Recommended
More Related Content
What's hot
What's hot (20)
Similar to Azure Security and Management
Similar to Azure Security and Management (20)
Recently uploaded
Recently uploaded (20)
Azure Security and Management
- 5. SECURE
- 16. You need all three High availability When your applications have a catastrophic failure, run a second instance Disaster recovery When your applications have a catastrophic failure, run them in Azure or a secondary datacenter Backup When your data is corrupted, deleted or lost you can restore it
- 17. Any OSWindows Linux Site to Azure Site to Site
- 18. High availability mode AvailabilitySetAvailabilitySetAvailabilitySet Multi-tiered with Availability Set Load balancers Public IP connectivity SQL Always On
- 19. AvailabilitySetAvailabilitySetAvailabilitySet Enable Replication App1 App2 Web1 Web2 Failover AvailabilitySetAvailabilitySet
- 21. Desired State Configuration (DSC) - Proactively respond to configuration drift by defining a baseline for your environment - Deliver Infrastructure as code - Flexible Delivery • Apply and monitor • Apply and autocorrect - Detailed reporting and diagnostics at a per resource level - Available for both Windows & Linux Change Tracking & Inventory - Track changes made to your system - Valuable for root-cause analysis - Collect & search inventory and history - Available for both Windows & Linux - Windows • Software • Services • Files • Registry - Linux • Software (Packages) • Daemons • Files Key Features Configure any cloud or on premise machine Windows & Linux Desired State Configuration Change Tracking Inventory On- Premises Datacenter Azure AWS & Service Providers
- 22. View snapshots for: • Software • Files • Daemons/services • Registry values Key Features: • Spans across Windows & Linux • Use data to create computer groups • Browse historical data
- 24. View changes for: • Software • Files • daemons/services • registry values • Azure activity log (New*) Scenarios: • Identify unauthorized changes • Correlate configuration changes with monitoring events • Create an alert & remediate on change • Reporting for package/software updates • Browse historical changes for diagnosis and forensics
- 26. Automated configuration management from the cloud • Manage physical hosts and VMs in any cloud or on-premises • Windows or Linux • Configuration setting and reporting • Easily attach Azure VMs from portal, ARM Template, or extension Powered by PowerShell DSC PowerShell (PS) DSC configuration, node configuration (MOF), node, and resource management • Import configurations & modules (from PS Gallery or custom) • Author • Compile • Distribute to nodes • View granular and high-level configuration compliance reports • Easy node onboarding Deploy, enforce, and monitor configuration compliance
- 29. Configuration (script) DSC Resources Authoring Azure VM Physical server On-prem VM MOF MOF Node Configuration (MOF) Zip Zip Zip Rest Endpoint Staging Reports
- 31. ARM Template CloudFormation synced with source control imported compiled
- 33. Unified visibility and deploymentReliable, highly available, scalable - Flexible scheduling options - ConfigMgr Update Azure & non-Azure Windows & Linux Update Insights Update Deployments Azure Update Management AWS& Service Providers Hyper-V VMWare OpenStack On-Premises
- 35. omsagent Omsconfig (DSC) Linux vendor s • Advanced reporting (classification, severity, CVE, bulletinURL etc) • Consolidation of the package classification 2 1
- 36. Amazon Linux • 2015.09 – 2017.09 Debian GNU/Linux • 6 (x86/x64) • 7 (x86/x64) • 8 (x86/x64) Oracle Linux • 5 (x86/x64) • 6 (x86/x64) • 7 (x64) Red Hat Ent. Linux • 5 (x86/x64) • 6 (x86/x64) • 7 (x64) SUSE Linux Enterprise Server • 11 (x86/x64) • 12 (x64) Ubuntu Server • 12.04 LTS (x86/x64) • 14.04 LTS (x86/x64) • 15.10 (x86/x64) • 16.04 (x86/x64) CentOS • 5 (x86/x64) • 6 (x86/x64) • 7 (x64) (Currently supported) (future planned) Legend
- 38. Monitoring and Logging AZURE: • Performs monitoring & alerting of security events for the platform • Enables security data collection via Monitoring Agent or Windows Event Forwarding CUSTOMER: • Configures monitoring • Exports events to SQL Database, HDInsight or a SIEM for analysis • Monitors alerts & reports • Responds to incidents Azure Storage Customer Admin Guest VM Cloud Services Customer VMs Portal Smart API Guest VM Enable Monitoring Agent Events Extract event information to SIEM or other Reporting System Event ID Computer Event Description Severity DateTime 1150 Machine1 Example security event 4 04/29/2014 2002 Machine2 Signature Updated Successfully 4 04/29/2014 5007 Machine3 Configuration Applied 4 04/29/2014 1116 Machine2 Example security event 1 04/29/2014 1117 Machine2 Access attempted 1 04/29/2014 SIEM Admin View Alerting & reporting HDInsight Microsoft Azure https://www.microsoft.com/en-us/trustcenter/security/auditingandlogging
- 39. Full Stack Monitoring & Analytics across Apps and Infra Application Insights Scenario Specific Monitoring – Customized Data Ingestion & Diagnostics Log Analytics Service Map Container Health …Network Performance Monitor Monitoring Fundamentals – Available out of the box with Azure Platform Activity LogsDiagnostic Logs Service HealthMetrics Dashboards Alerts Action Groups Autoscale Unified pricing model Only pay what you use Data ingestion per GB
- 41. • Diagnosing across app stack is hard unless various perspectives connected • New and powerful big data query engine for all your app telemetry and root-cause analysis • Ad-hoc queries and full-text search helps answer tough questions instantly
- 42. • Simple, powerful SQL like language much easier for complex queries • Filter, join and correlate data to gain performance & usage insights • Extract and extend your data to create new calculated data fields • Generate statistical aggregations and powerful visualizations instantly
- 43. Visual Studio 2015 (Update 2) Visual Studio Team Services
- 44. • Open Source SDKs to power insights for any web app • Continuously export data to Azure Blob Storage or SQL • Visualize data with Power BI Content Pack • Data access via REST APIs*
Editor's Notes
- 25% of VMs on Azure are already using Azure Backup. Only 10% are secure! Only 10% are monitored
