Cloud Security- Introduction to Azure Security and Azure Security Center

Hi All,

LIFE IS BEAUTIFUL 🙂 I hope we all are safe:) STAY SAFE, STAY HEALTHY 🙂 STAY HOME 🙂

After the successful series on Azure Networking , Azure Blueprints, Azure Identity And Access Management, we are now starting the series for Cloud Security, mostly covering M365 and Azure security.

So today, in this article we will discuss basic introduction to Azure Security and in subsequent articles we will go in details.

These articles will also helps you to prepare exam – AZ-500 : Microsoft Azure Security Technologies

Introduction: Every application requires security. Security is the key ingredient of any application irrespective of the type of application, where it is hosted and what purpose it is used. Nowadays its huge risk. It can be huge data, personal or financial harm. Organizations reputations can be ruined.

Azure provides wide array of security tools and capabilities to secure our applications and services in Azure.

Azure also provides options to customize security to meet our organization business specific requirements.

Here, I will highlight various Azure capabilities which are available for securing our applications, services in Azure.

In Azure platform built-in capabilities are organized in six functional areas

  • Operations
  • Applications
  • Storage
  • Networking
  • Compute
  • Identity and Access management

Lets discuss what comes under each area

Operations:

  • Security and Audit Dashboard
  • Azure Resource Manager
  • Application Insights
  • Azure Monitor
  • Azure Monitor logs
  • Azure Advisor
  • Azure Security Center

Applications:

  • Web Application vulnerability scanning
  • Penetration Testing
  • Web Application firewall
  • Authentication and authorization in Azure App Service
  • Layered Security Architecture
  • Web server diagnostics and application diagnostics
  • Application diagnostics

Storage:

  • Role-Based Access Control (RBAC)
  • Shared Access Signature
  • Encryption in Transit
  • Encryption at rest
  • Storage Analytics
  • Enabling Browser-Based Clients Using CORS

Networking:

  • Network Layer Controls
  • Network Security Groups
  • Route Control and Forced Tunneling
  • Virtual Network Security Appliances
  • Azure Virtual Network
  • VPN Gateway
  • Express Route
  • Application Gateway
  • Web Application Firewall
  • Traffic Manager
  • Azure Load Balancer
  • Internal DNS
  • Azure DNS
  • Azure Monitor logs NSGs
  • Security Center

Compute:

  • Antimalware & Antivirus
  • Hardware Security Module
  • Virtual machine backup
  • Azure Site Recovery
  • SQL VM TDE
  • VM Disk Encryption
  • Virtual networking
  • Patch Updates
  • Security policy management and reporting

Identity and access management:

  • Secure Identity
  • Secure Apps and data

In coming subsequent articles we will discuss each feature one by one in details and if possible with sample application and demos

Azure Security Center:

  • Azure Security Center is the place where we keep monitoring the security of our Azure based solutions
  • Security Center is a monitoring system that provides threat protection across all of our services both in Azure and in on-premises environment
  • Security Center provides:
    • Continuously monitor all our services
    • Use machine learning to detect and block malware from being installed on your virtual machines and services. We can specify a list of allowed applications to ensure that only the apps are allowed to execute.
    • Security recommendations based on our configuration, resource and network
    • Generates alerts for resources deployed in Azure as well as on on-premises
  • Security Center is available in two tiers
    • Free : Available as a part of our Azure subscription. This tier is limited to assessment and recommendations of azure resource only
    • Standard : This tier provides a full suite of security-related services including continuous monitoring, threat detection, just-in-time access control for ports, and more.

To login to the Security Center, login to Azure Portal and under Tools click on “Security Center” as

 Azure - Security Center
Fig1: Azure – Security Center option from Azure Portal
Azure - Security Center
Fig2: Azure – Security Center

If are new to Azure Security Center then in left hand pane there is “Getting started” link which gives us to various option to explore as shown in below fig. Here “Learn more >” link redirects to the – Azure Security Center documentation

Azure - Security Center - Getting started
Fig3: Azure – Security Center – Getting started

From “Pricing & settings” section we could upgrade the plan and control the settings like

Azure - Security Center - Settings => "Pricing & settings"
Fig4: Azure – Security Center – Settings => “Pricing & settings”
  • Email notifications: Setting for Email notifications for high severity alerts
Azure - Security Center - Azure - Security Center - Settings >> Email notifications
Fig5: Azure – Security Center – Azure – Security Center – Settings >> Email notifications
  • Data Collection: Setting for allowing Security Center to collect security data and events from our resources and services.
Azure - Security Center - Settings >> Data Collection
Fig6: Azure – Security Center – Settings >> Data Collection
  • Threat detection: Enables us configure setting for integrating with other Microsoft security services as shown in below Fig
Azure - Security Center - Settings >> Threat Detection
Fig7: Azure – Security Center – Settings >> Threat Detection
  • Workflow automation
  • Continuous export: Various setting options for exporting security center data

References:

Thanks for reading 🙂 If its worth at least reading once, kindly please like and share. SHARING IS CARING 🙂

Enjoy the beautiful life 🙂 Have a FUN 🙂 HAVE A SAFE LIFE 🙂 TAKE CARE 🙂