What are our most used devices adapters and how are they used? (Part 2 - Cloud & Virtual Machines)

Welcome back! In part 1 of this series, here we talked about Active Directory and Endpoint Management devices. In this article, we go in a bit deeper on Cloud and Virtual Machines. 

Amazon Web Services

What does the tool do?

Amazon Web Services is one of the most comprehensive and broadly adopted public cloud platforms, allowing users to easily deploy virtual machines and networks, as well as access over 200 native AWS services.

What use cases can the adapter solve?

Connecting AWS to Axonius gives you the ability to quickly and accurately catalog key resources within your AWS public cloud across your entire AWS Organization. AWS data within Axonius can be used to review resource/region usage, analyze access policies for users or other AWS principals, and evaluate the configuration of different resources to ensure they adhere to industry best practices.

What data is retrieved?

The AWS adapter is capable of pulling in both device and user data. There are many options available to fine-tune what data is collected. Axonius can fetch device and user data from the following AWS services:

  • Elastic Cloud Compute (EC2)

  • Identity and Access Management (IAM)

  • Elastic Kubernetes Service/Elastic Container Service (EKS/ECS)

  • ElasticSearch

  • Elastic Load Balancers

  • AWS Systems Manager (SSM)

  • Relational Database Service (RDS)

  • Simple Storage Service (S3)

  • Cloudtrail

  • Workspaces

  • Lambda

  • Route53

  • Organizations

  • WAF/WAFv2

  • Amazon Certificate Manager (ACM)

  • DynamoDB

  • Inspector

  • SecurityHub

  • API Gateway

Do any enforcements exist? How can they help?

Axonius has several useful enforcement actions for AWS to assist with managing EC2 instance power states, tagging, and also installed software via SSM.

Azure

What does the tool do?

Azure is Microsoft’s public cloud platform which allows users to deploy virtual machines, virtual networks, and take advantage of over 200 cloud products.

What use cases can the adapter solve?

The Azure adapter allows Axonius users to evaluate their public cloud resources to ensure that they are correctly configured and managed, even across multiple tenants. Users can also leverage data from this adapter to modify software update deployments (including security agents).

What data is retrieved?

The Azure adapter retrieves device data regarding Azure VMs, networks/NSGs, SQL servers, load balancers, storage accounts, key vaults, Redis instances, and Kubernetes.

Do any enforcements exist? How can they help?

In order to help make data in the Axonius platform available directly within Azure, tags can be added to Azure VMs through enforcements.

VMware ESXi and vSphere

What does the tool do?

VMware's solution for virtualization of systems – typically installed on high-powered 'host' computers, and provides hardware-layer virtualization in order to build multiple 'guest' systems of any compatible Operating System (if host hardware is Intel, then the virtualized processor is also Intel). vSphere provides a management layer over multiple ESXi hosts. ​

What use cases can the adapter solve?

The Axonius VMware ESXi adapter is the window into all virtualized workloads under VMware. It will provide full details of each guest system including OS, IP, ‘hardware’ parameters, network allocation, and VMware tools are installed.

What data is retrieved?

ESXi is focused only on devices, and each system (whether on or off) can be reported in Axonius together with Interfaces, IP addresses, MAC, OS details, operational status, etc. ​

Do any enforcements exist? How can they help?

Currently, no enforcement capabilities exist for the VMware ESXi adapter.

0

Comments

0 comments

Please sign in to leave a comment.

Didn't find what you were looking for?

New post