Azure Security Center offers integration with various 3rd party security solutions which provide a unified view for alerting and monitoring of your Azure and non-Azure workloads. For integrated partner solutions, Security Center scans Azure resources and provides recommendations to install the solution while automating the deployment. In addition to these features, we are excited to announce the general availability of auto discovery of partner solutions that have already been deployed in the subscription.
Security Center will now automatically discover partner solutions for Next-Generation Firewalls (NGFW) and Web Application Firewalls (WAF), prompting connection while allowing the integration of logs and alerts. Discovered partner solutions will be displayed in security solutions panel. To allow interoperability with many security vendors, Security Center supports log ingestion using industry standard Common Event Format (CEF) on top of Syslog messages.
Once integrated, Security Center provides visibility into the health of partner solutions and provides links to its management console. Partner solution logs are indexed and stored in customer workspace, they are also enriched with threat intelligence to help with security investigations. Partner solution logs are available to setup custom alerts and be displayed in Security Center alerts page. Custom alerts allow user defined queries to scope the type of alerts to be displayed in Security Center.
To learn more about this feature in security center, visit our documentation.