SlideShare ist ein Scribd-Unternehmen logo

Azure Security Overview

Als PPTX, PDF herunterladen
A
Allen Brokken

This presentation walks through the Security and Compliance functionality to customers leveraging Azure as a compute environment. It includes deep-dive references to detailed information on each topic presented.

Technologie
1 von 44
Your vision. Your cloud.
Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMA UK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive https://www.microsoft.com/en-us/TrustCenter
https://cloudsecurityalliance.org/star-registrant/microsoft/ https://cloudsecurityalliance.org/
6 Best practices and guidance Third-party verification Cloud Security Alliance Security intelligence report Compliance packages Trust Center Access to audit reports Security Response Center progress report
7 Restricted Use Azure does not share data with its advertiser- supported services Azure does not mine Customer Data for advertising Read the fine print of other cloud service provider’s privacy statements
Contractual Commitments EU Data Privacy Approval • Microsoft makes strong contractual commitments to safeguard customer data covered by HIPAA BAA, Data Processing Agreement, & E.U. Model Clauses • Enterprise cloud-service specific privacy protections benefit every industry & region • Microsoft meets high bar for protecting privacy of EU customer data • Microsoft offers customers EU Model Clauses for transfer of personal data across international borders • Microsoft’s approach was approved by the Article 29 committee of EU data protection authorities – the first company to obtain this Broad contractual scope
https://www.microsoft.com/en- us/TrustCenter/Privacy/gdpr/readiness?&wt.srch=1&wt.mc_id=AID641639_SEM_CBaJdkAr&msclkid=ed 77bbb912621bf358a6e13cbccd9458
ISO 27001 SOC 1 Type 2 SOC 2 Type 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud Information security standards Effective controls Government & industry certifications Simplified Compliance
11 Security Compliance Strategy Security analytics Risk management best practices Security benchmark analysis Test and audit Security Compliance Framework • Security goals set in context of business and industry requirements • Security analytics & best practices deployed to detect and respond to threats • Benchmarked to a high bar of certifications and accreditations to ensure compliance • Continual monitoring, test and audit • Ongoing update of certifications for new services
12 Program Description ISO/IEC 27001 The ISO/IEC 27001:2005 certificate validates that Azure has implemented the internationally recognized information security controls defined in this standard. SOC 1 SSAE 16/ISAE 3402 Azure has also been audited against the Service Organization Control (SOC) reporting framework for SOC 1 Type 2 (formerly SAS 70), attesting to the design and operating effectiveness of its controls. SOC 2 Azure has been audited for SOC 2 Type 2, which includes a further examination of Azure controls related to security, availability, and confidentiality FedRAMP/FISMA Azure has received Provisional Authorization to Operate from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB), having undergone the assessments necessary to verify that it meets FedRAMP security standards. PCI DSS Level 1 Azure has been validated for PCI-DSS Level 1 compliance by an independent Qualified Security Assessor (QSA). UK G-Cloud IL2 In the United Kingdom, Azure has been awarded Impact Level 2 (IL2) accreditation, further enhancing Microsoft and its partner offerings on the current G-Cloud procurement Framework and CloudStore. HIPAA BAA To help customers comply with HIPAA and HITECH Act security and privacy provisions, Microsoft offers a HIPAA Business Associate Agreement (BAA) to healthcare entities with access to Protected Health Information (PHI). Certifications and Programs
Online Services Terms
Traditional Storage Servers Physical Network Operating System Middleware Virtualization Data Applications Runtime YouManage IaaS Storage Servers Physical Network Operating System Middleware Virtualization Data Applications Runtime ManagedbyMicrosoft YouManage PaaS ManagedbyMicrosoft YouManage Storage Servers Physical Network Operating System Middleware Virtualization Applications Runtime Data SaaS ManagedbyMicrosoft Storage Servers Physical Network Operating System Middleware Virtualization Applications Runtime Data Windows Azure Virtual Machines Windows Server Hyper-V Windows Server Windows Azure PaaS Services Office 365 Dynamics CRM Software Network
https://www.microsoft.com/en- us/trustcenter/security#How-Microsoft-protects-your-data Network Protection Private, isolated network Extend existing topology Private, physical connection Data Protection Data Redundancy Options Encryption - In-Transit and At-Rest Key Vault Identity & Access Manage user identities Multi-factor authentication Role-based access control
https://azure.microsoft.com/en-us/updates/ https://azure.microsoft.com/en-us/status/
