Jul 17 2019 09:24 AM
Is there any guidance on using Azure ATP when using AWS Directory Service (https://aws.amazon.com/directoryservice/)?
From my understanding, Domain Controllers are managed for you, so no host access. Can a stand alone sensor be used with some other AWS or VPC configurations (for port mirroring)? Has this been looked at or attempted yet?
Just curious as we may be investigating the ability to use Azure ATP with this type of environment.
Jul 18 2019 01:03 AM
SolutionCurrently no, but if this a service that you are currently using (or anyone else) and you believe it should integrate with Azure ATP, i would be happy to discuss it.
you can contact me at ort@microsoft.com
Jul 22 2019 09:44 AM
Thanks for the information, Or. Just more looking for information as a certain portion of the environment I am in is looking to use this functionality and wanted to be out ahead of it, if possible.
I haven't looked too much into the AWS Directory Service functionality yet, but I think there may be the ability to use a recently released port mirroring feature from AWS (https://aws.amazon.com/blogs/aws/new-vpc-traffic-mirroring/), which may allow for use of a standalone sensor to collect the traffic. Not sure about event forwarding though.
Jul 23 2019 12:15 AM
Great, would be glad to hear how we can extend our solution coverage
Jul 18 2019 01:03 AM
SolutionCurrently no, but if this a service that you are currently using (or anyone else) and you believe it should integrate with Azure ATP, i would be happy to discuss it.
you can contact me at ort@microsoft.com