Validating Connectivity with Azure Security Center

Azure Security Center is now hybrid, which means that you can connect computers that are located on-premises, and also in other cloud platforms such as AWS. This onboarding process is well documented in this article. The agent installation is pretty straight forward, and this agent is the same one used for OMS Security, which has versions for Windows and Linux. One question that I always get is: how can I validate that the agent is talking to Azure once the installation is finished?

One way to validate if this connectivity is working properly is by using the tool TestCloudConnection.exe, located in \Program Files\Microsoft Monitoring Agent\Agent folder. Open command prompt in the computer that has the agent installed, move to this folder location and execute the command as shown below:

Non-Azure computers will appear in Security Center with a different icon, as shown below:

In the example above, you have an Azure VM (ASCDEMOVM) and an on-premises computer (W16ATACT), however there are more icons available, read Security health monitoring in Azure Security Center article.