Security embedded in planning, design, development, & deployment Rigorous controls to prevent, detect, contain, & respond to threats Hardening cloud services through simulated real-world attacks Global, 24x7 incident response to mitigate effects of attacks Design and Operations Operational security controls Assume breach Incident response Software Development Lifecycle (SDL) https://www.microsoft.com/en-us/trustcenter/security//designopsecurity
Service security starts with physical data center Cameras 24X7 security staff Barriers Fencing Alarms Two-factor access control: Biometric readers & card readers Security operations center Days of backup power Seismic bracing BuildingPerimeter Computer room https://www.microsoft.com/en-us/cloud-platform/global-datacenters
Architected for Secure Multi-tenancy AZURE: • Centrally manages the platform and isolates customer environments using the Fabric Controller • Runs a configuration-hardened version of Windows Server as the Host OS • Uses Hyper-V Windows Server 2012 R2 - a battle tested and enterprise proven hypervisor • Runs Windows Server on Guest VMs for platform services CUSTOMER: • Manages their environment through service management interfaces and subscriptions • Chooses from the gallery or brings their own OS for their Virtual Machines Azure Storage SQL Database Fabric Controller Customer Admin Guest VM Guest VM Customer 2 Guest VM Customer 1 Portal Smart API End Users Host OS Hypervisor Microsoft Azure
ExpressRoute Connections Customer 1 Isolated Virtual Network Deployment X Microsoft Azure Site 1 ExpressRoute Peer Site 2 WAN AZURE: • Offers private WAN connections via ExpressRoute • Enables access to Compute, Storage, and other Azure services CUSTOMERS: • Can establish connections to Azure at an ExpressRoute location (Exchange Provider facility) • Can directly connect to Azure from your existing WAN network (such as a MPLS VPN) provided by a network service provider • Manages certificates, policies, and user access https://azure.microsoft.com/en-us/services/expressroute/
VPN Connections Customer 1 Isolated Virtual Network Deployment X Microsoft Azure VPN Remote Workers Customer Site Computers Behind Firewall AZURE: • Enables connection from customer sites and remote workers to Azure Virtual Networks using Site-to-Site and Point-to-Site VPNs CUSTOMERS: • Configures the P2S VPN client in Windows • Manages certificates, policies, and user access https://azure.microsoft.com/en-us/services/vpn-gateway/
Firewall Protection Customer 1 Application Tier Logic Tier Database Tier Virtual Network Cloud Access Layer AZURE: • Controls access from the Internet, permits traffic only to endpoints, and provides load balancing and NAT at the Cloud Access Layer • Isolates traffic and provides intrusion defense through a distributed firewall • Defines access controls between tiers and provides additional protection via the OS firewall CUSTOMER • Applies corporate firewall using site-to- site VPN Client 443 443 VPN Corp Firewall INTERNET Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/networksecurity
• Enables network segmentation & DMZ scenarios • Access Control Lists & Network traffic rules as security group • Security groups associated with Virtual machines, Network Interfaces, or virtual machine subnets (not GW subnet) • Rules define a 5-tuple • Rules are separated into Inbound and Outbound rules • Rules applied in order of priority • Network traffic rules updated independent of Virtual machines • Controlled access to and from Internet Virtual Network Backend 10.3/16 Mid-tier 10.2/16 Frontend 10.1/16 VPN GW Internet On Premises 10.0/16 S2S VPNs https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg
Encryption in Transit AZURE: • Encrypts most communication between Azure datacenters • Encrypts transactions through Azure Portal using HTTPS • Supports FIPS 140-2 ciphers CUSTOMER: • Can choose HTTPS for REST API (recommended) for Storage • Configures HTTPS endpoints for application running in Azure • Encrypts traffic between Web client and server by implementing TLS on IIS Azure Portal Azure Data Center Azure Data Center https://www.microsoft.com/en-us/trustcenter/security/encryption
AZURE: • Applies regularly scheduled updates to the platform • Releases critical patches immediately • Rigorously reviews & tests all changes CUSTOMER: • Applies similar patch management strategies for their Virtual Machines Patch Management Monthly MSRC Patch Review Patching Rollout Scanning Audit Validation • Monitor 100,000+ vulnerability reports • Sourced from customers & worldwide network of security researchers • Prioritize critical updates • Monthly OS releases with patches • Reconciliation report • Resolution summary • Scanning & reporting of all Azure VMs • Track & remediate any findings
Antivirus/Antimalware AZURE: • Performs monitoring & alerting of antimalware events for the platform • Enables real time protection, on- demand scanning, and monitoring via Microsoft Antimalware for Cloud Services and Virtual Machines CUSTOMER: • Configures Microsoft Antimalware or an AV/AM solution from a partner • Extracts events to SIEM • Monitors alerts & reports • Responds to incidents Azure Storage Customer Admin Guest VM Cloud Services Customer VMs Portal Smart API Guest VM Enable & configure antimalware Events Extract Antimalware Health Events to SIEM or other Reporting System Event ID Computer Event Description Severity DateTime 1150 Machine1 Client in Healthy State 4 04/29/2014 2002 Machine2 Signature Updated Successfully 4 04/29/2014 5007 Machine3 Configuration Applied 4 04/29/2014 1116 Machine2 Malware Detected 1 04/29/2014 1117 Machine2 Malware Removed 1 04/29/2014 SIEM Admin View Alerting & reporting Microsoft Azure
