Microsoft Azure Security Center
Microsoft Azure Security Center is a set of tools for monitoring and managing the security of virtual machines and other cloud computing resources within the Microsoft Azure public cloud.
Administrators access the Azure Security Center through the Azure management portal. Within the Security Center, they can find a number of security tools intended to prevent, detect and respond to potential security threats to their Azure deployment. Organizations must have an Azure subscription to access the Security Center.
The main features of Azure Security Center include:
- Policy configuration -- allows admins to establish a set of security-related controls for a specific Azure subscription or resource group. An Azure resource group refers to the collection of Azure resources, such as a VM, storage, database or virtual network, required to run an application.
- Data collection -- gathers data about Azure resources to ensure policies are enforced. The service also enables daily scanning of VMs for potential security threats. Admins can choose the Azure storage account in which collected VM data is stored.
- Recommendations -- provides a list of suggestions for creating Azure security policies based on the security needs of your specific Azure resources. Potential recommendations include deploying a missing system update, provisioning antimalware and using network security groups to control VM traffic.
- Alerts -- issues an alert when potential security threats, such as compromised VMs or malware, are detected. Azure Security Center automatically collects and integrates log data about Azure resources to produce alerts.
Azure Security Center can also integrate with Power BI, Microsoft's business intelligence cloud service for data analysis and visualization. An admin, for example, could use the Azure Security Center dashboard to access Power BI reports, or use the Power BI dashboard to filter security recommendations and alerts.
Security, in general, has been a concern for businesses contemplating public cloud adoption. This is largely because public cloud providers have a multi-tenant architecture, where numerous users share the underlying hardware. As a result, many vendors have evolved security tools and methods, such as encryption, identity access management and authentication, for public cloud deployments.
Azure Security Center is available in all of Microsoft's global Azure regions. Pricing for Azure Security Center is broken out into two tiers. The Free tier provides basic security policies and recommendations, and comes included in all Azure subscriptions, while the Standard tier offers more advanced security capabilities, such as behavioral analysis, and costs $15 per VM monitored per month. The Standard tier also includes a 500 MB cap on the amount of data ingested per node per day. There is no cap on the Free tier.
Users are billed separately for the storage resources they use as part of Azure Security Center, based on Microsoft's standard Azure storage rates.