Azure – You can now onboard on-premises workloads to Azure Security Center using Windows Admin Center

By now, you should already know the Azure Security Center (ASC), your one stop shop for security related recommendations and reports to help you improve your Azure security posture.

You should also already know the Windows Admin Center, the new browser-based remote administration tools for Windows.

Well, good news as both are now integrated as Windows Admin Center is now letting you on-board your on-premises workloads to Azure Security Center.

To start onboarding your on-premises workloads to Azure Security Center, start by downloading (currently in version 1910) the Windows Admin Center from https://aka.ms/WACDownload

Then once installed and configured, you can access the Azure Security Center extension

image

From there you will have to sign-in to your Azure tenant by logging on with a one time code; this will register Windows Admin Center to your Azure AD

image  image

NOTE if you have access to multiple Azure AD tenant you may check the tenant ID to ensure you are selecting the correct one

You can automatically create a new Azure AD application (called WindowsAdminCenter-<URL of the admin center>) or re use an existing one if you already have one setup – the Azure AD application has to/will be created within the App registrations blade

Once the application is created, you will need to grant the Grant Admin Consent permission from the API Permissions

image

Then you can finally sign in to your Azure Security Center to gather the configured workspace

image_thumb[4]

Once completed, you will then be able to see your Azure Security Center directly from the Windows Admin Center as well as view the security status of your on-premises servers (under the Resource Security Hygiene\Compute & Apps)

image_thumb[5]

If you need to reset or unregister Windows Admin Center from the Azure Security Center, access the Windows Admin Center Settings and go to Gateway\Azure to unregister

image

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies