Reply

Azure vDiscovery

New Member
Posts: 1
3326     0

Since the upgrade for being able to scan multiple subscriptions, we have hit an issue.

In Azure you can have overlapping IP ranges, as long as they aren't peered, especially with services like Databricks where "farms" are auto deployed via Microsoft PaaS services. It seems that IB doesn't like this and the scan just falls over. As with any of the Discovery logs are very lacking. The subscription in question also contain VNETs with standard subnets that are peered, so I can't exclude whole subnets.

 

Has  anyone else seen this issue, and come up with a workround?

 

Thanks

Michael

Re: Azure vDiscovery

[ Edited ]
Superuser
Posts: 65
3327     0

Hi Michael,

 

This is expected behavior when vDiscovery encounters overlapping IP space. There are a couple options you can use here. If you want to discover all VNets, including the overlapping space, you can set the option "The tenant's network view (if it does not exist, create a new one)" on the Network View tab of the vDiscovery Job Properties. This will create seperate network views in your Grid for the overlapping space. The other option is to restrict vDiscovery to specific VNets by setting permissions in Azure at the VNet and/or resouce group level instead of for the entire subscription for the app used.

 

Jason

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin