OMS Gateway relay

David Werner 66 Reputation points
2020-11-19T07:57:49.087+00:00

Hi,

We have servers located within the corporate DMZ. These severs are not allowed any communication to the Internet (inbound or outbound), thus are not able to transport their configured device information directly to Microsoft Defender for Endpoint in Azure.

Is it possible to set up an OMS Gateway inside the DMZ and another OMS Gateway outside the DMZ, have the inside OMS Gateway forward the collected information to the outside OMS Gateway and then to Azure? This way we would not have communication within the DMZ directly to the Internet.

Regards,

David

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,276 questions
{count} votes

Accepted answer
  1. CyrAz 5,181 Reputation points
    2020-11-21T09:54:28.56+00:00

    The gateway is basically just a web proxy with a limited list of allowed outgoing urls, and itself can be configured to go through a proxy (see https://learn.microsoft.com/en-us/azure/azure-monitor/platform/gateway#install-log-analytics-gateway-using-setup-wizard ).
    So I guess you could configure the DMZ gateway to go through the other gateway, or through any regular proxy you want.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.