This document discusses various compute security topics for hardening endpoints and hosts, including using Azure Security Center to protect endpoints from attacks, implementing privileged access workstations, creating virtual machine templates to improve consistency and security, and how Security Center provides recommendations for security settings, updates, and threat detection. It also mentions demonstrating Azure Firewall and provides a reference link for further information.

1. Compute Security
Host Security

2. Hello!
I am Eng Teong Cheah
Microsoft MVP
2

3. Host Security
3

4. Endpoint Protection
4
◎ Endpoint systems interact directly with users
◎ Endpoints systems are typically vulnerable to security
attacks
◎ Azure Security Center provides the tools you need to
harden your services, and solidify your security
posture

5. Privileged Access Workstations
5
◎ Separate dedicated administrative accounts and
workstations
◎ Protects from internet attacks and threat vectors
phishing attacks, application and OS vulnerabilities,
and credential theft attack
◎ Appropriate for accounts with access to high value
assets – Administrators and High Sensitivity
Information Workers

6. Virtual Machine Templates
6
◎ Improves consistency
◎ Express complex deployments
◎ Reduce manual, error prone tasks
◎ Express requirements through code
◎ Promotes reuse
◎ Modular and can be linked
◎ Simplifies orchestration
◎ Enforces security concerns

7. Security Center Host Recommendations
7
◎ (OS) security settings with the recommended
configuration rules
◎ System security and critical updates that are missing
◎ Endpoint protection recommendations
◎ Disk encryption validation
◎ Vulnerability assessment and remediation
◎ Threat detection

8. Demostrations
Azure Firewall
8

9. Thanks!
Any questions?
You can find me at:
@walkercet
9

10. References
◎ https://docs.microsoft.com/en-us/
10