Quickest way to add and manage Azure / AWS address group

Reply
Kenlorenzo
L0 Member

Quickest way to add and manage Azure / AWS address group

Hi All, 

 

New to PA here - What is the quickest and most efficient way to Add / Delete / Manage large lists of IP addresses and subnets such as ones that belong to AWS or Azure?

 

I would like to create an Address Group and add in all Azure or AWS IP / subnets into it. Occasionaly, my guess is I'll have to update this address / subnet list as it gets updated by Azure or AWS.

 

Any thoughts?


Accepted Solutions
BPry
Cyber Elite

You might want to look into MineMeld. They have a node exactly for this and it will handle everything for you and you just set the ebl as the output for that node. That way you won't have to manually add/remove the ip addresses and everything will happen automatically. 

View solution in original post


All Replies
Brandon_Wertz
Cyber Elite

If you're looking for something to do statically...There's a simple import function in address groups.

 

If you're wanting something dynmic...EBLs would probably be the way to go.

BPry
Cyber Elite

You might want to look into MineMeld. They have a node exactly for this and it will handle everything for you and you just set the ebl as the output for that node. That way you won't have to manually add/remove the ip addresses and everything will happen automatically. 

View solution in original post

Kenlorenzo
L0 Member

thanks, let me look at MineMeld, it just might be what I'm looking for!

Sergey.Ivashkin-PL
L2 Linker

have you found anything in minemeld? I;ve seen there a lot of different Office365 (nodes?), but not for Azure.

looking forward to getting answer from you ;-) thx

BPry
Cyber Elite

@Sergey.Ivashkin-PL,

What version of MineMeld are you currently running; JSON support wasn't integrated until a later release so if you haven't updated you won't have the proper prototypes to build out a miner. Since Amazon only publishes the IP address in JSON support the Prototypes for AWS were not built out until after JSON was supporte. The pre-built AWS miners in the current release are the following. 

 

aws.AMAZON

aws.CLOUDFRONT

aws.EC2

aws.ROUTE53

aws.ROUTE53_HEALTHCHECKS

Sergey.Ivashkin-PL
L2 Linker

@BPry I had classes this week, so I've seen MineMeld launched under Autofocus, so it should be latest one. I know that i can install it localy, so I am going to do so. Thank you for info!

BPry
Cyber Elite

@Sergey.Ivashkin-PL,

I'm not that familiar with AutoFocus but my impression was that AutoFocus hosted MineMeld was simply a MineMeld instance running alongside AutoFocus. In the MineMeld section on AutoFocus do you have the ability to actually go into the MineMeld Prototypes listing and search for the Prototypes listed above. I would imagine that they should be there and that the AutoFocus hosted MineMeld is no different than the MineMeld local install? 

Sergey.Ivashkin-PL
L2 Linker

@BPry well, seemed to be so. Probably I did something wrong while I was searching:)

p.s. good to know that it is there, so I will not waste time by installing it, i just had doubts. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!