Security is built into Microsoft Azure from the ground up, and we make strong commitments about the privacy and sovereignty of your data. But of course that’s just the foundation.
On top of that, you must ensure that the right protections are in place for all of the resources your organization deploys on Azure. This requires that the needed security controls be configured and continuously monitored. And even with the best security in place, attackers will continue to innovate – targeting your organization with increasingly sophisticated attacks.
Today, we are very excited to announce Azure Security Center—a new Azure service that gives you visibility and control of the security of your Azure resources without impeding agility, and helps you stay ahead of cyber threats even as they evolve.
Gain visibility and control
As resources are deployed in the cloud, the IT security team is accountable to keep corporate data protected—but ownership of cloud infrastructure and applications is increasingly distributed across the organization. Azure Security Center provides a central view of security across all your Azure subscriptions with live monitoring of security configurations.
At a glance, you can verify your organization’s Virtual Machines are up to date, configured according to recommended baselines, and running antimalware; that your Virtual Networks are configured with Network Security Groups or Access Control lists; that your SQL databases are encrypted and auditable; and other controls defined by your security policies are in place and operational.
For resource owners eager to take advantage of the speed and agility of the cloud, Azure Security Center constantly analyzes the security of their deployments (even as they change) and creates policy-driven recommendations. These recommendations guide resource owners through the process of implementing needed security controls. This includes the deployment of security solutions from partners, like web application and next generation firewalls and antimalware solutions, which can now be achieved in just a few clicks. This significantly streamlines the process of provisioning partner solutions – making it easy for organizations to bring their trusted vendors with them to the cloud.
We are pleased to be working with the security vendors like Barracuda, F5 Networks, Cisco, Fortinet, Checkpoint, Trend Micro, Imperva, Incapsula and CloudFlare as we build out a robust ecosystem of integrated security partners.
For example, Trend Micro has extended its support for Azure by integrating its Deep Security product with Azure Security Center. “Security in the cloud is a shared responsibility. As customers embrace Azure, they need easy-to-manage security to protect their workloads from malware and network attacks as well as ensuring compliance. With the Azure Security Center, it has never been easier to benefit from Deep Security,” said Bill McGee, senior vice president, cloud and data center security, Trend Micro.
Keep up with cyber threats
Microsoft operates millions of servers that run some of the world’s largest online properties. That gives us a unique—and incredibly broad—set of global threat intelligence and expertise that we can use to help you detect cyber threats. Security-related events from your Azure resources, the network, and integrated partner solutions are automatically collected and analyzed using Microsoft global threat intelligence and expertise to identify cyber-attacks.
For example, Azure Security Center uses machine learning to understand typical network traffic patterns for your deployments, and as a result can effectively detect when remote access attempts are being executed by bad actors instead of legitimate users. The IP address of those bad actors is then used to help detect attacks against other customers. Azure Security Center can also analyze outbound traffic and leverages threat intelligence sourced from the Microsoft Digital Crimes Unit to detect when resources are communicating with malicious IP addresses like command and control centers. It can also alert you to suspicious actions on Virtual Machines that indicate an attack is in progress. Should an incident occur, security alerts offer insights into the attack and suggest ways to remediate. Security data and alerts can also be piped to your Security Information and Events Management (SIEM).
Deploy with confidence
Our deep commitment to security, from development to operation to infrastructure, includes helping you secure the resources you deploy on Azure. Our goal is to make Azure a trusted cloud, where you can deploy with confidence. Customers like Metro Bank, participating in the private preview, are already experiencing security benefits:
“At Metro Bank we take our customers’ security very seriously. Azure Security Center provides us with the visibility and control we need to keep our Azure resources secure and compliant.” - Luis Aguiar, infrastructure delivery team leader at Metro Bank
We look forward to making the service more broadly available later this year. As more customers begin using the service and we continue leveraging additional internal threat analysis, Azure Security Center will evolve to address an even wider array of threats. We are excited to start this journey into a new era of cloud security.