Views:
You can add and protect Microsoft Azure virtual machines by connecting a Microsoft Azure account to Server & Workload Protection. Virtual machines appear on the Computers page, where you can manage them like any other computer.
Topics in this section:

What are the benefits of adding an Azure account? Parent topic

The benefits of adding an Azure account (through Server & Workload Protection > Computers Add Azure Account) instead of adding individual Azure virtual machines (through Server & Workload Protection > Computers Add Computer), are:
  • Changes in your Azure virtual machine inventory are automatically reflected in Server & Workload Protection. For example, if you delete a number of instances in Azure, those instances disappear automatically from the Server & Workload Protection console. By contrast, if you use Computers Add Computer, Azure instances that are deleted from Azure remain visible in the Server & Workload Protection console until they are manually deleted.
  • Virtual machines are organized into their own branch in the Server & Workload Protection console, which lets you easily see which Azure instances are protected and which are not. Without the Azure account, all your virtual machines appear at the same root level under Computers.

What Azure regions are supported? Parent topic

Currently Server & Workload Protection supports the Azure connector in the following regions:
  • Azure Global (both UI and API supported)
  • Azure US Gov (API only)
It does not support Azure China.

Add virtual machines from a Microsoft Azure account to Server & Workload Protection Parent topic

Add your Microsoft Azure account to Server & Workload Protection following the instructions below.

Procedure

  1. Before you begin, create an Azure app for Server & Workload Protection.
  2. In the Trend Vision One console, go to Service ManagementCloud Accounts.
  3. Enter a Display name, and then enter the following Azure access information you recorded in step 1:
    • Directory ID
    • Subscription ID
    • Application ID
    • Application Password
      Note
      Note
      • If you are upgrading from the Azure classic connector to the Azure Resource Manager connector, the Display name and the Subscription ID of the existing connector will be used.
      • If you have multiple Azure subscriptions, specify only one in the Subscription ID field. You can add the rest later.
  4. Click Next.
  5. Review the summary information, and then click Finish.
  6. Repeat this procedure for each Azure subscription, specifying a different Subscription ID each time.

What to do next

The Azure virtual machines will appear in the Server & Workload Protection console under their own branch on the Computers page.
Tip
Tip
You can right-click your Azure account name and select Synchronize Now to see the latest set of Azure VMs.
Tip
Tip
You will see all the virtual machines in the account. If you'd like to only see certain virtual machines, use smart folders to limit your results. See Group computers dynamically with smart folders for more information.
Note
Note
If you have previously added virtual machines from this Azure account, they will be moved under this account in the Computers tree.

Manage Azure classic virtual machines with the Azure Resource Manager connector Parent topic

You can also manage virtual machines that were added with the Azure classic connector with the Azure Resource Manager connector, allowing you to manage both your Azure classic and Azure Resource Manager virtual machines with a single connector.
For more information, see Why should I upgrade to the new Azure Resource Manager connection functionality?

Procedure

  1. On the Computers page, in the Computers tree, right-click the Azure classic portal and then click Properties.
  2. Click Enable Resource Manager connection.
  3. Click Next. Follow the corresponding procedure above.

Remove an Azure account Parent topic

Removing an Azure account from the Server & Workload Protection console permanently removes the account from Server & Workload Protection but it does not affect the Azure account. Virtual machines with agents will continue to be protected, but will not receive security updates. If you later import these virtual machines from the same Azure account, the agents will download the latest security updates at the next scheduled update.

Procedure

  1. Go to the Computers page, right-click on the Microsoft Azure account in the navigation panel, and select Remove Cloud Account.
  2. Confirm that you want to remove the account.
  3. The account is removed from the Server & Workload Protection console.

Synchronize an Azure account Parent topic

When you synchronize (sync) an Azure account, Server & Workload Protection connects to the Azure API to obtain and display the latest set of Azure VMs.
To force a sync immediately:

Procedure

  1. In the Server & Workload Protection console, click Computers.
  2. On the left, right-click your Azure account and select Synchronize Now.

What to do next

There is also a background sync that occurs every 10 minutes, and this interval is not configurable. If you force a sync, the background sync is unaffected and continues to occur according to its original schedule.