Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Use the following checklist to ensure all steps in this section are complete.
- Choose a connectivity option to support the assessment being configured
- Deploy the connectivity option that fits best for your organization and for the assessment being configured
There are four scenarios available to configure an assessment. Determine which scenario fits best for your organization.
- Agent Only Method
- Agent + Log Analytics Gateway Method
- SCOM Method
- Offline – Disconnected environment
The following illustration visually shows the scenarios:
Agent Only Method
Decision points at a glance:
- When you want to install the Azure Log Analytics agent on the data collection machine, and have it connected to the internet to upload recommendations and supporting details to your Log Analytics workspace.
- When you're setting up one of the cloud assessments that collect and assess cloud specific data.
- Ideal when you only have a single machine in your environment to be dedicated to this setup.
This scenario can be used when the data collection machine contacts Log Analytics. It requires one computer to be designated as the data collection machine which has to be able to access the internet to upload data to log analytics. This scenario can be used in environments where the internet connection isn't restricted.
Important
This connectivity scenario must be used for any of the On-Demand cloud assessments. These include:
- Office 365 Exchange Online
- Office 365 Skype and Teams
- Office 365 SharePoint Online
- Microsoft Azure
Agent + Log Analytics Gateway Method
Decision points at a glance:
- When you don’t want to expose your data collection machine to the Internet and you'd like to use a proxy configuration through the Azure Log Analytics gateway
- Ideal when you have two separate machines in your environment to dedicate to this setup
This scenario is the most secure and recommended option to help protect privileged account credentials which are used on the scheduled task configured on the data collection machine needed to run the assessment. This scenario requires two computers. One designated as the data collection machine, and the second machine as the Log Analytics Gateway. In this scenario, the data collection machine has no internet connection and connects to the Log Analytics Gateway to upload recommendations and supporting data to log analytics. The Log Analytics Gateway must have internet access.
Get more information about the Log Analytics Gateway.
SCOM Method
Decision points at a glance:
- When you have a SCOM management server configured in your environment and connected to all the targets you wish to assess.
In this configuration SCOM either acts as the gateway itself, or it uses the Log Analytics Gateway to send data to log analytics.
Offline – Disconnected environment
Decision points at a glance:
- There's zero connection allowed from the assessed environment to the Internet or to any other machine that has internet access such as the Log Analytics Gateway or proxy.
- In this scenario, we require two machines:
- One is the data collection machine and needs to fulfill prerequisites from the assessment.
- The other is the machine that has internet access and can upload data to Azure Log Analytics.
- This machine can be running any supported version of Windows Server or Windows Client that can run the Microsoft Management Agent.
Important
This connectivity scenario can't be used for any of the following On-Demand assessments. These include:
- Office 365 Exchange Online
- Office 365 Skype and Teams
- Office 365 SharePoint Online
- Microsoft Azure
- SharePoint Assessment
Continue getting started with On-demand Assessments by selecting the Log Analytics Gateway for Azure Monitor Setup article in the Table of Contents.