- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- Cloud Network Security
- :
- Discussion
- :
- Re: Azure CloudGuard SMS and Log Server in same re...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Azure CloudGuard SMS and Log Server in same resource group?
Hi,
In Azure, when deploying CloudGuard SMS, there's a requirement when deploying via the Marketplace that the SMS be deployed into an empty resource group. I'm not an Azure expert however I believe the requirement for an empty resource group means that the SMS needs to be deployed into a VNET (and subnet) that's created as part of the deployment (resource group is the parent of VNET and the grandparent of subnet).
When I go to deploy the log server, I use Marketplace to deploy a management server, then change to "configure manually" to run the first time configuration wizard, change type to log server, etc. This works, however the same requirement for an empty resource group (deploy into new VNET, subnet) exists.
The overall result is that the SMS and Log server are in different subnets, in different VNETs, and under different resource groups.
Question - if we wanted, in Azure, to have a CloudGuard SMS and a CloudGuard Log Server in the same subnet, VNET, and resource group, how could we do that using a supported deployment method that would result in a supportable installation? In other words, is there a supported/supportable method of deploying a management server that does not use the Marketplace template?
Cheers,
Andrew
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Andrew,
indeed, you need a empty resource group for each device, but you can use an existing VNET. The wizard is proposing a new VNET but you can change this and select an already existing VNET/subnet.
Matthias
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Andrew,
indeed, you need a empty resource group for each device, but you can use an existing VNET. The wizard is proposing a new VNET but you can change this and select an already existing VNET/subnet.
Matthias
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Matthias, thanks for pointing this out. Resource group for each has to be empty but can use existing VNETs and Subnets. Cheers, Andrew