Azure Security Center
Azure Security Center now provides unified security management for your hybrid cloud
workloads delivering a single view of security across Azure, on-premises, and other clouds. So let’s take a look.
Let’s start by showing you some security policy. You can apply security policy across your hybrid workloads
to ensure compliance with company or regulatory security requirements.
For example, I will show you an example of one created here already under my data collection here.
You can see I have my policy components and I can configure that, by default,
I’m going to have the automatic provisioning of monitoring agents. Let me show you what that gets you.
And by the way, you can configure those security events. Am I looking at all events, common events, minimal events, or none?
Of course, I’m going to stick with all events. So,if I take a look at security policy,
take a look at what this actually provides me. Think about the machine learning, the data intelligence,
what we’re doing by providing our recommendations from the cloud and how it can help you with your workloads.
We’re providing recommendations for system updates, OS vulnerabilities, endpoint protection,
disk encryption, application firewalls, vulnerability assessments, encryption, SQL Auditing & Threat detection,
and so much more. So, with this, you can define these granular security policies for your, Azure subscriptions and Security Center.
Which gives you the broad options to find compliance from monitoring specific vulnerabilities
or requiring a standard configuration. Pretty powerful stuff we’ve got here. So let’s go back…
.and let’s go back to our computing. So what I’ve shown you already is a security policy, let me show you a look…
a view from a resource. For example, from a compute standpoint, what I’m now seeing is because I’ve applied policy,
and because I’m actually monitoring my workloads, I can see that wow, I’ve got some VM agents that are missing or not
responding, so I’ve got some work to do there. I have some unprotected computers detected, wow,
there’s something I’m providing keen insight across all of my organization and again this could be running on-premises,
as well as in Azure. So I’ve recommendations. So taking the machine learning, data analytics,
AI we have, we’re actually coming back and saying, “Look, let’s give you a recommended list of things
to do– endpoint protection issues, here’s exactly what you need to do. You need to remediate some OS vulnerabilities.
Here are the systems you need to take a look at now.” And you can see, that’s from a compute standpoint.
We also have this from a networking standpoint to provide your best practices as well there, in addition.
Let’s also take a look at storage. One of the common areas we get asked about is,
“What can you do, for example, to help me from a database perspective?”
Well, here, you can see we have recommendations specifically here for SQL Server,
for Auditing & Threat detection, for database auditing, storage encryption, for those workloads
that you want to make sure, you know what, these are incredibly mission critical and in fact,
there’s protected data here, we need to make sure that it’s actually encrypted.
So here’s a very specific one for SQL and storage. Of course, if you want to look across all of your recommendations,
then we can take a step back and take a look beyond just virtual machines. Again, looking at all of your workloads
wherever they reside. Take a look at these recommendations that we’re providing you.
We’re giving you this information to help you run your organization better.
For example, I mentioned earlier, I have 40 VMs that I need to enable the VM agent for.
So, guess what, I click on this, it’s going to take me right to those virtual machines. In fact,
I have endpoint protection not installed on virtual machines, wow. How did that happen? I must not have enabled my security policy earlier. Well,
let’s make sure that we take care of that. Think about how easy this is now. I can literally…
here’s my list of VMs, and I can click on one click and it’ll go ahead and install all of that endpoint protection on all of those VMs.
I don’t need to log into each one of them individually, I don’t need to do a manual process, nope.
This handles it for me. Pretty awesome. What about applications? For example, I’ve deployed some Web applications.
And you know what?
We’re actually giving you the recommendation that you really should consider a Web application firewall.
So I’m going to go ahead and click on one of these, and in fact, to add a Web application firewall is a couple clicks away.
I click on Create new, and you can see I’m loading options here, and by the way let’s point out we have numerous options.
We have options from Barracuda or F5 or Fortinet or Imperva and of course our own Microsoft application gateway.
So think about what you’ve seen here. We’ve provided a way to manage your distributed infrastructure,
provide security and recommendations, whether it’s patch management,
whether it’s recommendations for configuration, that and so much more.
So I urge you if you haven’t had a chance to play with Azure Security Center, take a look today.