- Azure can help by reducing the challenges of cost and complexity, while helping add coverage and compliance. Let’s drill into more details. Microsoft Azure provides customers peace of mind knowing their workloads are protected from any disaster without having to build and maintain a secondary datacenter or relying on backup. Azure delivers cloud services that extend to your datacenter to protect your infrastructure, transforming your business with a true hybrid solution. Reducing costs Customers do not have to pay for infrastructure, the power to run and cool machines, or IT personnel to manage machines, saving customers from paying to maintain a secondary data center Managing complexity Customers can leverage automation to enable the true power of recovery plans and allow you to failover your workloads with a click of a button, removing the guest work and stress involved in a disaster Ensuring compliance Disaster recovery is no longer constrained by geographical barriers. The disaster recovery site can be from any one of our Azure regions around the world. (Or asking for something like the quick restoration of workloads allows customers to gather necessary information to meet compliance deadlines) Scaling protection ASR provides rich capabilities to quickly replicate virtual and physical machines a customer’s own secondary on-premises site or Azure
- Azure can help by reducing the challenges of cost and complexity, while helping add coverage and compliance. Let’s drill into more details. Microsoft Azure provides customers peace of mind knowing their workloads are protected from any disaster without having to build and maintain a secondary datacenter or relying on backup. Azure delivers cloud services that extend to your datacenter to protect your infrastructure, transforming your business with a true hybrid solution. Reducing costs Customers do not have to pay for infrastructure, the power to run and cool machines, or IT personnel to manage machines, saving customers from paying to maintain a secondary data center Managing complexity Customers can leverage automation to enable the true power of recovery plans and allow you to failover your workloads with a click of a button, removing the guest work and stress involved in a disaster Ensuring compliance Disaster recovery is no longer constrained by geographical barriers. The disaster recovery site can be from any one of our Azure regions around the world. (Or asking for something like the quick restoration of workloads allows customers to gather necessary information to meet compliance deadlines) Scaling protection ASR provides rich capabilities to quickly replicate virtual and physical machines a customer’s own secondary on-premises site or Azure
- Gain visibility into health, performance and utilization of your platform, apps, and workloads, no matter where they reside and get time back to focus on the initiatives that matter the most to you and your organization. Azure provides monitoring and analytics as a SaaS offering, so you can get started quickly without any infrastructure overhead. It is designed to manage your development and IT operations workflows through a unified experience. It can connect to any data source and leverage your existing management tools, both on-premises and in the cloud. You will bridge the gap between app and infrastructure with the automated discovery and mapping of the dependencies across servers, processes, and 3rd party services. You can query at cloud scale and gain immediate insight by correlating and analyzing petabytes of machine data. With built-in solutions and machine learning algorithms baked into the service, you can detect and fix issues, before it impacts users - no matter what type of platform, or which public cloud service you use. Key benefits Collect and correlate data from multiple sources, enabling integrated monitoring and diagnostics of the cloud and on-premises environment, across multi-vendor solutions Discover application components and map their connections across servers, processes, and ports, for complete visibility of multi-tier services Visualize and alert on the health, performance and utilization of your resources, no matter where they reside and accelerate troubleshooting of issues Detect and respond to issues before they impact your users, with continuous monitoring across development and IT operations workflows. Learn, iterate, and improve the performance and usability of your apps and services using real-time insights with machine learning and ad-hoc analytics
- Talk through the investments of what MSFT/Azure sees as important for enterprise cloud management platform The combination together is powerful. Truly integrated capabilities SaaS management and security. To be successful in the Cloud era, enterprises must have visibility/metrics and controls on every component to pinpoint issues efficiently, optimize and scale effectively, while having the assurance the security, compliance and polices are in place to ensure the velocity. Native Security and Management in Azure Enterprise grade capabilities natively from the cloud provider Azure Integrated and interconnected across data and experiences Management capabilities included with the flexibility to increase or choose 3rd party Can make the point that for those familiar with OMS these were the foundation for what we now have natively within Azure. 5 main areas: Secure: While Azure is trusted and secure platform, you as a customer have your own security settings you need to manage. You also need to be able to protect your individual machines against threats and monitor the security posture of your system. Protect: Your VMs and applications in the cloud need to be backed up and protected in the event of data loss. With disaster recovery from on-prem to the cloud, or from one cloud to another, you can avoid downtime and keep your applications up and running. Monitor: Every operations manager and every developer needs to be able to see the health and performance of their applications, infrastructure, and network. And seeing insights across all three together in a single dashboard can save time and resources in troubleshooting and preventing issues in the future. Configure: For managing Azure and hybrid workloads at scale, automation and configuration capabilities help you create runbooks to automate tasks, manage the configuration settings and track changes, and monitor and deploy missing updates. Additionally in Azure you can use PowerShell and Cloud Shell for command line scripting. Govern: Many customers need a way to look across cloud resources to assess and enforce enterprise-wide standards and policy compliance for security and management. In addition, they need to manage and monitor costs for the cloud. We recently acquired Cloudyn, a multi-cloud cost management solution to help our customers with this challenge.