Identity and Access Management with Azure AD AZURE: • Provides enterprise cloud identity and access management • Enables single sign-on across cloud applications • Offers Multi-Factor Authentication for enhanced security CUSTOMER: • Centrally manages users and access to Azure, O365, and hundreds of pre- integrated cloud applications • Builds Azure AD into their web and mobile applications • Can extend on-premises directories to Azure AD through synchronization End Users Active Directory Azure Active Directory Cloud Apps https://www.microsoft.com/en-us/trustcenter/security/identity
https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-control-configure
Azure RBAC Enforcement Model https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction
Microsoft Employee Access Management Pre-screened Admin requests access Leadership grants temporary privilege • No standing access to the platform and no access to customer Virtual Machines • Grants least privilege required to complete task • Multi-factor authentication required for all administration • Access requests are audited and logged Just in Time & Role-Based Access Microsoft Corporate Network Microsoft Azure BLOBS TABLES QUEUES DRIVES
Blobs Files Disks Tables Queues Object storage Access via REST File storage Access via SMB, REST IaaS VM VHD/ disks Access via REST NOSQL storage Access via REST Reliable Messaging Access via REST Streaming & random object access scenarios Lift n shift scenarios Persistent disks for VMs Premium option KeyValue Store Scheduling async tasks
Hardware Datacenter Region https://docs.microsoft.com/en-us/azure/architecture/resiliency/high-availability-azure-applications
Encryption at Rest Virtual Machines: • Boot and Data drives – Azure Disk Encryption • SQL Server – Transparent Data Encryption • Files & folders - EFS in Windows Server Storage: • Blob Storage encryption • Bitlocker encryption of drives for import/export of data • StorSimple with AES-256 encryption Applications: • Client Side encryption through .NET Crypto API • RMS SDK for file encryption by your applications https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
Azure Key Vault Resource Providers Data Encryption Keys (DEK) Customer Owned Service Owned Key Encryption Keys (KEK) Azure Active Directory https://azure.microsoft.com/en-us/services/key-vault/
Data Deletion Data Destruction • Wiping is NIST 800-88 compliant • Defective disks are destroyed at the datacenter • Immediately removed from primary location • Geo-replicated copy of the data removed asynchronously • Customers can only read from disk space they have written to Disk Handling https://blogs.msdn.microsoft.com/walterm/2014/09/04/mic rosoft-azure-data-security-data-cleansing-and-leakage/
Monitoring and Logging AZURE: • Performs monitoring & alerting of security events for the platform • Enables security data collection via Monitoring Agent or Windows Event Forwarding CUSTOMER: • Configures monitoring • Exports events to SQL Database, HDInsight or a SIEM for analysis • Monitors alerts & reports • Responds to incidents Azure Storage Customer Admin Guest VM Cloud Services Customer VMs Portal Smart API Guest VM Enable Monitoring Agent Events Extract event information to SIEM or other Reporting System Event ID Computer Event Description Severity DateTime 1150 Machine1 Example security event 4 04/29/2014 2002 Machine2 Signature Updated Successfully 4 04/29/2014 5007 Machine3 Configuration Applied 4 04/29/2014 1116 Machine2 Example security event 1 04/29/2014 1117 Machine2 Access attempted 1 04/29/2014 SIEM Admin View Alerting & reporting HDInsight Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/auditingandlogging
AZURE: • Provides big data analysis of logs for intrusion detection & prevention for the platform • Employs denial of service attack prevention measures for the platform • Regularly performs penetration testing CUSTOMER: • Can add extra layers of protection by deploying additional controls, including web application firewalls • Conducts penetration testing of their applications Threat Detection Customer Environment Application Tier Logic Tier Database Tier Virtual Network INTERNET VPN Corp 1 Cloud Access & Firewall Layer THREAT DETECTION: DOS/IDS Layer DOS/IDS Layer DOS/IDS Layer DOS/IDS Layer End Users Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/threatmanagement
Built-in Azure, no setup required • Automatically discover and monitor security of Azure resources Gain insights for hybrid resources • Easily onboard resources running in other clouds and on-premises https://azure.microsoft.com/en-us/services/security-center/
https://www.microsoft.com/en-us/trustcenter/security#How- Microsoft-protects-your-data

