Microsoft

A Guided Tour of Azure Security Center and Governance Services

digital data cloud

Security and governance are the cornerstones of foundational cloud implementation. Microsoft provides powerful services to support deploying, integrating, operating, governing and securing cloud environments to meet any organization’s unique requirements. Whether your organization uses Azure Platform as a Service (PaaS) or Azure Infrastructure as a Service (IaaS), Azure Security Center is a centralized and unified security management service for your cloud environment.

The Azure Security Center is responsible for continuously scanning your Azure resources. Security Center provides recommendations so administrators and developers can act immediately and proactively to protect their environment. Its functionality can also extend to hybrid environments by installing agents on your on-premises virtual machines or resources on other clouds.

Security Center is natively embedded in all Azure services and integrates with Azure Advisor to provide a unified experience for securing your entire Azure environment.Azure Security Center Architechture

Azure Advisor

Azure Advisor scans the cloud environment and provides personalized recommendations including resource optimizations and security-based recommendations. It’s worth noting that those security-based recommendations are provided by Security Center itself, hence you can review your recommendations directly in Security Center or you can act and review them in Azure advisor.Azure Advisor

In the above diagram you can see that there are two Azure subscriptions along with recommendations and security alerts to review. Below that is the Secure Score, which provides a high-level overview of the overall status for how secure your environment is (the higher the score the more secure your environment). On the right-hand side are Insights, providing the most impactful recommendations that you should attend to first.

Azure Defender Panel

The Azure Defender panel is part of the paid version of Azure Security Center and provides additional alerts, threat detection, vulnerability assessments, just-in-time (JIT) access and more. The pricing is flexible, allowing you to select the proper resources and only pay for those you want to protect.

The Regulatory Compliance panel gives recommendations based on the most common compliance standards across industries.Azure Defender Panel Recommendations

In the image above, the top recommendation indicates that by enabling MFA (multi-factor authentication) for owner accounts, the Secure Score will increase by 18%.

Security Alerts

Security Alert

Security Alerts display the security alerts generated by Security Center. Each alert contains a description and current status, as well as the severity, which indicates the business impact and how urgent it is to take action. In the ‘Take Action’ tab, you’ll find a list of recommendations to mitigate the threat or prevent future attacks based on the most popular recommendations from Azure Security Center.

Security Inventory

Security Inventory

Security Center’s Inventory tab offers another way of looking at recommendations from the perspective of specific Azure and on-premises resources. Listed here are the protected resources in your Azure subscriptions and their overall health. If you decide to install Security Center agents in your on-premises environments, these will also be listed.

Pricing Structure

There are two tiers available for Security Center. The free version is included with all Azure services and provides continuous assessment, a Security Score and actionable security recommendations. Even with a trial version of Azure, you are benefitting from environment protection with access to Security Center.

Azure Security Center Free Tier by default disables Azure Defender.  The paid version enables Azure Defender – giving you additional capabilities like hybrid security, protection powers, vulnerability scanning for virtual machines, just-in-time (JIT) access for the virtual machines and more.

Why Perficient?

As a Microsoft Gold and VMware partner, we’re uniquely positioned to deliver application transformations using Java, open source, .NET, VMware Tanzu, and the Microsoft Azure platform. We’ve helped clients across industries develop strategic solutions and accelerate innovative cloud projects. Plug into our cloud, development, and application platform expertise to increase developer velocity and shorten delivery cycles.

Ready to advance your app innovation and modernization journey? Contact our team about this solution.


READY TO GROW YOUR CAREER?

At Perficient, we continually look for ways to champion and challenge our talented workforce with interesting projects for high-profile clients, encourage personal and professional growth through training and mentoring, and celebrate our people-oriented culture and the innovative ways they serve Perficient and the community.

Learn more about what it’s like to work at Perficient at our Careers page. See open jobs or join our talent community for career tips, job openings, company updates, and more!

Go inside Life at Perficient and connect with us on LinkedInYouTubeTwitter, and Instagram.

About the Author

Ajinkya Gadge has over 2 years of IT experience and looks forward to writing many blogs for Perficient.

More from this Author

Thoughts on “A Guided Tour of Azure Security Center and Governance Services”

  1. Suraj Singh Thakur

    Great work!!! Ajinkya, this will surely helpful in compliance planning of Security and Governance services.

  2. Prathmesh Wanjari

    Okay, means if I have to use vulnerability scanning for virtual machines I will need Azure Defender. Thanks for this information, it will help me in my project.

  3. Ajinkya Gadge Post author

    No, Azure Defender option is not available there. Instead, you can go with Security Alerts/Send grid/Relay combination.

  4. Ajinkya Gadge Post author

    Azure Security Center Free Tier by default disables Azure Defender. The paid version enables Azure Defender – giving you additional capabilities like hybrid security, protection powers, vulnerability scanning for virtual machines, just-in-time (JIT) access for the virtual machines and more.

  5. Chinmay JS Kothe

    An immensely informative article!!👌
    In a way, in today’s day and age, one must look after its business’ online presence and the cloud security and governance are, as you aptly mentioned, are the two most important cornerstones in that process!!
    I did have some knowledge of Microsoft Azure services; but never before did I understand this much about it. Thanks for putting together all the important information to be known about the system as a whole and how we can go ahead in securing our own organisation’s cloud environment.
    Will surely keep this in mind!!
    Many, many congratulations, Ajinkya, for this gem of an informative blog-post!! 😊😊👍👍💐💐
    Looking forward to reading many more such articles from you in future!
    All the best!
    – Chinmay

  6. Syed Hassan Ali

    Can Azure Defender will be configured with Azure Security Alerts for email notifications ?

  7. Aniket Banpurkar

    Amazing write-up! excellent work with proper documentation. An explanation is also very helpful.

  8. Kudos to you for writing this super explicative article Ajinkya! It is extremely informative for yound minds like us and would be conducive to people who are seeking to start a career in IT.

  9. Kudos to you for writing this super explicative article Ajinkya! It is extremely informative for young minds like us and would be very conducive to people who are wanting to start a career in IT.

  10. Ajinkya Gadge Post author

    No, Azure Security have its own configuration w.r.t alerts. And those alerts are only Security based including high priority alerts with 1 alert per 6 hours.

  11. Thanks for providing a brief information about Azure in short . Looking forward to many more blogs like thing . Great work .

  12. Great Work Ajinkya!
    It is very informative and gives a broad idea of how it actually works.
    Keep Up the good Work.

  13. A nicely elaborated blog on Azure security. It will help many IT enthusiast. Great 👍 Work!

  14. Great work!! with help of azure security, Ajinkya inspired to protect vulnerable groups such as our customer & our organization.

  15. Enjoyed reading the article above , really explains everything in detail,the article is very interesting and effective.Thank you and good luck for the upcoming articles

  16. Precisely explained all services, Ajinkya. We will definately try Azure Security Center Free Tier, and explore this services. Thank you for the article.

  17. Vinod Nivrutti Borole

    Very nice and helpfull information,I hope Ajinkya will continue his journey with writing more .
    Congratulations again.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up