SlideShare una empresa de Scribd logo

Secure hybrid workload with azure

Descargar como PPTX, PDF
Mohit Chhabra
Mohit Chhabra

Presented at GAB 2020 by Mohit Chhabra

Tecnología
1 de 19
Secure Hybrid Workload with Azure
Azure VM Web App Blob storage Azure Kubernetes Services (AKS) Azure Key Vault (AKV) Azure SQL Azure Container Registry (ACR) Private Datacenter / Other clouds
Azure Microsoft Azure $1B annual investment in cybersecurity 3500+ global security experts Trillions of diverse signals for unique intelligence
Windows Admin Center provides granular management anywhere Lightweight, browser-based, remote management Great for troubleshooting, configuration, maintenance Connect to and manage a single server/cluster at a time
Extend on-premises into Azure Centrally manage from Azure Business continuity & disaster recovery Azure Site Recovery Azure Backup Storage Replica Azure Network Adapter Azure Extended Network Azure File Sync Create Azure VM Azure Monitor Azure Security Center Azure Update Management Azure Arc for Servers Secure Extend on-premises capacity Storage Migration Service Monitor Update Govern Azure Policy Cloud witness
Get secure faster Azure security center Strengthen security posture Cloud security posture management Secure Score Policies and compliance Protect against threats For servers For cloud native workloads For databases and storage
Centralized management from Azure Azure management services Azure Policy via Azure Arc Azure Update Management Azure Security Center Azure Monitor
Azure Security Center Protect your workloads from threats Use industry’s most extensive threat intelligence to gain deep insights Protect cloud-native services from threats Protect data services against malicious attacks Protect your Azure IoT solutions with near real time monitoring Service layer detections: Azure network layer and Azure management layer (ARM) Detect & block advanced malware and threats for Linux and Windows Servers on any cloud SQL management Apps VMs/ Servers IoT Network Containers Cloud workload protection
Protect Linux and Windows VMs from threats Reduce open network ports: • Use Just-in-Time to avoid exposure of management ports • Limit open ports with adaptive network hardening Protect against malware: • Block malware with adaptive application controls • Built-in Microsoft Defender ATP EDR • Crash dump analysis and fileless attack detections Antimalware Defender ATP ! Behavior analytics ! App control ! Lateral Movement Data exfiltration Malicious code execution On-premise Azure, AWS, and GCP
Protect hybrid datacenters and multi-cloud with Azure security center Hybrid Server protection for Datacenters and other clouds Onboard on-prem servers to Security Center from Windows Admin Center Auto-onboard AWS EC2 instances using a new API connector (preview)
Cloud workload protection for hybrid VMs and servers Automatic onboarding & extending to hybrid cloud Server security hygiene File integrity monitoring Detect and block advanced threats for servers Built-in EDR with Microsoft Defender ATP Cloud-native detections Built-in vulnerability Assessment Cloud native network security controls Adaptive application control Central management Reduce attack surface Detect advanced threats
On-Prem Server threat protection with Azure Security Center
Azure ARC Govern across your environment • Asset organization and inventory with a unified view in the Azure Portal • Universal governance anywhere through Azure Policy • Built-in server compliance rules • Central compliance view across all servers • Server owners can view and remediate to meet their compliance • MSPs can implement governance for their customer’s environment O n-premises & ho sted Multi -cloud Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI…)
Example solution architecture on Azure Azure VM Web App Blob storage Azure Kubernetes Services (AKS) Azure Key Vault (AKV) Azure SQL Azure Container Registry (ACR) Private Datacenter / Other clouds
Threat protection for cloud at scale: Export assessments and alerts for security roles Compute App Network Access IoT SQL Azure Security Center Cloud Workload Protection Azure Sentinel Cloud Native SIEM Microsoft 365 Azure Security Center Azure SentinelASC Connector SIEM
Automate workflows with ASC Automate workflows with ASC  Trigger playbooks based on ASC recommendations and alerts  Built-in playbooks, build your own with Azure Logic apps New community hub  Share workflows and remediation policies with the community the things that you’ve built  Learn what others did and deploy directly to Azure Automate and script through API and PowerShell
Protect your workloads against threats: a go-do list Good hygiene comes first, strengthen your cloud security posture 01 Turn on threat protection for all cloud resources 02 Reduce attack surface for VMs with JIT, Network and app controls 03 Integrate alerts into your SIEM & notify app owners 04 Identify root cause and drive new security hygiene up 05

