Hi everyone! I'm currently in the process of setting up Azure ARC for on-prem servers to send logs to Azure Sentinel. Our tenant doesn't have ExpressRoute configured, and I'm weighing the options for networking. I've learned that using a public endpoint is one method, but I'm concerned about its security despite the TLS transmission. I'm looking for alternative solutions, ideally low-cost options, that would allow me to send logs over private traffic. What would you recommend?
2 Answers
If you decide to go with a VPN or ExpressRoute, you’ll need to implement private endpoints, which can add to your costs. Just keep that in mind as you plan this out!
A solid option is to set up a VPN tunnel between your on-premises servers and your Azure virtual network. It can provide a secure connection, especially since you're concerned about safety. However, we've recently switched to using the Global Secure Access Client, which is a bit different but works under a zero-trust model. It tends to work pretty smoothly most of the time, though we've had some minor hiccups along the way.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures