What SN feature is better for Azure Cloud Discovery (Azure Service Graph OR Pattern based Cloud?

varunkumar11863
Tera Expert

What SN feature is better for Azure Cloud Discovery (Azure Service Graph OR Pattern based Cloud Discovery)? We want to do Horizontal discovery on Azure VMs but foreseeing issues like VPN, Credentials. Would SG connector able to retrieve SW Installs and Running processes without any additional access? If yes, isn't this a security issue if Connector is able to read target host information without getting adequate access? Or does it require access from VM Owner?

1 ACCEPTED SOLUTION

Hi,

 

Yes, that is how I understand it and then Azure SG fetches this information through the log analytics api.

 

Regards,
Niklas

View solution in original post

6 REPLIES 6

Hi,

 

Yes, that is how I understand it and then Azure SG fetches this information through the log analytics api.

 

Regards,
Niklas

varunkumar11863
Tera Expert

To add to the conversation for everyone's benefit:

  1. The cloud discovery with patterns (based on Azure API) is reliant on mid-server. Service Graph connector does not need MID as it directly connects from instance, using integration hub orchestration but it relies on Azure analytics service to be enabled in each region. SG also requires less permissions setup.
  2. Azure Cloud discovery discovers data for both Cloud Resources and full horizontal discovery. SGC for Azure populates data but is limited to fewer classes.
  3. Full Azure cloud discovery brings in more CI types than Azure SGC

 

It eventually depends upon level of access you can have in Azure Cloud. Cloud Horizontal Discovery will give you more provided you have permissions and cost to run MIDs on Azure.