Azure Arc - Understanding - Existing servers and Azure services being used

Question

Hey team!

Ok so, I am currently looking at Azure Arc, as a platform for monitoring and managing on-premise servers.
I wanted to understand some Azure components a bit better before adding them to the Azure Arc Infrastructure.

We currently have on-prem servers talking to Azure via Microsoft Monitoring Agent, connected to a Log Analytics Workspace. They are also connected to Defender for Cloud. We use these platforms to have some visibility of them, and for a security standpoint, detecting events and vulnerabilities and software versions via the Defender portal.
But we're currently using an on-prem product to perform restarts, custom actions, or audit and reporting on hardware or software, and monitoring performance, processes or services, or event logs etc.

If I add this server into Azure Arc, should any of this existing setup with Azure get changed or replaced? Such as the MMA and Log Analytics Workspace.
Will I have crossover of two platforms collecting or dealing with the same area?

Thanks for any feedback.
Ian

Answer 1

Azure VMs have a built-in guest agent service that allows the Azure Framework to deploy, secure, and manage admin software like monitoring agents but deploying an extension.

Several of these extensions are not available as a stand-alone installs. The AMA agent for example is only available as an extension.

Extensions can also be assigned to VMs by Azure Policy.

Azure Arc is the guest agent for non-Azure servers. It allows Azure to install admin software as an extension. Just like Azure VMs, the extensions are assigned by policy and the install, credentials, and updates are managed by Azure.

Azure Arc cannot be installed on Azure VMs.

So the AMA is only available as an extension. For your MMA agent, the extension-based deployment may update the MMA agent version but it should not replace the agent/config.