Anterovium - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How Azure Security Center boosts Microsoft cloud security

Azure Security Center looks to enhance Microsoft's cloud platform by improving visibility and control. Expert Dave Shackleford outlines the features intended to do that.

Microsoft recently announced it is enhancing its Azure cloud platform with a new security center that will increase cloud visibility and improve control over security for users. A public preview of product, Azure Security Center, was released officially in December 2015, and looks promising.

Microsoft has several stated goals for Azure Security Center. First, it wants to provide more comprehensive visibility and security control across all Azure instances and services clients are using. Second, Microsoft aims to provide some form of threat intelligence and alerting on malicious activity in Azure, with insight from its global security intelligence organization. Third, Microsoft wants to help make cloud deployments more effective and efficient by providing transparent policy definitions that security and operations teams can review and collaborate on, and then apply to the environment where appropriate. Let's look at how Azure Security Center is enhancing Microsoft's cloud security.

Security policies

The first way Microsoft enhanced security capabilities in Azure Security Center is with security policies. Teams can define a security policy by looking at the posture of various Azure assets, and then receive recommendations and assessments of their environment as compared to the policy. Policies currently planned for release fall into the categories of patches, security configuration baselines, endpoint ACLs, network security groups, SQL auditing, Transparent Data Encryption in Azure databases, BitLocker disk encryption and antimalware. Web application firewalls, next-generation firewalls and other enterprise security controls are available through partnerships with leading providers like Barracuda, F5, Cisco, Fortinet, Check Point, Trend Micro, Imperva, Incapsula, CloudFlare and others.

Recommendations

With capabilities ranging from policy assignment and audit, remediation guidance and controls integration, Microsoft may help make Azure the cloud environment of choice for security teams.

With Microsoft's recommendations utility built into Azure Security Center, analysts can perform assessments against their defined policies and receive detailed ratings of the potential risks systems may have within the Azure environment. One nice capability that Microsoft offers is the ability to immediately find ways to remediate the noted shortcomings by implementing built-in controls or finding partner products that can address the issues. Microsoft will even automate the back-end network connections and connectivity for solutions implemented through the Azure Security Center wizard, making the entire process of remediation much simpler.

Security alerting

The security alerting portion of Azure Security Center aims to provide targeted information about definite, possible or hypothetical issues related to specific assets within the Microsoft cloud. Analysts will be able to click into the prioritized alerts and see which virtual machines and assets are affected. Drilling down into these specific system risks will open a new pane with more details on the alert, recommended remediation steps and possible choices for implementing the controls -- much like the recommendations capability. Microsoft also seems to be adding some basic intrusion detection and reputation scoring capabilities that can help analysts see when suspect or malicious traffic is in the environment, where internal systems are communicating, and reputation data for those IP addresses and domains. Security teams can also choose to immediately run antimalware scans on systems that may be compromised. Microsoft Azure Security Center promises to allow organizations to collect and aggregate log and event data within the cloud, as well, although storage, analysis and integration options with leading log management and SIEM tools were not forthcoming in the initial previews.

Conclusion

Microsoft is making a significant investment in security with the upcoming Azure Security Center platform. With capabilities ranging from policy assignment and audit, remediation guidance and controls integration, Microsoft may help make Azure the cloud environment of choice for security teams interested in more controls and reporting within public cloud environments. Backed by Microsoft's security expertise and insight, Azure Security Center looks to be a welcome addition to public cloud security service offerings, and should spark some intense competition between leading providers.

Next Steps

Learn more about Microsoft Azure security features

Check out this essential guide to Microsoft Azure for enterprises

Find out how difficult it is to implement SSO with Microsoft Azure AD

This was last published in January 2016

Dig Deeper on Public Cloud Computing Security

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

What do you think of Microsoft Azure Security Center?
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close