Forum Discussion

SalmanKhan's avatar
SalmanKhan
Copper Contributor
Oct 02, 2020

Is Azure AD important to run Azure Sentinel ?

Hello,

 

We are trying to build a SOC based on Azure Sentinel, and a have 26 windows on-prem VMs connected via MMA agents. These VMs include 2 Active Directory servers which are on-prem as well, and send logs to Sentinel.
I wanted to know, if Azure AD (with synch to on-prem AD) is highly recommended (or must have) to optimally run Sentinel?

 

Does it affect threat finding capabilites, or UBA capabilities in any way?

 

Resources