SlideShare a Scribd company logo

Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017

Download as PPTX, PDF
Radu Vunvulea
Radu Vunvulea

How does an enterprise looks like when you talk about security and cloud? Complicated, rigid and challenging to accept cloud based architectures. After working closely with security teams from different companies I identified different approaches and requirements that are standard for enterprises. In this session I want to discuss and share with you lessons learned on how we can map security requirements to Azure.

Technology
1 of 34
1 ENTERPRISE SECURITY IN PRACTICE RADU VUNVULEA, OCTOBER 2017 @RADU VUNVULEA
ENTERPRISE AND SECURITY
RADU VUNVULEA Technology Enthusiast Dreamer Microsoft Azure MVP Speaker & Trainer Writer & Blogger Idealist Software Architecture Crafter
SANDBOX Group resources Control Manage
DIRECT ACCESS Same network Visible between each other Easy access and control
ISOLATION Restric traffic Controls what goes to and from VNET Isolate from outside
NSG – TIPS AND TRICKS
CROSS SYSTEM COMMUNICATION Specify what can be exchange between systems Full control on inbound and outbound traffic NSG
NETWORK VIRTUAL APPLIANCE Control security from only one location Cross location synchronization
MONITOR AND AUDIT All traffic goes through virtual appliance Push audit data to on-premises system Firewall, IDS, IPS UDR
EXTERNAL TRAFFIC CONTROL Full control of IP Filtering Traffic goes through VPN S2S VPN Internet
IPSEC VPN TERMINATED OUTSIDE FIREWALL Cannot be done using S2S VPN VPN terminated before NGFW, inside Virtual Gateway Appliance VPN
IPSEC VPN TERMINATED OUTSIDE FIREWALL Cannot be done using S2S VPN VPN terminated before NGFW, inside Virtual Gateway Appliance VPN OpenVPN
IPSEC VPN TERMINATED OUTSIDE FIREWALL Appliance plays the role of firewall and VPN Gateway VPN
DEVICE AUTHENTICATION USING CERTIFICATES Supported only for Point-to-Site VPN Site-to-Site VPN is connected directly to VPN hardware certificates
CASCADED VIRTUAL APPLIANCES Multiple virtual appliances connected together
VNET TO VNET CONNECTIVITY Peering – Fast and reliable VPN Gateway – More granular control of what goes in or out Peering / VPN Gateway
CENTRAL LOGGING DATA Activity Logs Azure Diagnostic Logs AAD Reporting VM and Cloud Services Storage Analytics Network Security Groups Application Insights Security Alert Configurable, +180 days, 90 days
MONITOR AND REACT - OMS
API AND INFRASTRUCTURE CHANGES CLOUD SERVICE PROVIDER CAN MAKE CHANGES ONLY AFTER THE NATURE OF CHANGE IS UNDERSTOOD AND A SECURITY ASSESSMENT IS DONE YES • Microsoft announce 12 months in advance any breaking changes at API or functionality level NO • Infrastructure and services change are done on the fly as long as the API or functionality is not altered
IDENTITY AND ACCESS MANAGEMENT
AZURE ACTIVE DIRECTORY
Mitigation
Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017
Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017

Recommended

Enterprise security in Practice
Enterprise security in PracticeEnterprise security in Practice
Enterprise security in Practice
Radu Vunvulea
 
Iuwne10 S04 L07
Iuwne10 S04 L07Iuwne10 S04 L07
Iuwne10 S04 L07Ravi Ranjan
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
Priyanka Aash
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
North Texas Chapter of the ISSA
 
Umbrella roaming-customer-facing
Umbrella roaming-customer-facingUmbrella roaming-customer-facing
Umbrella roaming-customer-facing
Ricardo Mendizabal
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
Dhruv Sharma
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 

Recommended

Enterprise security in Practice
Enterprise security in PracticeEnterprise security in Practice
Enterprise security in Practice
Radu Vunvulea
 
Iuwne10 S04 L07
Iuwne10 S04 L07Iuwne10 S04 L07
Iuwne10 S04 L07Ravi Ranjan
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
Priyanka Aash
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
North Texas Chapter of the ISSA
 
Umbrella roaming-customer-facing
Umbrella roaming-customer-facingUmbrella roaming-customer-facing
Umbrella roaming-customer-facing
Ricardo Mendizabal
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
Dhruv Sharma
 
Check point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitiveCheck point response to Cisco NGFW competitive
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
NetworkCollaborators
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protection
Dejan Jeremic
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
Mike Villiger
 
