cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using Express Route for Azure ATP sensors

markwarnes
Brass Contributor

‎Mar 26 2019 11:05 AM

‎Mar 26 2019 11:05 AM

Using Express Route for Azure ATP sensors

Has anyone ever tried using Azure ATP sensors over Express route and have some details on how it is done? For domain controllers that do not have internet access (and cannot have the TCP 443 opened up, even if only outbound) but that do have access to Express Route, this would be useful information to have and provide a good (and cheaper) alternative to using standalone sensors with port mirroring.

3,308 Views
1 Like
5 Replies
Reply
5 Replies
Valon_Kolica

‎Mar 27 2019 10:14 AM

‎Mar 27 2019 10:14 AM

Re: Using Express Route for Azure ATP sensors

@Andrew Harris (AZURE SEC): Is this something you can speak to?  

0 Likes
Reply
Gerson Levitz

‎Mar 31 2019 09:19 AM

‎Mar 31 2019 09:19 AM

Re: Using Express Route for Azure ATP sensors

@Valon_Kolica @markwarnes 

 

Azure ATP (AATP) does not support Express route. This is something that should work when Secops Unified Portal is released. This is the merging of the Azure ATP and Microsoft Cloud App Security (MCAS) consoles are unified. 

So since MCAS supports ExpressRoute this should be something that AATP will also support. 

You can read about the Secops unified portals in this blog from the RSA announcements. 

Unified SecOps: https://aka.ms/unifiedportal

 

1 Like
Reply
markwarnes

‎Apr 01 2019 02:54 AM

‎Apr 01 2019 02:54 AM

Re: Using Express Route for Azure ATP sensors

@Gerson Levitz- Thanks for your reply, and for confirming that Azure ATP does not (currently) support ExpressRoute.

 

It will be interesting to see how the new unified SecOps portal brings the three products together, and how this might introduce the ExpressRoute capability for Azure ATP, but for now it looks like a standalone Azure ATP sensor server will need to be used for my customer.

0 Likes
Reply
jgriff100

‎Jun 05 2020 03:20 AM

‎Jun 05 2020 03:20 AM

Re: Using Express Route for Azure ATP sensors

Seeing as this was over a year ago, does anyone know if it's possible for on-prem AD servers running the AATP sensor to communicate with the service over express route yet?

0 Likes
Reply
Eli Ofek

‎Jun 05 2020 11:05 AM

‎Jun 05 2020 11:05 AM

Re: Using Express Route for Azure ATP sensors

@jgriff100 Still not possible. 

0 Likes
Reply