Secure and protect your virtual machines
- Encrypt your sensitive data
- Help protect virtual machines from viruses and malware
- Help secure network traffic
- Identify and detect threats
- Meet compliance requirements
Help protect your virtual machines from viruses and malware
Use antimalware software from major security vendors such as Microsoft, Symantec, Trend Micro, McAfee, and Kaspersky to help protect your virtual machines from malicious files, adware, and other threats. Remotely install, configure, and maintain antimalware solutions on your virtual machines through the Azure portal, Azure PowerShell, and from the command line.
Help secure sensitive data on your virtual machines
Your data is critical to your business—and to us. So we monitor it 24/7, and build datacenters designed to shelter your data and services from unauthorized access. For extra protection, we also offer industry-leading encryption solutions from CloudLink and Trend Micro for your virtual machines and all of the data on them. Plus, for real-time application-level protection, use transparent data encryption with Microsoft SQL Server.
Centralize keys and secrets with Key Vault
Simplify the management and security of your critical secrets and keys by storing them in Azure Key Vault. Key Vault provides the option to store your keys in hardware security modules (HSMs) certified to FIPS 140-2 Level 2. Your SQL Server encryption keys for backup or transparent data encryption, and your CloudLink SecureVM keys, can all be stored in Key Vault with any keys or secrets from your applications. Manage the permissions and access to these protected items through Azure Active Directory.
Encrypt your Linux and Windows virtual machine disks
Azure Disk Encryption helps you address organizational security and compliance requirements, by encrypting your virtual machine disks with keys and policies that you control in Azure Key Vault. Azure Disk Encryption enables you to encrypt your virtual machine disks, including the boot and the data disks. The solution works for Linux and Windows operating systems, and it uses Key Vault to help you safeguard your disk encryption keys, manage key access policies, and audit use of your keys. All of the data in the virtual machine disks are encrypted at rest, using industry-standard encryption technology in your Azure Storage accounts. The Azure Disk Encryption solution for Windows is based on proven Microsoft BitLocker Drive Encryption, and the Linux solution is based on dm-crypt.
Azure Disk Encryption is only available on standard tier virtual machines, and is not supported for DS-Series virtual machines (premium storage tier).
Build more compliant solutions
Azure Virtual Machines is certified for the Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS) Level 1, and other key compliance programs—which makes it easier for your Azure applications to meet compliance requirements, and for your business to address a wide range of domestic and international regulatory requirements.
Shield network traffic from threats
Use Azure Virtual Network to create a highly-secure VPN connection to your virtual machines—or bypass the Internet entirely with a private Azure ExpressRoute connection. Use Virtual Network to isolate network traffic between applications and get more control over your network configuration, including subnets and preferred Domain Name System (DNS) IP addresses. Set access controls on your endpoints to help prevent unauthorized access, and take advantage of the Azure Marketplace for easy-to-deploy web application firewalls from partners including aiScaler, Alert Logic, Barracuda Networks, Check Point, and Cohesive Networks.