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco Canada
 
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB) Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
rkulandaivel
 
Cloud Management for WiFi networks
Cloud Management for WiFi networksCloud Management for WiFi networks
Cloud Management for WiFi networks
Tanaza
 
DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.
Emerasoft, solutions to collaborate
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
Zscaler
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
VMware Tanzu
 
SonicWall
SonicWallSonicWall
SonicWall
NEOTD Tech Events .
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
AlgoSec
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
Zscaler
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
Sophos Benelux
 
Moving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospitalMoving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospital
Zscaler
 
Migration to cisco next generation firewall
Migration to cisco next generation firewallMigration to cisco next generation firewall
Migration to cisco next generation firewall
IT Tech
 
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics OverviewRSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
Skybox Security
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
walk2talk srl
 
Trisul for Managed Security Service Providers
Trisul for Managed Security Service ProvidersTrisul for Managed Security Service Providers
Trisul for Managed Security Service Providers
trisulnsm
 

More Related Content

What's hot

Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
NetworkCollaborators
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protection
Dejan Jeremic
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
Mike Villiger
 
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco Canada
 
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB) Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
rkulandaivel
 
Cloud Management for WiFi networks
Cloud Management for WiFi networksCloud Management for WiFi networks
Cloud Management for WiFi networks
Tanaza
 
DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.
Emerasoft, solutions to collaborate
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
Zscaler
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
VMware Tanzu
 
SonicWall
SonicWallSonicWall
SonicWall
NEOTD Tech Events .
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
AlgoSec
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
Zscaler
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
Zscaler
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
Zscaler
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
Sophos Benelux
 
Moving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospitalMoving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospital
Zscaler
 
Migration to cisco next generation firewall
Migration to cisco next generation firewallMigration to cisco next generation firewall
Migration to cisco next generation firewall
IT Tech
 
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics OverviewRSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
Skybox Security
 

What's hot (20)

Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protection
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
 
Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...Cisco connect winnipeg 2018 accelerating incident response in organizations...
Cisco connect winnipeg 2018 accelerating incident response in organizations...
 
Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB) Cloud Access Security Broker (CASB)
Cloud Access Security Broker (CASB)
 
Cloud Management for WiFi networks
Cloud Management for WiFi networksCloud Management for WiFi networks
Cloud Management for WiFi networks
 
DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.DevSecOps: control and monitoring of zero-day vulnerabilities.
DevSecOps: control and monitoring of zero-day vulnerabilities.
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Making AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSHMaking AI based monitoring a platform feature with the power of BOSH
Making AI based monitoring a platform feature with the power of BOSH
 
SonicWall
SonicWallSonicWall
SonicWall
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
 
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
 
What Comes After VPN?
What Comes After VPN?What Comes After VPN?
What Comes After VPN?
 
Secure access to applications on Microsoft Azure
Secure access to applications on Microsoft AzureSecure access to applications on Microsoft Azure
Secure access to applications on Microsoft Azure
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
Moving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospitalMoving from appliances to cloud security with phoenix children's hospital
Moving from appliances to cloud security with phoenix children's hospital
 
Migration to cisco next generation firewall
Migration to cisco next generation firewallMigration to cisco next generation firewall
Migration to cisco next generation firewall
 
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics OverviewRSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
 

Similar to Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017

CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
walk2talk srl
 
Trisul for Managed Security Service Providers
Trisul for Managed Security Service ProvidersTrisul for Managed Security Service Providers
Trisul for Managed Security Service Providers
trisulnsm
 
Trisul for Managed Security Service Providers
Trisul for Managed Security Service ProvidersTrisul for Managed Security Service Providers
Trisul for Managed Security Service Providers
Vivek Rajagopalan
 
Genian NAC Overview
Genian NAC Overview Genian NAC Overview
Genian NAC Overview
GENIANS, INC.
 
ISE_2.1_BDM_v3a.pptx
ISE_2.1_BDM_v3a.pptxISE_2.1_BDM_v3a.pptx
ISE_2.1_BDM_v3a.pptx
Yaser330700
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
QOS Networks
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
laonap166
 
App gate sdp_use_case_secure_cloud_access
App gate sdp_use_case_secure_cloud_accessApp gate sdp_use_case_secure_cloud_access
App gate sdp_use_case_secure_cloud_access
Cristian Garcia G.
 
palo-alto-networks-sase-overview-deck.pptx
palo-alto-networks-sase-overview-deck.pptxpalo-alto-networks-sase-overview-deck.pptx
palo-alto-networks-sase-overview-deck.pptx
infoeliechahine
 
Securing the Internet of Things in Smart Buildings!
Securing the Internet of Things in Smart Buildings!Securing the Internet of Things in Smart Buildings!
Securing the Internet of Things in Smart Buildings!
Memoori
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
Larry Austin
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.
Priyanka Aash
 
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
Cristian Garcia G.
 
