Integrating Managed Security Awareness with Azure Active Directory or Microsoft 365

Configuration Guide

Updated May 20, 2022

Overview Direct link to this section

You can integrate Arctic Wolf Managed Security Awareness® (MA) into Azure Active Directory (AD) or Microsoft 365.

This integration enables your selected AD group to sync nightly with the MA program. The group that you select represents your end users for the MA program.

Notes:

Integrating Managed Security Awareness Direct link to this section

To integrate MA with Azure AD or Microsoft 365:

  1. If you are using:

    • Azure AD — Sign in to the Azure AD admin center, and then select Azure Active Directory.
    • Microsoft 365 — Sign in to the administration center, and then select Azure Active Directory from the navigation pane. This opens the Azure AD admin center.
  2. Under Manage, select App registrations > New registration.

  3. Enter the name that you want displayed for your application. We recommend naming it Arctic Wolf Managed Security Awareness Integration to ensure that it is easy to identify in the future.

  4. Confirm that Supported account types is set to Accounts in this organizational directory only (Single tenant).

  5. Click Register. This opens the page for the newly registered application.

  6. Note these values. You must later provide these values to Arctic Wolf using the Egnyte link provided to you:

    • Application (client) ID
    • Directory (tenant) ID
  7. In the navigation pane under Manage, select API permissions.

  8. Select Add a permission, and then select Microsoft Graph.

  9. Select Application permissions, and then enable these permissions:

    • Directory.Read.All

    • User.Read.All

      Note: If you receive a message similar to Not granted for <company name>, select Grant admin consent for <company name>.

  10. In the navigation pane, under Manage, select Certificates & secrets.

  11. In the Client secrets section, select + New client secret, and then create the secret:

    1. Enter a meaningful description for the client secret, such as Arctic Wolf Secret.
    2. Set the expiry period to 24 months.
    3. Click Add.
  12. Verify that your new client secret appears in the Client secrets section, and then copy Value in the Client Secret section to a secure location. You must later provide this value to Arctic Wolf using the Egnyte link provided to you.

    Notes:

    • This value is only viewable during the application registration.
    • The required value is Value, not Secret ID.
  13. In the Azure Active Directory menu, select Manage > Groups. We use groups to query all users that partake in MA training. If you:

    • Have an existing group — Proceed to the next step.
    • Do not have an existing group — Click Groups > New Groups, and then enter group information and select the appropriate users for this group.

    Notes:

    • You cannot select a group containing other groups.
    • Arctic Wolf cannot sync more than one group.
  14. Make note of the Group Name value. You must later provide this value to Arctic Wolf using the Egnyte link provided to you.

  15. Provide these values for your Azure AD or Microsoft 365 environment to your Concierge Security Team® (CST) in a secure file on Egnyte:

    • Application (client) ID
    • Directory (tenant) ID
    • Client Secret value
    • Group Name

    Tip: Arctic Wolf provides the Egnyte link to you in advance.

Proceeding with MA configuration Direct link to this section

To proceed with MA configuration, see Managed Security Awareness Configuration Guide.

AD credential expiry settings Direct link to this section

To prevent AD integration sync issues, ensure that the expiration date for the tenant and client secret in your AD settings is set to 24 months.

AD administrators receive notifications when a tenant is going to expire. If the tenant expires before an administrator renews the secret, the MA program is unable to sync to your AD group, and your users no longer receive the scheduled content from the program. If this occurs, Arctic Wolf may reach out to you for an updated client secret.