Recomendados

AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Best Practices for Security at Scale
Best Practices for Security at Scale Best Practices for Security at Scale
Best Practices for Security at Scale Amazon Web Services
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Azure Overview Arc
Azure Overview ArcAzure Overview Arc
Azure Overview Arcrajramab
 

Recomendados

AWS Control Tower
AWS Control TowerAWS Control Tower
AWS Control TowerCloudHesive
 
Best Practices for Security at Scale
Best Practices for Security at Scale Best Practices for Security at Scale
Best Practices for Security at Scale Amazon Web Services
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Azure Overview Arc
Azure Overview ArcAzure Overview Arc
Azure Overview Arcrajramab
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerEast Midlands Cyber Security Forum
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...Amazon Web Services Korea
 
Introduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWSIntroduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWSFaisal Ahmed Farooqui
 
Meetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksMeetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksCloudHesive
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Web Services Korea
 
Security best practices on AWS cloud
Security best practices on AWS cloudSecurity best practices on AWS cloud
Security best practices on AWS cloudMartin Yan
 
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAmazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
 
Security & Compliance (Part 1)
Security & Compliance (Part 1)Security & Compliance (Part 1)
Security & Compliance (Part 1)Amazon Web Services
 
Power of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityPower of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityAdin Ermie
 
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...Amazon Web Services
 
Securing enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSSecuring enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSAmazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWSAmazon Web Services
 
2-ARC.pdf
2-ARC.pdf2-ARC.pdf
2-ARC.pdfssuserceb53e
 
Azure Hybid
Azure HybidAzure Hybid
Azure HybidThomas Treml
 

Más contenido relacionado

La actualidad más candente

Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...Amazon Web Services Korea
 
Introduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWSIntroduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWSFaisal Ahmed Farooqui
 
Meetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksMeetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksCloudHesive
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Web Services Korea
 
Security best practices on AWS cloud
Security best practices on AWS cloudSecurity best practices on AWS cloud
Security best practices on AWS cloudMartin Yan
 
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAmazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
 
Power of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityPower of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityAdin Ermie
 
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...Amazon Web Services
 
Securing enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSSecuring enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSAmazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 

La actualidad más candente (20)

Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security Model
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
기업 환경 변화에 신속하게 대응하는 안전한 솔루션 : AWS End User Computing – 김종선 :: AWS Builders On...
 
Introduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWSIntroduction to Cloud Computing and AWS
Introduction to Cloud Computing and AWS
 
Meetup Protect from Ransomware Attacks
Meetup Protect from Ransomware AttacksMeetup Protect from Ransomware Attacks
Meetup Protect from Ransomware Attacks
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
 
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
Amazon Container 환경의 보안 – 최인영, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집
 
Security best practices on AWS cloud
Security best practices on AWS cloudSecurity best practices on AWS cloud
Security best practices on AWS cloud
 
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYC
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
 
Security & Compliance (Part 1)
Security & Compliance (Part 1)Security & Compliance (Part 1)
Security & Compliance (Part 1)
 
Power of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityPower of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure Security
 
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...
 
Securing enterprise big data workloads on AWS
Securing enterprise big data workloads on AWSSecuring enterprise big data workloads on AWS
Securing enterprise big data workloads on AWS
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 

Similar a Secure hybrid workload with azure

Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Azure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Riyadh User Group
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기명신 김
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Running Containers on Azure
Running Containers on AzureRunning Containers on Azure
Running Containers on AzureNick Trogh
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Kubernetes for .NET Developers
Kubernetes for .NET DevelopersKubernetes for .NET Developers
Kubernetes for .NET DevelopersLorenzo Barbieri
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsAzure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsWinWire Technologies Inc
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 

Similar a Secure hybrid workload with azure (20)

2-ARC.pdf
2-ARC.pdf2-ARC.pdf
2-ARC.pdf
 
Azure Hybid
Azure HybidAzure Hybid
Azure Hybid
 
Azure Arc on AIS Cloud X
Azure Arc on AIS Cloud XAzure Arc on AIS Cloud X
Azure Arc on AIS Cloud X
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Azure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage OverviewAzure Compute, Networking and Storage Overview
Azure Compute, Networking and Storage Overview
 
