image
Tools for Configuring Security Baselines
Start course
Difficulty
Intermediate
Duration
1h 26m
Students
7477
Ratings
4.6/5
Description

This course covers how to implement Azure network security. Through a combination of both theory and practical demonstrations, you will learn how to create and configure a range of Azure services designed to keep your network secure.

This includes topics such as virtual network connectivity, the Azure Front Door Service, NSG configuration, Azure firewall configuration, and application security groups. The course then moves on to the configuration of remote access management via just-in-time access and tools that are used to configure baselines.

We’d love to get your feedback on this course, so please give it a rating when you’re finished. If you have any queries or suggestions, please contact us at support@cloudacademy.com.

Learning Objectives

  • Understand how to implement Azure network security
  • Learn about the various Azure services and methodologies available to secure your network

Intended Audience

This course is intended for IT professionals who are interested in earning Azure certification and for those who work with Microsoft Azure on a daily basis.

Prerequisites

To get the most from this course, you should have at least a basic understanding of Azure network resources such as virtual networks, Azure firewalls, and network security groups.

 

Transcript

Hello, everyone, and welcome back. Let's talk a little bit about security baselines. Microsoft Azure doesn't monitor for, or respond to, any security incidents that are considered to be within the customer's area of responsibility. Instead, Azure provides tools like Azure Security Center that are intended for this purpose. Although Microsoft makes every effort to make every service as secure as possible by default, there is no way to predict how each customer will use each service. That being the case, you really need to review these security controls to ensure that they mitigate risks adequately.

Every Azure service comes with a default baseline that is already designed to provide security for most common uses. However, each customer is responsible for creating its own set of baselines to ensure adequate protection.

Now, because every environment is different, I'm not going to try telling you how to create a security baseline, because what I tell you might not fit your specific environment. Instead, we're going to talk a little bit about the tools that are available to you for configuring security baselines.

Let's start with the Azure Portal and Azure Resource Manager. These tools are most useful for creating resources and for applying access controls to those resources. These tools can also be used to secure virtual networks and to configure backups and disaster recovery options.

Azure Key Vault can be used to encrypt virtual drives as well as PaaS storage and databases. Azure Active Directory provides the identity management platform that's used to apply access controls to resources within Azure. It's also used to manage hybrid identity services.

Azure Policy is used to secure virtual networks and to restrict allowed types of resources. It can also be used to enforce geo-regional restrictions. Using Security Center, organizations can monitor the security health of networks and resources, and to detect malicious activity. Security Center also preemptively detects vulnerabilities. And like Azure Security Center, Azure Monitor can also be used to detect malicious activity within your environment.

Understanding these tools and how to use them will allow you to create security baselines that fit your organization.

About the Author
Students
90312
Courses
89
Learning Paths
56

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.