FortiCASB 4.1.0 Admin Guide

Microsoft Azure Security Integration

FortiCASB provides Azure cloud integration where it integrates Azure Cloud traffic data and provide real time cloud security monitoring. FortiCWP will receive security alerts from Azure security integration and informs users of probe findings.

 

Prerequisite

An active Microsoft Azure AD account with security policy setup is required for Microsoft Azure to provide cloud traffic data to FortiCASB.

 

Before setting up security policy, Data Collection needed to be setup first. Follow these steps to setup data collection.

  1. Log in to Azure portal with you Azure AD account: https://portal.azure.com/.
  2. Search and click on Security Center.
  3. Click Security Policy on Security Center dashboard.
  4. Click Edit Settings next to your subscription.
  5. Under Auto Provisioning, select On.
  6. Under Workspace configuration, leave is as "Use workspace(s) created by Security Center (default)".

  7. Under Windows security events, select "Common".
  8. Click Save at the top of the page.

 

After Data Collection is setup, enable integration to allow security center to integrate with other Microsoft security services by allowing other services to access cloud data.

  1. Select Threat Detection in the settings under Data Collection.

  2. Check on the box next to "Allow Microsoft Cloud app Security to access my data".
  3. Check on the box next to "Allow Windows Defender ATP to access my data".

 

 

If you have Azure Pay as you go subscription, having Data Collection and Threat detection setup is sufficient for Azure Integration. For Azure full subscription users, you may setup security policy. (optional)

  1. On the Security Center dashboard, select Security Policy, and then select your type of subscription.
  2. On the Security policy blade, select Security Policy.
  3. On the Security policy - Security policy blade, turn on appropriate policy items to apply to your subscription.
  4. Select save at the top of the blade.

 

After Azure data collection and integration is enabled, ForitCASB is able extract cloud traffic data from Azure and provide real time cloud security monitoring.