Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Set up Secure Web Gateway on Azure with the Azure CLI

  1. Last updated
  2. Save as PDF

You can install Secure Web Gateway as a virtual machine on an Azure platform using the Azure command line interface (Azure CLI).

Alternatively, you can set up Secure Web Gateway using a script provided by Skyhigh Security.

To set up Skyhigh Security using the Azure CLI, complete this task.

The command parameters are either fixed, so you can type them as shown here, for example, mwgnativegroup, or have variable values, enclosed in arrows here, for example, <name of a location>.

NOTE: When entering longer commands in more than one line, be sure to use a \ (backslash) at the end of each line that is followed by another line, as shown below. Also, enter each command parameter completely in one line.

  1. Download the Secure Web Gateway software.
    1. Open a browser and go to Licenses on the Content & Cloud Security Portal.
    2. Download the VHD file with the Secure Web Gateway software to a directory on your system. Note down the link name for later use.
       
  2. On the Azure CLI, navigate to the directory with the VHD file, then run this command to log on to the Azure portal:

    az login

     
  3. Create a resource group:

    az group create --name mwgnativegroup --location <name of a location>


    As the location, specify, for example, southindia.
     
  4. Create the storage for the resource.
    1. Create a storage account:

      az storage account create --resource-group mwgnativegroup \

      --location <name of a location> --name mwgimgstorage \

      --kind storage --sku standard_lrs

      Specify the same location as in step 3.
       
    2. Create a storage container:

      az storage container create --account-name mwgimgstorage --name mwgimg
       
  5. Upload the VHD file with the Secure Web Gateway software to Azure using a copy command and a SAS token.
    The copy command is provided by the AzCopy command-line utility. You can download this utility from the Microsoft Azure product documentation site. Alternatively, you can upload this file using a storage account key. If you prefer this method, continue with step 6. Otherwise, continue here.
    1. Create an SAS token.
      • At the Azure portal, click All resources, then select the storage account that you created in step 4a.
      • Click Shared access signature, then click Generate SAS and connection string.
        The SAS token is generated. Note down its name, for use in the next substep.
    2. Run a copy command to upload the VHD file:

      azcopy copy <link to the VHD file on the portal> \

      https://mwgimgstore.blob.core.windows.net/mwgimg/<name of the VHD file><name of the SAS token>

      The link to the VHD file is the one that you noted down after going to the Content & Cloud Security Portal. When specifying the name of the VHD file, you can type it with or without the .vhd extension.

      The SAS token is the one created in substep a.

      Continue with step 7.
       
  6. Upload the VHD file with the Secure Web Gateway software using a storage account key.
    1. Create a list of the storage account keys:

      az storage account keys list --resource-group mwgnativegroup \

      --account-name       mwgimgstorage

      Note down the name of the first key on the list that you have created, for use in the next substep.
       
    2. Upload the VHD file.

      az storage blob upload --account-name mwgimgstorage \

      --account-key <name of the first key on the list> \

      --container-name mwgimg --type page \

      --file <name of the VHD file> --name <name of the VHD file>

      The account key must be the first on the storage account keys list that you created in substep a.
       
  7. Create a managed disk for the virtual machine:

    az disk create --resource-group mwgnativegroup \

    --name mwgmanagedimg --size-gb <size in GB> \

    --source https://mwgimgstore.blob.core.windows.net/mwgimg/<name of the VHD file>

    As size, specify the GB that you planned for the virtual machine when considering the system requirements, for example, 500, omitting the letters GB.
     
  8. Create a virtual machine:

    az vm create --resource-group mwgnativegroup --location <name of a location> \

    --name mwgnativevm --os-type linux --size <name of the size type> \

    --attach-os-disk mwgmanagedimg

    Specify the same location as in step 3. As size type, specify the Azure size type that you chose for the virtual machine when considering the system requirements, for example, Standard_D8s_v3.

Secure Web Gateway is now installed as a virtual machine on an Azure platform. Continue with looking up and configuring access parameters for Secure Web Gateway.

To use a script for this setup, see Set up Secure Web Gateway on Azure with a Script.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.