Empfohlen

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
Srikanth Kappagantula
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 

Empfohlen

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
Lorenzo Barbieri
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
Srikanth Kappagantula
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
David J Rosenthal
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
Mohit Chhabra
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
Vignesh Ganesan I Microsoft MVP
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
Allen Brokken
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
BizTalk360
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Vignesh Ganesan I Microsoft MVP
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
arnaudlh
 
Azure cloud migration simplified
Azure cloud migration simplifiedAzure cloud migration simplified
Azure cloud migration simplified
Girlo
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
Robert Crane
 
Cloud Adoption Framework - Overview_partner.pptx
Cloud Adoption Framework - Overview_partner.pptxCloud Adoption Framework - Overview_partner.pptx
Cloud Adoption Framework - Overview_partner.pptx
abhishek22611
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
David J Rosenthal
 
AZ-900T00A-ENU-PowerPoint-02.pptx
AZ-900T00A-ENU-PowerPoint-02.pptxAZ-900T00A-ENU-PowerPoint-02.pptx
AZ-900T00A-ENU-PowerPoint-02.pptx
TheGameSquad
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
Shawn Ismail
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
Amazon Web Services
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
Cheah Eng Soon
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
Flyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft AzureFlyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft Azure
Brad Brown
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
Cisco Service Provider
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS Security
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
Azure Security and Management
Azure Security and ManagementAzure Security and Management
Azure Security and Management
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
 
Azure cloud migration simplified
Azure cloud migration simplifiedAzure cloud migration simplified
Azure cloud migration simplified
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure Sentinel
 
Cloud Adoption Framework - Overview_partner.pptx
Cloud Adoption Framework - Overview_partner.pptxCloud Adoption Framework - Overview_partner.pptx
Cloud Adoption Framework - Overview_partner.pptx
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
AZ-900T00A-ENU-PowerPoint-02.pptx
AZ-900T00A-ENU-PowerPoint-02.pptxAZ-900T00A-ENU-PowerPoint-02.pptx
AZ-900T00A-ENU-PowerPoint-02.pptx
 
48. Azure Active Directory - Part 1
48. Azure Active Directory - Part 148. Azure Active Directory - Part 1
48. Azure Active Directory - Part 1
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 

