Deploy the Bomgar PA Appliance into a Microsoft Azure Environment

For administrators who wish to deploy the Bomgar Virtual Appliance into their Microsoft Azure environment, follow the steps below.

Important

You must have a Microsoft Azure account and environment already configured. Also, you must install the Azure PowerShell Module on your machine, which may require a PowerShell upgrade. For more information about installing and configuring the Azure PowerShell Module, please see Install and configure Azure PowerShell .

The email received from Bomgar indiciating how to receive the files for deploying the Bomgar Appliance into your Azure environment

  1. Open the email you received from Bomgar Technical Support and select the Click Here for your Bomgar Virtual Appliance (Azure) for Privileged Access Management link to download the BomgarPAM_azure.exe file.
  2.  

    Downloading the BomgarPAM_azure.exe file in a browser

  3. Click BomgarPAM_azure.exe within your browser to begin installation.
  4.  

    The Security Warning prompt for running the BomgarPAM_azure.exe file.

  5. If you receive a Security Warning prompt, click Run.
  6.  

     

    An editable prompt where you can indicate where you would like to extract the azure file to on your local machine.

  7. Choose where you wish the files to be extracted to on your desktop. Click Extract.
  8.  

    A prompt with a blue progress bar showing how extraction is progressing.

  9. Wait for the files to extract. You can review the Elapsed Time, Remaining Time, and blue progress bar to see how extraction is progressing.
  10.  

     

  11. When extraction is complete, the BomgarPAM_azure.exe, Deploy_AzureBomgarVM.ps1, and Bomgar-br.v.2.vhd files appear in the location you designated during the extraction process. Right-click on the Deploy_AzureBomgarVM.ps1 PowerShell script and click Edit.
  12. The PowerShell Script completed with variables from an Azure environement.

  13. Once the PowerShell script opens, locate STEP 1 and modify the following variables based on the specifics of your Microsoft Azure environment:
    • Resource Group Name
    • Storage Account Name
    • Location (e.g., westus)
    • vnet Name
    • subnet Name

Note: The vmName does not need to be changed.

     

    The PowerShell script lists different options for Azure environment sizing and allows you to comment in the size you desire.

  1. Locate STEP 2. Uncomment the desired deployment size of your appliance. The options are:
    • Small
    • Medium
    • Large

     

    The BomgarPAM_azure script running in Windows PowerShell.

  2. Save and run the script in Windows PowerShell.
  3.  

    The login prompt for Microsoft Azure.

  4. When prompted, enter your credentials and sign into your Microsoft Azure account.
  5.  

    The Azure Data Collection message appearing in PowerShell.

  6. In Windows PowerShell, you should receive a message stating AzureRM Modules found. You can also choose to assist Microsoft Azure in data collection at this time.
  7.  

    Message in PowerShell indicating the MD5 hash is being calculated.

  8. Next, the system configures an MD5 hash, uploads the appliance into your Azure environment, and configures a public IP address for your Bomgar Virtual Appliance.
  9. Message in PowerShell indicating the appliance is being uploaded into Azure.

     

    The PowerShell window indicating the IP address for the Appliance.

  10. You are then prompted to go to the IP address configured for your appliance. The message reads For Appliance, administration, go to https://xx.xx.xx.xxx/appliance.
  11.  

    The Bomgar section allowing you to enter your Appliance License Key to register your appliance.

  12. On the /appliance page, enter your Appliance License Key provided in the email from Bomgar Technical Support. Click Save.
  13. To setup a persistent URL for your appliance, you can perform one of two options:
    • In the Azure console, set the appliance's external IP to Static. Then assign your DNS entry to that external IP.
    • Or, apply a DNS name within Azure. Set a CNAME record pointed to that address.

Note: No further network or console configuration is needed for Azure-based appliances. Please continue to Register and Update the Privileged Access Virtual Appliance