01 aws track 1
01 aws track 101 aws track 1
01 aws track 1
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기
[2020 Ignite Seoul]Azure에서 사용할 수 있는 컨테이너/오케스트레이션 기술 살펴보기
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Running Containers on Azure
Running Containers on AzureRunning Containers on Azure
Running Containers on Azure
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Kubernetes for .NET Developers
Kubernetes for .NET DevelopersKubernetes for .NET Developers
Kubernetes for .NET Developers
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial Services
 
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud PlatformsAzure Arc - Managing Hybrid and Multi-Cloud Platforms
Azure Arc - Managing Hybrid and Multi-Cloud Platforms
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 

Más de Mohit Chhabra

Azure Governance for Enterprise
Azure Governance for EnterpriseAzure Governance for Enterprise
Azure Governance for EnterpriseMohit Chhabra
 
Virtual assistant with azure ai
Virtual assistant with azure ai Virtual assistant with azure ai
Virtual assistant with azure ai Mohit Chhabra
 
Convert your sketches to code with microsoft ai
Convert your sketches to code with microsoft aiConvert your sketches to code with microsoft ai
Convert your sketches to code with microsoft aiMohit Chhabra
 
Intro to docker and kubernetes
Intro to docker and kubernetesIntro to docker and kubernetes
Intro to docker and kubernetesMohit Chhabra
 
Net overview-and-roadmap
Net overview-and-roadmapNet overview-and-roadmap
Net overview-and-roadmapMohit Chhabra
 
Containerization in microsoft azure
Containerization in microsoft azureContainerization in microsoft azure
Containerization in microsoft azureMohit Chhabra
 
App innovationcircles azure
App innovationcircles azureApp innovationcircles azure
App innovationcircles azureMohit Chhabra
 
App innovationcircles xamarin
App innovationcircles xamarinApp innovationcircles xamarin
App innovationcircles xamarinMohit Chhabra
 
Cloud based programming
Cloud based programmingCloud based programming
Cloud based programmingMohit Chhabra
 
Azure document db/Cosmos DB
Azure document db/Cosmos DBAzure document db/Cosmos DB
Azure document db/Cosmos DBMohit Chhabra
 
DevOps in Microsoft Azure
DevOps in Microsoft Azure DevOps in Microsoft Azure
DevOps in Microsoft Azure Mohit Chhabra
 

Más de Mohit Chhabra (19)

Azure Sentinel.pptx
Azure Sentinel.pptxAzure Sentinel.pptx
Azure Sentinel.pptx
 
Azure Governance for Enterprise
Azure Governance for EnterpriseAzure Governance for Enterprise
Azure Governance for Enterprise
 
Virtual assistant with azure ai
Virtual assistant with azure ai Virtual assistant with azure ai
Virtual assistant with azure ai
 
Azure bastion
Azure bastionAzure bastion
Azure bastion
 
Azure functions
Azure functionsAzure functions
Azure functions
 
Convert your sketches to code with microsoft ai
Convert your sketches to code with microsoft aiConvert your sketches to code with microsoft ai
Convert your sketches to code with microsoft ai
 
Intro to docker and kubernetes
Intro to docker and kubernetesIntro to docker and kubernetes
Intro to docker and kubernetes
 
Net overview-and-roadmap
Net overview-and-roadmapNet overview-and-roadmap
Net overview-and-roadmap
 
Azure BluePrint
Azure BluePrintAzure BluePrint
Azure BluePrint
 
Azure devops
Azure devopsAzure devops
Azure devops
 
Containerization in microsoft azure
Containerization in microsoft azureContainerization in microsoft azure
Containerization in microsoft azure
 
Cosmosdb graph
Cosmosdb graphCosmosdb graph
Cosmosdb graph
 
Azure full
Azure fullAzure full
Azure full
 
App innovationcircles azure
App innovationcircles azureApp innovationcircles azure
App innovationcircles azure
 
App innovationcircles xamarin
App innovationcircles xamarinApp innovationcircles xamarin
App innovationcircles xamarin
 
Cloud based programming
Cloud based programmingCloud based programming
Cloud based programming
 
Azure document db/Cosmos DB
Azure document db/Cosmos DBAzure document db/Cosmos DB
Azure document db/Cosmos DB
 
Azure cli2.0
Azure cli2.0Azure cli2.0
Azure cli2.0
 
DevOps in Microsoft Azure
DevOps in Microsoft Azure DevOps in Microsoft Azure
DevOps in Microsoft Azure
 

Último

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Último (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Secure hybrid workload with azure