Ähnlich wie Azure Security Overview

Flyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft AzureFlyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft Azure
Brad Brown
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
Cisco Service Provider
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
MSAdvAnalytics
 
Citadon Hosting Services
Citadon Hosting ServicesCitadon Hosting Services
Citadon Hosting Services
webhostingguy
 

Ähnlich wie Azure Security Overview (20)

Flyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft AzureFlyer- Cloud Environment Overview- Microsoft Azure
Flyer- Cloud Environment Overview- Microsoft Azure
 
Cloud Security Solution Overview
Cloud Security Solution OverviewCloud Security Solution Overview
Cloud Security Solution Overview
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Enter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s AssetsEnter The Matrix Securing Azure’s Assets
Enter The Matrix Securing Azure’s Assets
 
Windstream Hosted Solutions: Public Cloud Security
Windstream Hosted Solutions: Public Cloud SecurityWindstream Hosted Solutions: Public Cloud Security
Windstream Hosted Solutions: Public Cloud Security
 
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
DEVNET-1009 Cisco Intercloud Fabric for Business (ICFB), Helping Enterprises...
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use Cases
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Active Directory 2019 v2.pptx
Active Directory 2019 v2.pptxActive Directory 2019 v2.pptx
Active Directory 2019 v2.pptx
 
Firewalls Security – Features and Benefits
Firewalls Security – Features and BenefitsFirewalls Security – Features and Benefits
Firewalls Security – Features and Benefits
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
Cloud Computing Strategy and Architecture
Cloud Computing Strategy and ArchitectureCloud Computing Strategy and Architecture
Cloud Computing Strategy and Architecture
 
Citadon Hosting Services
Citadon Hosting ServicesCitadon Hosting Services
Citadon Hosting Services
 
IRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud EnvironmentIRJET- Improving Data Storage Security and Performance in Cloud Environment
IRJET- Improving Data Storage Security and Performance in Cloud Environment
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Student Presentation on Cloud Computing (MCO-205)
Student Presentation on Cloud Computing (MCO-205)Student Presentation on Cloud Computing (MCO-205)
Student Presentation on Cloud Computing (MCO-205)
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Azure Security Overview

