Support Center > Search Results > SecureKnowledge Details
CloudGuard Controller support for unique isolated Microsoft Azure Clouds Technical Level
Solution

Background

By default, the Microsoft Azure Data Center server connects only to regular main Microsoft Azure Cloud.

 

vsec.conf location:

For R80.20.M2 version and above:

  • On Multi-Domain Security Management: $MDSDIR/conf
  • On Security Management Server: $FWDIR/conf

For any other version: $VSECDIR/conf

Instructions:

Follow these steps to configure CloudGuard Controller to use Microsoft Azure US Government / China / Germany clouds:

  1. Connect to the Security Management server

  2. Log in to the Expert mode.

  3. Backup the current vsec.conf file:

    [Expert@HostName:0]# cp -v <vsec.conf location>/conf/vsec.conf <vsec.conf location>/conf/vsec.conf_ORIGINAL
  4. Edit the current vsec.conf file:

  5. [Expert@HostName:0]# vi <vsec.conf location>/vsec.conf
  6. Go to the "# Azure scanner config" section.

  7. Add the relevant single region:

    Region Which line has to be added?
    Azure US Government azure.cloudRegion=AzureUSGovernment
    Azure China Cloud azure.cloudRegion=AzureChinaCloud
    Azure Germany Cloud (*) azure.cloudRegion=AzureGermanCloud

    (*) Azure Germany Cloud is currently not supported.

  8. Save the changes and exit from Vi editor.

  9. Restart the vSEC services:

    [Expert@HostName:0]# vsec stop ; vsec start

 

Limitations:

  • Azure Germany Cloud is currently not supported.
  • All new Azure Data Centers will connect to same Microsoft Azure regional cloud
    (there is no option to create one Data Center connected to regular Azure cloud and other Data Center connected to some specific Azure cloud).

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment