Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



Azure vDiscovery

New Member
Posts: 1
2863     0

Since the upgrade for being able to scan multiple subscriptions, we have hit an issue.

In Azure you can have overlapping IP ranges, as long as they aren't peered, especially with services like Databricks where "farms" are auto deployed via Microsoft PaaS services. It seems that IB doesn't like this and the scan just falls over. As with any of the Discovery logs are very lacking. The subscription in question also contain VNETs with standard subnets that are peered, so I can't exclude whole subnets.


Has  anyone else seen this issue, and come up with a workround?




Re: Azure vDiscovery

[ Edited ]
Posts: 65
2864     0

Hi Michael,


This is expected behavior when vDiscovery encounters overlapping IP space. There are a couple options you can use here. If you want to discover all VNets, including the overlapping space, you can set the option "The tenant's network view (if it does not exist, create a new one)" on the Network View tab of the vDiscovery Job Properties. This will create seperate network views in your Grid for the overlapping space. The other option is to restrict vDiscovery to specific VNets by setting permissions in Azure at the VNet and/or resouce group level instead of for the entire subscription for the app used.



Showing results for 
Search instead for 
Did you mean: 

Recommended for You

NIOS 8.6.3 – What’s New in DDI