Azure Information Protection Scanner Setup in 5 minutes!
HTML-код
- Опубликовано: 31 июл 2024
- Setup Milestones for you to follow:
Core install notes: docs.microsoft.com/en-us/azur...
Get Azure app token notes: docs.microsoft.com/en-us/azur...
Unified Labelling Client - the scanner is included in this. 2.7.95.0 (preview - don't use this in production)
Windows 2019 server
Install SQL Express
Service account - used for scanner - pre-setup
Azure portal - AIP
Add cluster
Content scan job
Repository c:/data
Put data into c:\Data to scan
Download the executable version of the Azure Information Protection unified labelling client (file name of AzInfoProtection_UL) from the Microsoft Download Center.
www.microsoft.com/en-us/downl...
If there is a preview version available, keep this version for testing only. It is not intended for end-users in a production environment.
Install Scanner
Install-AIPscanner -sqlserviceinstance scanner01\sqlexpress -profile CLUSTER1
Licensing: azure.microsoft.com/en-gb/pri...
Get Azure app token
App registrations
Certificates & secrets
API permissions
Azure right mgmt servc
MIP sync service
Grant
Set AIP authentication
Run discovery cycle
Troubleshooting
Cmdlets - docs.microsoft.com/en-us/powe...
Services
Start-AIPscannerdiagnostics
Update-AIPscanner "change cluster name" - Наука
Thanks for the overview.
It's good to note that SQL Express install is only referenced for Testing, for production scans be sure to use a SQL server instance. There are also other factors to weigh such as capacity, how much data are you scanning, can you break the scans across multiple nodes and also set multiple locations to ensure the speeds. It's a great tool but not as straight forward as a project as people make out. The key is helping organisations understand what it is that is of importance now and the type of content there are searching for, then building the custom sensitivity types through the use of RegEx, having the RegEx tested and validated to ensure it pulls back the accuracy needed from business users etc..... If you need any help in this space, then please reach out.
Thank you for this content
I'm not sure what is the SQL role here, also I didn't see you setup the DB. What needs to be done and what is the purpose? Thanks, great video for me new to MIP scanners
Good video; however, most of the configuration screen is outdated now in 2023. Using it as a configuration reference for some issues I'm having.
Hi, is it possible to create custom "Sensitivity Info Types" in the Microsoft 365 compliance center and have the AIP Scanner can for them when discovering sensitive data? I have created multiple custom sensitivity info types in the compliance center however when testing with the AIP Scanner (with docs that contain matches to the new info types), they are not flagged. I am wondering if this is expected or not.
Why is 'grant admin consent' button showing up grayed out for me?
Maybe permission on the tenant. Are you a global admin?
outdated, don't follow this.