- Key investment themes
- Site Recovery Benefits: Automated VM level Replication RPO of seconds and RTO of minutes No impact DR Drills with Test Failover Planned and unplanned failover Orchestrated Recovery Plans for Disaster Recovery Failback support Migrate to Azure from anywhere Create on-demand test copies in Azure
- 39
- There are a bunch of interesting new capabilities so lets get started with the first area: Intelligent APM As modern app developers, we all know how crucial it is to detect, triage and diagnose problems before they start affecting our customers. With Application Insights you get all the tools to make your diagnostics experience smarter and find and fix problems before your customers know it! Detect: One of the most crucial things is to be able to detect issues as soon as they happen, and be alerted instantaneously. However, the issue with alerts is that it requires you to have a threshold and more often than not, you don’t have any idea. Moreover, in the complexity of modern app architecture, even an army of analysts sitting in front of a dashboard cannot detect all the different things that can go wrong. That is where proactive diagnostics come into play. With our Machine Learning based technology, you can be alerted on real time service disruptions and anomalous patterns in your app performance and behavior, with thresholds constantly evolving based on your app architecture and performance patterns. With dashboards you can pin all the charts and KPIs across your Azure resources at a single place and share with your colleagues. You can also take advantage of the new live stream metrics to see what is going on with your application metrics at this right very moment. Triage: Once you detect an issue, the next thing is to figure out its impact and whether it is priority enough to solve right now. With Application insights you can find out the real user impact of any exception and take decisions accordingly. With the new Application Map you can automatically detect your application topology across dependencies and client & server side components. You can find the impact assessment and click through to underlying Azure resources to find the right information. Diagnose: Once you decide to fix an issue, you need all the context to solve it, and with our out-of-the box telemetry collection, you will have all the data you need. What’s more, if you are developing Azure Cloud Services or App Services, you can get much deeper diagnostics information, covering some of the role lifecycle issues and other performance problems. Operationalize: Once you have been through the Detect, Triage & Diagnose cycle, you can set up your own custom alerts based on the thresholds you discovered and keep being on top of things!
- OK! So, lets get to our next area: Analytics As we mentioned in the beginning, Analytics is a new capability in Application Insights we just announced at Build. And, I should say it is one of my most favorites. In a modern app architecture with various tiers and components, it is often very difficult to diagnose problems or gaps across the entire app stack unless you can connect the various perspectives. With our new big data query engine, you can do that very easily and find all the answers to do the root-cause analyses. You can ask ad-hoc queries across your entire app telemetry and even do full text search to discover the right data sets.
- What powers the Analytics experience is a powerful query language we launched as well. Read through the points… And the best thing with Application Insights is that since we collect telemetry across your application stack, you can correlate data across your Service Performance, Business Metrics and Customer Experience and generate unique insights helping you answer tough questions almost instantly. To put it in perspective, some very high scale Microsoft services are using it today sending us Terabytes of data over which they can get answers to their queries in as little as a few seconds. E.g. internally the service ingests over 1 trillion events and 600TB a day of log data across hundreds of Microsoft cloud services. Yes, 600TB a day – that’s many petabytes of retained log storage in just one month.
- Lets switch gears to our 3rd area: DevOps. As developers we would be using one or the other dev environment and have some DevOps workflows that we would be using! Having the diagnostics experience integrated with our existing practices makes it so very easy and useful! If you use Visual Studio or Visual Studio Team Services, there are a bunch of integration points that you can take advantage of.
- What also makes Application Insights powerful is how it is designed to be flexible and extensible to help you get insights suited to your particular needs.