Flash card Module 9- Manage Security Operation in Azure

2. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Security Center Monitoring service that provide threat protection across services in Azure & on-prem Free Tier Limited to assessment & recommendation of Azure resources Standard Tier Full suite of security related services including continuous monitoring, threat detection, just in time access control for ports & more

4. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Stop brute force attack Disable public IP address & use VPN Use two factor authentication Limit login attempt Increase password length & complexity Implement Captcha Limit amount of time that the ports are open Enable JIT VM access (restrict access to management ports when not in use & approved IP add that can access these ports) -STANDARD TIER-

5. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Protect against malware Install antimalware – Microsoft Antimalware for Azure Cloud Services & VM Use firewall to block network traffic Integrate antimalware solution with Azure Security Center to monitor the status of the anti malware protection Up to date latest OS fixes and version Antimalware available as an extension

6. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Active Directory Cloud based identity service. Built in support for synchronization with existing on-prem AD or standalone Authentication SSO MFA

7. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Encryption Encrypt raw storage -Azure storage Service Encryption Encrypt VM disk -Azure Disk Encryption (bitlocker or dm- crypt) Encrypt database -Transparent data encryption (encrypt/decryption of the database, backup & transaction log files Encrypt secret Use Azure Key Vault to protect secret key

8. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Protect Network Azure Firewall Managed, cloud based, network security service that protect Azure Virtual Network Resources . Stateful Azure Application Gateway Is a load balancer that include Web Application Firewall (WAF). Designed to protect HTTP traffic Network Virtual Appliance Similar like hardware firewall appliances

9. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Virtual network Security Filter network traffic to & from Azure resources in an Azure virtual network. Network Security Group (NSG) VPN Secure comm channel between on-prem & cloud

10. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Protect Shared Document Classify and optionally protect doc & email by applying label Azure Information Protection (AIP)

11. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Monitor Log Extract valuable info about your infra from log data Gather Monitoring & Diagnostic info about the health of services Visualize & analyze the causes of the problem Collect Metric - How resource is performing & consuming Collect Log - Show when resources are created or modified

Flash card Module 9- Manage Security Operation in Azure

You are reading a preview.

Check these out next

Flash card Module 9- Manage Security Operation in Azure

More Related Content

Slideshows for you (20)

Similar to Flash card Module 9- Manage Security Operation in Azure (20)

More from Yoong Seng Lai (7)

Recently uploaded (20)