  • 2.
  • 3.
  • 4. Azure VM Web App Blob storage Azure Kubernetes Services (AKS) Azure Key Vault (AKV) Azure SQL Azure Container Registry (ACR) Private Datacenter / Other clouds
  • 5. Azure Microsoft Azure $1B annual investment in cybersecurity 3500+ global security experts Trillions of diverse signals for unique intelligence
  • 6. Windows Admin Center provides granular management anywhere Lightweight, browser-based, remote management Great for troubleshooting, configuration, maintenance Connect to and manage a single server/cluster at a time
  • 7. Extend on-premises into Azure Centrally manage from Azure Business continuity & disaster recovery Azure Site Recovery Azure Backup Storage Replica Azure Network Adapter Azure Extended Network Azure File Sync Create Azure VM Azure Monitor Azure Security Center Azure Update Management Azure Arc for Servers Secure Extend on-premises capacity Storage Migration Service Monitor Update Govern Azure Policy Cloud witness
  • 8. Get secure faster Azure security center Strengthen security posture Cloud security posture management Secure Score Policies and compliance Protect against threats For servers For cloud native workloads For databases and storage
  • 9. Centralized management from Azure Azure management services Azure Policy via Azure Arc Azure Update Management Azure Security Center Azure Monitor
  • 10. Azure Security Center Protect your workloads from threats Use industry’s most extensive threat intelligence to gain deep insights Protect cloud-native services from threats Protect data services against malicious attacks Protect your Azure IoT solutions with near real time monitoring Service layer detections: Azure network layer and Azure management layer (ARM) Detect & block advanced malware and threats for Linux and Windows Servers on any cloud SQL management Apps VMs/ Servers IoT Network Containers Cloud workload protection
  • 11. Protect Linux and Windows VMs from threats Reduce open network ports: • Use Just-in-Time to avoid exposure of management ports • Limit open ports with adaptive network hardening Protect against malware: • Block malware with adaptive application controls • Built-in Microsoft Defender ATP EDR • Crash dump analysis and fileless attack detections Antimalware Defender ATP ! Behavior analytics ! App control ! Lateral Movement Data exfiltration Malicious code execution On-premise Azure, AWS, and GCP
  • 12. Protect hybrid datacenters and multi-cloud with Azure security center Hybrid Server protection for Datacenters and other clouds Onboard on-prem servers to Security Center from Windows Admin Center Auto-onboard AWS EC2 instances using a new API connector (preview)
  • 13. Cloud workload protection for hybrid VMs and servers Automatic onboarding & extending to hybrid cloud Server security hygiene File integrity monitoring Detect and block advanced threats for servers Built-in EDR with Microsoft Defender ATP Cloud-native detections Built-in vulnerability Assessment Cloud native network security controls Adaptive application control Central management Reduce attack surface Detect advanced threats
  • 14. On-Prem Server threat protection with Azure Security Center
  • 15. Azure ARC Govern across your environment • Asset organization and inventory with a unified view in the Azure Portal • Universal governance anywhere through Azure Policy • Built-in server compliance rules • Central compliance view across all servers • Server owners can view and remediate to meet their compliance • MSPs can implement governance for their customer’s environment O n-premises & ho sted Multi -cloud Azure Management (Azure Resource Manager, Azure Policy, Azure Portal, API, CLI…)
  • 16. Example solution architecture on Azure Azure VM Web App Blob storage Azure Kubernetes Services (AKS) Azure Key Vault (AKV) Azure SQL Azure Container Registry (ACR) Private Datacenter / Other clouds
  • 17. Threat protection for cloud at scale: Export assessments and alerts for security roles Compute App Network Access IoT SQL Azure Security Center Cloud Workload Protection Azure Sentinel Cloud Native SIEM Microsoft 365 Azure Security Center Azure SentinelASC Connector SIEM
  • 18. Automate workflows with ASC Automate workflows with ASC  Trigger playbooks based on ASC recommendations and alerts  Built-in playbooks, build your own with Azure Logic apps New community hub  Share workflows and remediation policies with the community the things that you’ve built  Learn what others did and deploy directly to Azure Automate and script through API and PowerShell
  • 19. Protect your workloads against threats: a go-do list Good hygiene comes first, strengthen your cloud security posture 01 Turn on threat protection for all cloud resources 02 Reduce attack surface for VMs with JIT, Network and app controls 03 Integrate alerts into your SIEM & notify app owners 04 Identify root cause and drive new security hygiene up 05

Notas del editor

  1. Jeff Wrap up