Hello friends, I’ve been facing a challenge: we have a large number of Azure/AWS assets, and I’m trying to streamline the authentication process for these accounts. How have you all been managing to connect globally to these devices successfully? We have over 30,000 assets. So far, we’ve tried manually connecting to each device, but this isn’t a feasible option. What are the best practices or most efficient ways to accomplish this?" any help is highly appreciated
We are nowhere at your scale… Are you trying to do authenticated InsightVM scans or manage accounts on those assets?
Are those a mix of Windows and Unix assets (servers or endpoint versions)?
There would be different models based on what they are but they could more easily scale (e.g. ansible for unix and pam.d configuration to attach to a LDAP / AD centralized authentication server, etc.)
Yes, it is a mix of both Apple machines, and we do have an authentication server. Sometimes, those credentials don’t work on some and work on others. Yes, it’s kind of difficult to get this all authenticated. It has been a challenge even architecture new ideas.
we used shared credentials stored in IVM but our estate is way smaller than yours. That is huge.
Have you considered splitting assets out into sites and have a shared credential for assets per site.
e.g. Site for macs by location which would have one shared credential. just an example. We split our sites by OS but that’s only manageable because of our size.
my two cents.
Yes, and that did not work out due to our large AWS/Azure environment. So, it would need a global account instead of a username and password on each device. With 40K total assets, this is getting challenging, and finding a solution besides agents for network devices is nearly impossible. any help is highly appreciated it at this point.