Azure Security Center MMA Automatic installation for proxy

%3CLINGO-SUB%20id%3D%22lingo-sub-1139536%22%20slang%3D%22en-US%22%3EAzure%20Security%20Center%20MMA%20Automatic%20installation%20for%20proxy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139536%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20currently%20facing%20an%20issue%20when%20I%20enable%20auto-provisioning%20of%20MMA%20(microsoft%20monitoring%20agent).%20The%20log%20collection%20and%20agent%20working%20is%20perfect%20for%20normal%20VMs.%20However%20there%20is%20one%20difficulty%20in%20servers%20using%20proxy%20for%20their%20outbound%20communication.%20The%20agent%20is%20unable%20to%20send%20the%20logs%20to%20the%20OMS%20since%20the%20outbound%20connection%20is%20through%20proxy.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYes%2C%20I%20know%20there%20is%20a%20manual%20configuration%20option%20available%20to%20specify%20our%20proxy%20details%20manually%20for%20the%20agent%20to%20work%20as%20desired.%20However%2C%20this%20might%20be%20a%20tedious%20process%20when%20I%20have%20around%2050%20to%20100%20servers%20with%20proxy%20outbound%20connection.%20Manually%20configuring%20each%20server%20is%20a%20tedious%20task.%20Hence%20It%20would%20be%20comfortable%20if%20Azure%20provides%20a%20way%20for%20automatic%20configuration%20of%20proxy%20servers%20provided%20the%20user%20can%20give%20an%20i%2Fp%20once%20for%20the%20list%20of%20servers%20that%20have%20proxy%20enabled.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1431188%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Security%20Center%20MMA%20Automatic%20installation%20for%20proxy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1431188%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F538608%22%20target%3D%22_blank%22%3E%40vishal736649%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CP%3EThank%20you%20for%20your%20feedback.%3C%2FP%3E%0A%3CP%3EWe%20are%20looking%20into%20leveraging%20Guest%20configuration%20policies%20(aka.ms%2Fgcpol)%20to%20implement%20setting%20this%20at%20scale%20with%20Azure%20Policy.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20have%20added%20this%20item%20to%20our%20backlog%20and%20would%20be%20happy%20to%20follow%20up%20once%20we%20have%20additional%20updates%20on%20this.%3C%2FP%3E%0A%3CP%3EThanks%2C%3C%2FP%3E%0A%3CP%3EAdam%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

I'm currently facing an issue when I enable auto-provisioning of MMA (microsoft monitoring agent). The log collection and agent working is perfect for normal VMs. However there is one difficulty in servers using proxy for their outbound communication. The agent is unable to send the logs to the OMS since the outbound connection is through proxy. 

 

Yes, I know there is a manual configuration option available to specify our proxy details manually for the agent to work as desired. However, this might be a tedious process when I have around 50 to 100 servers with proxy outbound connection. Manually configuring each server is a tedious task. Hence It would be comfortable if Azure provides a way for automatic configuration of proxy servers provided the user can give an i/p once for the list of servers that have proxy enabled. 

1 Reply

Hi @vishal736649 ,

Thank you for your feedback.

We are looking into leveraging Guest configuration policies (aka.ms/gcpol) to implement setting this at scale with Azure Policy.  

We have added this item to our backlog and would be happy to follow up once we have additional updates on this.

Thanks,

Adam