Cloud Security- Introduction to Azure Security and Azure Security Center
Hi All,
LIFE IS BEAUTIFUL 🙂 I hope we all are safe:) STAY SAFE, STAY HEALTHY 🙂 STAY HOME 🙂
After the successful series on Azure Networking , Azure Blueprints, Azure Identity And Access Management, we are now starting the series for Cloud Security, mostly covering M365 and Azure security.
So today, in this article we will discuss basic introduction to Azure Security and in subsequent articles we will go in details.
These articles will also helps you to prepare exam – AZ-500 : Microsoft Azure Security Technologies
Introduction: Every application requires security. Security is the key ingredient of any application irrespective of the type of application, where it is hosted and what purpose it is used. Nowadays its huge risk. It can be huge data, personal or financial harm. Organizations reputations can be ruined.
Azure provides wide array of security tools and capabilities to secure our applications and services in Azure.
Azure also provides options to customize security to meet our organization business specific requirements.
Here, I will highlight various Azure capabilities which are available for securing our applications, services in Azure.
In Azure platform built-in capabilities are organized in six functional areas
- Operations
- Applications
- Storage
- Networking
- Compute
- Identity and Access management
Lets discuss what comes under each area
Operations:
- Security and Audit Dashboard
- Azure Resource Manager
- Application Insights
- Azure Monitor
- Azure Monitor logs
- Azure Advisor
- Azure Security Center
Applications:
- Web Application vulnerability scanning
- Penetration Testing
- Web Application firewall
- Authentication and authorization in Azure App Service
- Layered Security Architecture
- Web server diagnostics and application diagnostics
- Application diagnostics
Storage:
- Role-Based Access Control (RBAC)
- Shared Access Signature
- Encryption in Transit
- Encryption at rest
- Storage Analytics
- Enabling Browser-Based Clients Using CORS
Networking:
- Network Layer Controls
- Network Security Groups
- Route Control and Forced Tunneling
- Virtual Network Security Appliances
- Azure Virtual Network
- VPN Gateway
- Express Route
- Application Gateway
- Web Application Firewall
- Traffic Manager
- Azure Load Balancer
- Internal DNS
- Azure DNS
- Azure Monitor logs NSGs
- Security Center
Compute:
- Antimalware & Antivirus
- Hardware Security Module
- Virtual machine backup
- Azure Site Recovery
- SQL VM TDE
- VM Disk Encryption
- Virtual networking
- Patch Updates
- Security policy management and reporting
Identity and access management:
- Secure Identity
- Secure Apps and data
In coming subsequent articles we will discuss each feature one by one in details and if possible with sample application and demos
Azure Security Center:
- Azure Security Center is the place where we keep monitoring the security of our Azure based solutions
- Security Center is a monitoring system that provides threat protection across all of our services both in Azure and in on-premises environment
- Security Center provides:
- Continuously monitor all our services
- Use machine learning to detect and block malware from being installed on your virtual machines and services. We can specify a list of allowed applications to ensure that only the apps are allowed to execute.
- Security recommendations based on our configuration, resource and network
- Generates alerts for resources deployed in Azure as well as on on-premises
- Security Center is available in two tiers
- Free : Available as a part of our Azure subscription. This tier is limited to assessment and recommendations of azure resource only
- Standard : This tier provides a full suite of security-related services including continuous monitoring, threat detection, just-in-time access control for ports, and more.
To login to the Security Center, login to Azure Portal and under Tools click on “Security Center” as
If are new to Azure Security Center then in left hand pane there is “Getting started” link which gives us to various option to explore as shown in below fig. Here “Learn more >” link redirects to the – Azure Security Center documentation
From “Pricing & settings” section we could upgrade the plan and control the settings like
- Email notifications: Setting for Email notifications for high severity alerts
- Data Collection: Setting for allowing Security Center to collect security data and events from our resources and services.
- Threat detection: Enables us configure setting for integrating with other Microsoft security services as shown in below Fig
- Workflow automation
- Continuous export: Various setting options for exporting security center data
References:
- https://docs.microsoft.com/en-us/learn/modules/intro-to-security-in-azure/2a-azure-security-center
- https://docs.microsoft.com/en-us/azure/security-center/
Thanks for reading 🙂 If its worth at least reading once, kindly please like and share. SHARING IS CARING 🙂
Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂
good one