  • 2.
  • 3.
  • 4. Trustworthy Computing Initiative Security Development LifecycleGlobal Data Center Services Malware Protection Center Microsoft Security Response Center Windows Update 1st Microsoft Data Center Active Directory SOC 1 CSA Cloud Controls Matrix PCI DSS Level 1 FedRAMP/ FISMA UK G-Cloud Level 2 ISO/IEC 27001:2005 HIPAA/ HITECH Digital Crimes Unit SOC 2 E.U. Data Protection Directive https://www.microsoft.com/en-us/TrustCenter
  • 6. 6 Best practices and guidance Third-party verification Cloud Security Alliance Security intelligence report Compliance packages Trust Center Access to audit reports Security Response Center progress report
  • 7. 7 Restricted Use Azure does not share data with its advertiser- supported services Azure does not mine Customer Data for advertising Read the fine print of other cloud service provider’s privacy statements
  • 8. Contractual Commitments EU Data Privacy Approval • Microsoft makes strong contractual commitments to safeguard customer data covered by HIPAA BAA, Data Processing Agreement, & E.U. Model Clauses • Enterprise cloud-service specific privacy protections benefit every industry & region • Microsoft meets high bar for protecting privacy of EU customer data • Microsoft offers customers EU Model Clauses for transfer of personal data across international borders • Microsoft’s approach was approved by the Article 29 committee of EU data protection authorities – the first company to obtain this Broad contractual scope
  • 10. ISO 27001 SOC 1 Type 2 SOC 2 Type 2 FedRAMP/FISMA PCI DSS Level 1 UK G-Cloud Information security standards Effective controls Government & industry certifications Simplified Compliance
  • 11. 11 Security Compliance Strategy Security analytics Risk management best practices Security benchmark analysis Test and audit Security Compliance Framework • Security goals set in context of business and industry requirements • Security analytics & best practices deployed to detect and respond to threats • Benchmarked to a high bar of certifications and accreditations to ensure compliance • Continual monitoring, test and audit • Ongoing update of certifications for new services
  • 12. 12 Program Description ISO/IEC 27001 The ISO/IEC 27001:2005 certificate validates that Azure has implemented the internationally recognized information security controls defined in this standard. SOC 1 SSAE 16/ISAE 3402 Azure has also been audited against the Service Organization Control (SOC) reporting framework for SOC 1 Type 2 (formerly SAS 70), attesting to the design and operating effectiveness of its controls. SOC 2 Azure has been audited for SOC 2 Type 2, which includes a further examination of Azure controls related to security, availability, and confidentiality FedRAMP/FISMA Azure has received Provisional Authorization to Operate from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB), having undergone the assessments necessary to verify that it meets FedRAMP security standards. PCI DSS Level 1 Azure has been validated for PCI-DSS Level 1 compliance by an independent Qualified Security Assessor (QSA). UK G-Cloud IL2 In the United Kingdom, Azure has been awarded Impact Level 2 (IL2) accreditation, further enhancing Microsoft and its partner offerings on the current G-Cloud procurement Framework and CloudStore. HIPAA BAA To help customers comply with HIPAA and HITECH Act security and privacy provisions, Microsoft offers a HIPAA Business Associate Agreement (BAA) to healthcare entities with access to Protected Health Information (PHI). Certifications and Programs
  • 14.
  • 15. Traditional Storage Servers Physical Network Operating System Middleware Virtualization Data Applications Runtime YouManage IaaS Storage Servers Physical Network Operating System Middleware Virtualization Data Applications Runtime ManagedbyMicrosoft YouManage PaaS ManagedbyMicrosoft YouManage Storage Servers Physical Network Operating System Middleware Virtualization Applications Runtime Data SaaS ManagedbyMicrosoft Storage Servers Physical Network Operating System Middleware Virtualization Applications Runtime Data Windows Azure Virtual Machines Windows Server Hyper-V Windows Server Windows Azure PaaS Services Office 365 Dynamics CRM Software Network
  • 16. https://www.microsoft.com/en- us/trustcenter/security#How-Microsoft-protects-your-data Network Protection Private, isolated network Extend existing topology Private, physical connection Data Protection Data Redundancy Options Encryption - In-Transit and At-Rest Key Vault Identity & Access Manage user identities Multi-factor authentication Role-based access control
  • 18. Security embedded in planning, design, development, & deployment Rigorous controls to prevent, detect, contain, & respond to threats Hardening cloud services through simulated real-world attacks Global, 24x7 incident response to mitigate effects of attacks Design and Operations Operational security controls Assume breach Incident response Software Development Lifecycle (SDL) https://www.microsoft.com/en-us/trustcenter/security//designopsecurity
