloud Discovery
  • Sumi Venkitaraman's avatar
    Sumi Venkitaraman
    Jan 03, 2018

    Hi Neil,

     

    Thanks for writing in. Sorry about the confusion around the guidance on how to move to the new and enhanced experience for Azure Active Directory Cloud App Discovery. The link from the Azure portal banner has been corrected to point to - https://docs.microsoft.com/en-us/azure/active-directory/cloudappdiscovery-get-started which has the right guidance on how to get started with the new and enhanced experience. 

     

    Regarding the agent-based discovery(current) experience - it will stay live until March 5th, 2018, after which the UI will be disabled. Shortly after, the agents and data will be deleted as well and hence our recommendation for Azure AD Cloud App Discovery is that customers move to the new and enhanced experience and set up the necessary snapshot reports before March 5th to avoid disruption of service. After March 5th, when customers access Cloud App Discovery, they will automatically be directed to http://portal.cloudappsecurity.com and the new experience will be the default.

     

    Communication regarding this was sent out to currently active customers in early December and the portal notification was intended to help serve as a reminder of upcoming deadlines. Hope this clarifies. 

     

Neil Goldstein's avatar
Neil Goldstein
Iron Contributor
Jan 17, 2018

David,

 

Unfortunately that link doesn't deal with my question/concern:.

 

As the prior MS respondant (Suni I think) on 3/5/2018 the agent based discovery service will be phased out.

 

My follow up to Suni was specifically if there are plans to re-introduce a cloud-app-discovery service that would work for users who are 100% roaming - never behind a corporate firewall. The new cloud app discovery doesn't have a way to collect information for roaming users because there is no "LOG" to be parsed.

 

With they "old" cloud app security I could deploy an agent to roaming user laptops. That won't work after 3/5/2018.

 

So what will be the story for detecting shadowIT for roaming users such as sale person laptops? 

 

-Neil

  • daviddevosstars's avatar
    daviddevosstars
    MCT
    Jan 18, 2018

    Hi Neil

     

    I believe they are currently working on a solution that will cover your needs.  Normally you will have the option of using an agent on the roaming device or enforcing the usage of an Azure proxy service. 

     

    If you need to accomplish this today you can check for 3rd party solutions, such as Z-scaler.   But I'm fairly sure something is heading our way from Microsoft as well soon.  ;-)

     

    Have a look at this session where they demo Z-scaler integration. 

     

    https://youtu.be/8et4mw6QOtg?t=40m48s

    • Neil Goldstein's avatar
      Neil Goldstein
      Iron Contributor
      Feb 02, 2018

      David,

       

      I am glad there is some plan in place for Cloud Security to collect data from a few devices not just from logs such as the corporate firewall or proxy.

       

      Thanks!

      • daviddevosstars's avatar
        daviddevosstars
        MCT
        May 02, 2018

        It's work in progress but we're all excited and waiting with high expectations.    ;-)

Resources