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – BarracudaProtección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Plain Concepts
 
ClearPass_Customer_Presentation
ClearPass_Customer_PresentationClearPass_Customer_Presentation
ClearPass_Customer_Presentation
RoanVillalobos1
 
Air defense services_platform_spec_sheet
Air defense services_platform_spec_sheetAir defense services_platform_spec_sheet
Air defense services_platform_spec_sheetAdvantec Distribution
 
Shadow IT
Shadow ITShadow IT
Shadow IT
Risk Analysis Consultants, s.r.o.
 

Similar to Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017 (20)

CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
 
Trisul for Managed Security Service Providers
Trisul for Managed Security Service ProvidersTrisul for Managed Security Service Providers
Trisul for Managed Security Service Providers
 
Trisul for Managed Security Service Providers
Trisul for Managed Security Service ProvidersTrisul for Managed Security Service Providers
Trisul for Managed Security Service Providers
 
Genian NAC Overview
Genian NAC Overview Genian NAC Overview
Genian NAC Overview
 
ISE_2.1_BDM_v3a.pptx
ISE_2.1_BDM_v3a.pptxISE_2.1_BDM_v3a.pptx
ISE_2.1_BDM_v3a.pptx
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
App gate sdp_use_case_secure_cloud_access
App gate sdp_use_case_secure_cloud_accessApp gate sdp_use_case_secure_cloud_access
App gate sdp_use_case_secure_cloud_access
 
palo-alto-networks-sase-overview-deck.pptx
palo-alto-networks-sase-overview-deck.pptxpalo-alto-networks-sase-overview-deck.pptx
palo-alto-networks-sase-overview-deck.pptx
 
Securing the Internet of Things in Smart Buildings!
Securing the Internet of Things in Smart Buildings!Securing the Internet of Things in Smart Buildings!
Securing the Internet of Things in Smart Buildings!
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
 
Ras pro
Ras proRas pro
Ras pro
 
Ras pro
Ras proRas pro
Ras pro
 
SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.SDN and Security: A Marriage Made in Heaven. Or Not.
SDN and Security: A Marriage Made in Heaven. Or Not.
 
2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a2019 10-app gate sdp 101 09a
2019 10-app gate sdp 101 09a
 
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – BarracudaProtección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
Protección y acceso a tu información y aplicaciones en Azure y O365 – Barracuda
 
Ad enterprise datasheet
Ad enterprise datasheetAd enterprise datasheet
Ad enterprise datasheet
 
ClearPass_Customer_Presentation
ClearPass_Customer_PresentationClearPass_Customer_Presentation
ClearPass_Customer_Presentation
 
Air defense services_platform_spec_sheet
Air defense services_platform_spec_sheetAir defense services_platform_spec_sheet
Air defense services_platform_spec_sheet
 
Shadow IT
Shadow ITShadow IT
Shadow IT
 

Recently uploaded

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 

Recently uploaded (20)

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 

Azure Enterprise Security in Practice Radu Vunvulea Codecamp Cluj Napoca Nov 2017

Editor's Notes

  1. Images: https://pixabay.com/en/snail-slug-shell-animal-nature-918899/ https://pixabay.com/en/chain-rust-iron-metal-macro-rusty-566778/ https://pixabay.com/en/directory-traffic-note-shield-road-641914/
  2. https://docs.microsoft.com/en-us/azure/security/azure-log-audit Activity Logs - config Azure Diagnostic Logs - config AAD Reporting – 180 days VM and Cloud Services - config Color map: Configurable +180 days 90 days Storage Analytics - config Network Security Groups – 1 year Application Insights – 90 days Security Alert - config
  3. Migrate to on-prem
  4. https://azure.microsoft.com/en-us/blog/an-introduction-to-eai-bridges/
  5. https://azure.microsoft.com/en-us/blog/an-introduction-to-eai-bridges/
  6. Picture source: https://pixabay.com/en/sting-free-snuff-snuff-2-in-1-snuff-2526043/