Installing BMC Defender Office 365 adapter

The BMC Defender Office 365 adapter is usually delivered as a self-extracting Zip file.

Installation requirements

The BMC Defender Office 365 adapter is minimally invasive. You can install it on a variety of platforms and operating systems.

  • Existing BMC Defender Server installation—Before you install the software, you must install the BMC Defender Server system on a Windows platform, as discussed in the BMC AMI Defender for z/OS Reference Manual.
  • Disk space requirements—The software requires no significant disk space beyond the normal footprint of the BMC Defender Server. Generally, there is no extra disk space load due to this software.
  • CPU requirements—The software requires very little extra CPU requirements. A single process is started on the BMC Defender Windows platform that consumes minimal CPU resources.
  • Service ports—The software requires access to the standard syslog port of 514. You should adjust the firewalls to accommodate this service port and communication channel between CO-o365.exe program and the BMC Defender Server.
  • JRE installation—The software requires the Java Runtime Environment to be installed at the BMC Defender Server. It also requires the path to the Java.exe program to be known and accessible to the program. 
  • Microsoft Cloud App Security service—The software requires the site to install Office 365 and purchase the Cloud App Security service from Microsoft.

To perform the software installation, you must have administrative logins. The detailed steps required to perform the installation are provided in the sections that follow.

To ensure proper installation of the program, you should close all windows and temporarily disable any port that blocks or virus scan software on the system. You should stop the existing BMC Defender Server process prior to the installation. You do not need to reboot the system after installation.

Basic installation procedure

To install it, you require a few simple manual installation steps, mentioned as follows:

  1. Obtain the BMC Defender Office 365 adapter in a self-extracting WinZip format. You can directly obtain the file from BMC Support and from other locations.
  2. Execute the self-extracting Zip file. This unzips the software into BMC Defender Windows Distribution, including all configuration data, executables, and documentations.

  3. Install a modern version of the Java Run Environment (JRE) on the BMC AMI Defender for z/OS platform when required.

    Note

    The Office 365 Agent adapter is one of the few BMC components that requires Java. The Java JRE is a free software, furnished by Oracle corporation. You must know the path to the Java.exe program on the platform during the configuration process.

  4. Create and configure the Microsoft Cloud App Security parameters of the Office 365 installation and obtain both a Java Jar file and security token from the web.

    Note

    You require these two components to install and configure the agent, as documented in the detailed installation procedure.

  5. Configure other parts of the BMC Defender system, such as threads, alerts, and ticket users, to correlate and process the syslog messages that are generated by the software.

BMC package installation procedure

The specific steps need for you to install the software at the BMC Defender Server are as follows:

  1. Log on to the BMC Defender Server Windows platform using an administrator type login.
  2. Obtain and execute the co-n-n-n-o365.exe package, extracting files to the directory location where BMC Defender is installed. (The default installation directory is C:\Program Files\BMC Software\BMC Defender.) This installs the files and configures the CO-o365.exe program to start when the BMC Defender server framework service is restarted.
  3. Log on to the BMC Defender Server web interface and verify that a new Messages > Adapters > Office 365 tab exists in the system. (Configuration of this screen is explained in the next section of this space.)

Installing and configuring the Cloud Security app service

Once the adapter software has been installed, you should configure the Microsoft Cloud Security App service. This is given in detail in your Microsoft documentation. The steps are outlined as follows:

  1. Log on to the Microsoft Cloud App Security portal, access security extension and click the SIEM Agents tab to access the configuration wizard.
  2. Select an SIEM format using Generic CEF. Other options are available and arbitrary. Specify the IP address or the host-name of the BMC Defender Server and select UDP as the syslog protocol.
  3. Obtain the security token and paste it to notepad or some other location for safe keeping. (This value is used during the configuration process of the next section.)

  4. Download the SIEM Agent Jar file and place this file in the installationDirectory\o365 folder of your installation. Make a note of the Jar file name. 

    Note

    This might require you to unzip the Jar file or perform other installation steps required by Microsoft.

Consult Microsoft documentation for further details. 

Related topics

BMC-Defender-Office-365-adapter-deprecated

Configuring-BMC-Defender-Office-365-Adapter


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*