  • 19.
  • 20. Service security starts with physical data center Cameras 24X7 security staff Barriers Fencing Alarms Two-factor access control: Biometric readers & card readers Security operations center Days of backup power Seismic bracing BuildingPerimeter Computer room https://www.microsoft.com/en-us/cloud-platform/global-datacenters
  • 21. Architected for Secure Multi-tenancy AZURE: • Centrally manages the platform and isolates customer environments using the Fabric Controller • Runs a configuration-hardened version of Windows Server as the Host OS • Uses Hyper-V Windows Server 2012 R2 - a battle tested and enterprise proven hypervisor • Runs Windows Server on Guest VMs for platform services CUSTOMER: • Manages their environment through service management interfaces and subscriptions • Chooses from the gallery or brings their own OS for their Virtual Machines Azure Storage SQL Database Fabric Controller Customer Admin Guest VM Guest VM Customer 2 Guest VM Customer 1 Portal Smart API End Users Host OS Hypervisor Microsoft Azure
  • 22. ExpressRoute Connections Customer 1 Isolated Virtual Network Deployment X Microsoft Azure Site 1 ExpressRoute Peer Site 2 WAN AZURE: • Offers private WAN connections via ExpressRoute • Enables access to Compute, Storage, and other Azure services CUSTOMERS: • Can establish connections to Azure at an ExpressRoute location (Exchange Provider facility) • Can directly connect to Azure from your existing WAN network (such as a MPLS VPN) provided by a network service provider • Manages certificates, policies, and user access https://azure.microsoft.com/en-us/services/expressroute/
  • 23. VPN Connections Customer 1 Isolated Virtual Network Deployment X Microsoft Azure VPN Remote Workers Customer Site Computers Behind Firewall AZURE: • Enables connection from customer sites and remote workers to Azure Virtual Networks using Site-to-Site and Point-to-Site VPNs CUSTOMERS: • Configures the P2S VPN client in Windows • Manages certificates, policies, and user access https://azure.microsoft.com/en-us/services/vpn-gateway/
  • 24. Firewall Protection Customer 1 Application Tier Logic Tier Database Tier Virtual Network Cloud Access Layer AZURE: • Controls access from the Internet, permits traffic only to endpoints, and provides load balancing and NAT at the Cloud Access Layer • Isolates traffic and provides intrusion defense through a distributed firewall • Defines access controls between tiers and provides additional protection via the OS firewall CUSTOMER • Applies corporate firewall using site-to- site VPN Client 443 443 VPN Corp Firewall INTERNET Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/networksecurity
  • 25. • Enables network segmentation & DMZ scenarios • Access Control Lists & Network traffic rules as security group • Security groups associated with Virtual machines, Network Interfaces, or virtual machine subnets (not GW subnet) • Rules define a 5-tuple • Rules are separated into Inbound and Outbound rules • Rules applied in order of priority • Network traffic rules updated independent of Virtual machines • Controlled access to and from Internet Virtual Network Backend 10.3/16 Mid-tier 10.2/16 Frontend 10.1/16 VPN GW Internet On Premises 10.0/16 S2S VPNs https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg
  • 26. Encryption in Transit AZURE: • Encrypts most communication between Azure datacenters • Encrypts transactions through Azure Portal using HTTPS • Supports FIPS 140-2 ciphers CUSTOMER: • Can choose HTTPS for REST API (recommended) for Storage • Configures HTTPS endpoints for application running in Azure • Encrypts traffic between Web client and server by implementing TLS on IIS Azure Portal Azure Data Center Azure Data Center https://www.microsoft.com/en-us/trustcenter/security/encryption
  • 27. AZURE: • Applies regularly scheduled updates to the platform • Releases critical patches immediately • Rigorously reviews & tests all changes CUSTOMER: • Applies similar patch management strategies for their Virtual Machines Patch Management Monthly MSRC Patch Review Patching Rollout Scanning Audit Validation • Monitor 100,000+ vulnerability reports • Sourced from customers & worldwide network of security researchers • Prioritize critical updates • Monthly OS releases with patches • Reconciliation report • Resolution summary • Scanning & reporting of all Azure VMs • Track & remediate any findings
  • 28. Antivirus/Antimalware AZURE: • Performs monitoring & alerting of antimalware events for the platform • Enables real time protection, on- demand scanning, and monitoring via Microsoft Antimalware for Cloud Services and Virtual Machines CUSTOMER: • Configures Microsoft Antimalware or an AV/AM solution from a partner • Extracts events to SIEM • Monitors alerts & reports • Responds to incidents Azure Storage Customer Admin Guest VM Cloud Services Customer VMs Portal Smart API Guest VM Enable & configure antimalware Events Extract Antimalware Health Events to SIEM or other Reporting System Event ID Computer Event Description Severity DateTime 1150 Machine1 Client in Healthy State 4 04/29/2014 2002 Machine2 Signature Updated Successfully 4 04/29/2014 5007 Machine3 Configuration Applied 4 04/29/2014 1116 Machine2 Malware Detected 1 04/29/2014 1117 Machine2 Malware Removed 1 04/29/2014 SIEM Admin View Alerting & reporting Microsoft Azure
