|
Default Parameters for AzrADAppRgstrtnTest
This test monitors application registrations on Azure AD, and reports the count and details of applications with invalid or expired secrets/certificates. With this information, administrators can rapidly identify applications with a high security risk quotient, and initiate measures to mitigate those risks. The test also alerts administrators to secrets and certificates that are about to expire, and thus enables administrators take proactive action against impending expiry. Additionally, the test also points administrators to ‘unprotected’ applications - i.e., applications without certificates or secrets. This way, the test urges administrators to employ either or both of the authentication options that Azure AD provides and secure their critical applications.
This page depicts the default parameters that need to be configured for the AzrADAppRgstrtnTest.
The eG agent communicates with the target Microsoft Azure Subscrption using Java API calls. To collect the required metrics, the eG agent requires an Access token in the form of an Application ID and the client secret value.Specify the Application ID of the created Application in the CLIENT ID TEXTBOX To know how to determine the Application ID Click here. Specify the client secret value in the CLIENT PASSWORD text box. To obtain the client secret value Click here.
In some environments, all communication with the Azure cloud be routed through a proxy server. In such environments, you should make sure that the eG agent connects to the cloud via the proxy server and collects metrics. To enable metrics collection via a proxy, specify the IP address of the proxy server and the port at which the server listens against the PROXY HOST and PROXY PORT parameters. By default, these parameters are set to none , indicating that the eG agent is not configured to communicate via a proxy, by default.
If the proxy server requires authentication, then, specify a valid proxy user name and password in the PROXY USERNAME and PROXY PASSWORD parameters, respectively. Then, confirm the password by retyping it in the Confirm Password text box.
By default, EXPIRE DAYS LIMIT parameter is set to 90 days. This means that the test, by default, counts the certificates and secrets that will be expiring any time within the next 90 days, and reports those numbers as the values of the Certificates about to expire and Clients secrets about to expire measures, respectively. Also, these measures will raise an alert only if there is at least one certificate/secret that is set to expire within 90 days from the current day. You can change the value of this measure, if you want to be alerted sooner or later to the impending expiry of certificates or secrets. For instance, if you change the value of this parameter to 15, then the test will wait till there are only 15 days for a secret/certificate to expire to alert you to the expiry. On the other hand, if you change the value of the measure to 120 days, then the alert will be sent sooner - i.e., the test will notify you even if a certificate/secret is 4 months away from expiry.
The DD FREQUENCY refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD FREQUENCY.
When changing default configurations of tests, the values with “$” indicate variables that will be replaced by the eG system according to the specific server being managed - for instance, $hostName is the host/nickname of the target host, $port is the port number of the server being monitored. E.g., for a server xyz:80, $hostName will be changed automatically by the eG manager to “xyz*” and $port will be changed to “80” when configuring a test.
|