Azure Security Center
This course covers the following Azure Security Center topics:
- Preventing and responding to security threats with Azure Security Center
- Configuring a security policy
- Assessing the security of resources
- Protecting your resources with Azure Security Center
- Managing VM access
Based on the security policies that are enabled, Security Center provides a set of security recommendations as needed.
Assess resource security by reviewing the recommendations made. Generally, starting with virtual machines and applications. To do this, browse to the Security Center dashboard. Ensure overview opens and then click compute and apps under resource security hygiene. From this overview tab, you can review all recommendations by severity with anything in red being high severity. While some recommendations can be remediated directly from Security Center, other recommendations have only guidelines to apply the remediation such as the missing disc encryption recommendation. You can see here it offers remediation steps and instructions.
Click through each recommendation to see how each issue can be remediated. To dig down further into the recommendations, you can browse each of these tabs here along the top. Clicking on VMs and computers reveals recommendations that are specific to virtual machines and computers while the VM scale sets tab reveals recommendations for any scale sets within your subscription.
As you can see here, you can do the same for cloud services, app services, containers and compute resources. The compute resources tab reveals recommendations for things like event hubs, automation accounts, service busts and other compute resources. After addressing all recommendations for compute and apps, move onto networking by clicking networking under the resource security hygiene section.
As was the case with compute and apps, the networking recommendations page defaults to the overview page. This page presents you with a clickable network topology map that shows risky resources in the subscription. You are also presented with information on adaptive network hardening. When you click the adaptive network hardening tile, you're presented with information about overly permissive network security groups as well as network security rules along with recommendations for hardening them.
Going back out to the overview page allows you to click the VNet tab to see recommendations that are specific to individual virtual networks. After remediating outstanding network issues, move onto IoT hubs and resources and then onto data and storage. The data and storage page contains recommendations revolving around auditing for Azure SQL servers and databases, storage accounts, write as cache, Data Lake analytics and Data Lake store. Obviously, if these workloads don't exist in your environment, you won't see any recommendations for them.
Just like the other resource recommendations, some data and storage recommendations will provide integrated remediation options while some other recommendations will not. Continue working through each recommendation and remediate them as you progress until all outstanding issues are resolved.
In this demonstration, you learned about the assessment of your workloads with Security Center. You learned how to assess security for compute, apps, networking, scale sets, SQL, storage, IoT and application resources.
About the Author
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.