  • 29.
  • 30. Identity and Access Management with Azure AD AZURE: • Provides enterprise cloud identity and access management • Enables single sign-on across cloud applications • Offers Multi-Factor Authentication for enhanced security CUSTOMER: • Centrally manages users and access to Azure, O365, and hundreds of pre- integrated cloud applications • Builds Azure AD into their web and mobile applications • Can extend on-premises directories to Azure AD through synchronization End Users Active Directory Azure Active Directory Cloud Apps https://www.microsoft.com/en-us/trustcenter/security/identity
  • 32. Azure RBAC Enforcement Model https://docs.microsoft.com/en-us/azure/azure-policy/azure-policy-introduction
  • 33. Microsoft Employee Access Management Pre-screened Admin requests access Leadership grants temporary privilege • No standing access to the platform and no access to customer Virtual Machines • Grants least privilege required to complete task • Multi-factor authentication required for all administration • Access requests are audited and logged Just in Time & Role-Based Access Microsoft Corporate Network Microsoft Azure BLOBS TABLES QUEUES DRIVES
  • 34.
  • 35. Blobs Files Disks Tables Queues Object storage Access via REST File storage Access via SMB, REST IaaS VM VHD/ disks Access via REST NOSQL storage Access via REST Reliable Messaging Access via REST Streaming & random object access scenarios Lift n shift scenarios Persistent disks for VMs Premium option KeyValue Store Scheduling async tasks
  • 37. Encryption at Rest Virtual Machines: • Boot and Data drives – Azure Disk Encryption • SQL Server – Transparent Data Encryption • Files & folders - EFS in Windows Server Storage: • Blob Storage encryption • Bitlocker encryption of drives for import/export of data • StorSimple with AES-256 encryption Applications: • Client Side encryption through .NET Crypto API • RMS SDK for file encryption by your applications https://docs.microsoft.com/en-us/azure/storage/common/storage-service-encryption
  • 38. Azure Key Vault Resource Providers Data Encryption Keys (DEK) Customer Owned Service Owned Key Encryption Keys (KEK) Azure Active Directory https://azure.microsoft.com/en-us/services/key-vault/
  • 39. Data Deletion Data Destruction • Wiping is NIST 800-88 compliant • Defective disks are destroyed at the datacenter • Immediately removed from primary location • Geo-replicated copy of the data removed asynchronously • Customers can only read from disk space they have written to Disk Handling https://blogs.msdn.microsoft.com/walterm/2014/09/04/mic rosoft-azure-data-security-data-cleansing-and-leakage/
  • 40.
  • 41. Monitoring and Logging AZURE: • Performs monitoring & alerting of security events for the platform • Enables security data collection via Monitoring Agent or Windows Event Forwarding CUSTOMER: • Configures monitoring • Exports events to SQL Database, HDInsight or a SIEM for analysis • Monitors alerts & reports • Responds to incidents Azure Storage Customer Admin Guest VM Cloud Services Customer VMs Portal Smart API Guest VM Enable Monitoring Agent Events Extract event information to SIEM or other Reporting System Event ID Computer Event Description Severity DateTime 1150 Machine1 Example security event 4 04/29/2014 2002 Machine2 Signature Updated Successfully 4 04/29/2014 5007 Machine3 Configuration Applied 4 04/29/2014 1116 Machine2 Example security event 1 04/29/2014 1117 Machine2 Access attempted 1 04/29/2014 SIEM Admin View Alerting & reporting HDInsight Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/auditingandlogging
  • 42. AZURE: • Provides big data analysis of logs for intrusion detection & prevention for the platform • Employs denial of service attack prevention measures for the platform • Regularly performs penetration testing CUSTOMER: • Can add extra layers of protection by deploying additional controls, including web application firewalls • Conducts penetration testing of their applications Threat Detection Customer Environment Application Tier Logic Tier Database Tier Virtual Network INTERNET VPN Corp 1 Cloud Access & Firewall Layer THREAT DETECTION: DOS/IDS Layer DOS/IDS Layer DOS/IDS Layer DOS/IDS Layer End Users Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/threatmanagement
  • 43. Built-in Azure, no setup required • Automatically discover and monitor security of Azure resources Gain insights for hybrid resources • Easily onboard resources running in other clouds and on-premises https://azure.microsoft.com/en-us/services/security-center/