Security

Secure and protect your virtual machines

Help protect your virtual machines from viruses and malware

Use antimalware software from major security vendors such as Microsoft, Symantec, Trend Micro, McAfee, and Kaspersky to help protect your virtual machines from malicious files, adware, and other threats. Remotely install, configure, and maintain antimalware solutions on your virtual machines through the Azure portal, Azure PowerShell, and from the command line.

Learn more about Microsoft Antimalware for Azure Cloud Services and Virtual Machines

Help secure sensitive data on your virtual machines

Your data is critical to your business—and to us. So we monitor it 24/7, and build datacenters designed to shelter your data and services from unauthorized access. For extra protection, we also offer industry-leading encryption solutions from CloudLink and Trend Micro for your virtual machines and all of the data on them. Plus, for real-time application-level protection, use transparent data encryption with Microsoft SQL Server.

Read the Microsoft white paper Protecting Data in Microsoft Azure

Centralize keys and secrets with Key Vault

Simplify the management and security of your critical secrets and keys by storing them in Azure Key Vault. Key Vault provides the option to store your keys in hardware security modules (HSMs) certified to FIPS 140-2 Level 2. Your SQL Server encryption keys for backup or transparent data encryption, and your CloudLink SecureVM keys, can all be stored in Key Vault with any keys or secrets from your applications. Manage the permissions and access to these protected items through Azure Active Directory.

Learn more about Key Vault

Encrypt your Linux and Windows virtual machine disks

Azure Disk Encryption helps you address organizational security and compliance requirements, by encrypting your virtual machine disks with keys and policies that you control in Azure Key Vault. Azure Disk Encryption enables you to encrypt your virtual machine disks, including the boot and the data disks. The solution works for Linux and Windows operating systems, and it uses Key Vault to help you safeguard your disk encryption keys, manage key access policies, and audit use of your keys. All of the data in the virtual machine disks are encrypted at rest, using industry-standard encryption technology in your Azure Storage accounts. The Azure Disk Encryption solution for Windows is based on proven Microsoft BitLocker Drive Encryption, and the Linux solution is based on dm-crypt.

Azure Disk Encryption is only available on standard tier virtual machines, and is not supported for DS-Series virtual machines (premium storage tier).

Learn more about Azure Disk Encryption

Build more compliant solutions

Azure Virtual Machines is certified for the Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS) Level 1, and other key compliance programs—which makes it easier for your Azure applications to meet compliance requirements, and for your business to address a wide range of domestic and international regulatory requirements.

Learn more about Azure compliance certifications

Shield network traffic from threats

Use Azure Virtual Network to create a highly-secure VPN connection to your virtual machines—or bypass the Internet entirely with a private Azure ExpressRoute connection. Use Virtual Network to isolate network traffic between applications and get more control over your network configuration, including subnets and preferred Domain Name System (DNS) IP addresses. Set access controls on your endpoints to help prevent unauthorized access, and take advantage of the Azure Marketplace for easy-to-deploy web application firewalls from partners including aiScaler, Alert Logic, Barracuda Networks, Check Point, and Cohesive Networks.

Learn more about Virtual Network

Get started with ExpressRoute

How to control access to virtual machine endpoints

Read the Azure Network Security white paper

Create a virtual machine in seconds