Azure Security Services

Azure Security Services:

Microsoft Defender for Cloud: It is a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) for all of your Azure, on-premises, and multicloud ( AWS and GCP) resources.

Microsoft Sentinel: It is a scalable, cloud-native solution that provides SIEM and SOAR capability.

Azure Key Vault: It helps to solves three problems: Secrets Management, Key Management, Certificate Management.

Azure Monitor Logs : It is based on Azure Data Explorer and log queries are written using the Kusto query language (KQL).

Network Security Groups: A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources.

Application security groups : It enable you to configure network security as a natural extension of an application's structure, allowing you to group virtual machines and define network security policies based on those groups.

VPN Gateway sends encrypted traffic between an Azure virtual network and an on-premises location over the public Internet.?

ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection with the help of a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure and Microsoft 365.

Azure Web Application Firewall (WAF) provides centralized protection of your web applications from common exploits and vulnerabilities. Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. SQL injection and cross-site scripting are among the most common attacks.

Azure Firewall is a cloud-native and intelligent network firewall security service that provides the best of breed threat protection for your cloud workloads running in Azure. It's a fully stateful, firewall as a service with built-in high availability and unrestricted cloud scalability. Azure Firewall Standard provides L3-L7 filtering and threat intelligence feeds directly from Microsoft Cyber Security. Azure Firewall Premium provides advanced capabilities include signature-based IDPS to allow rapid detection of attacks by looking for specific patterns.

Azure Load Balancer operates at layer 4 of the Open Systems Interconnection (OSI) model. It's the single point of contact for clients. Load balancer distributes inbound flows that arrive at the load balancer's front end to backend pool instances.

Azure Traffic Manager is a DNS-based traffic load balancer. This service allows you to distribute traffic to your public facing applications across the global Azure regions. Traffic Manager also provides your public endpoints with high availability and quick responsiveness.

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 - TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

Azure Front Door provides web application protection capability to safeguard your web applications from network attacks and common web vulnerabilities exploits like SQL Injection or Cross Site Scripting (XSS). Enabled for http(s) front-ends, Front Door's application layer security is globally distributed and always on, stopping malicious attacks at Azure's network edge, far away from your backends.?

Azure DDoS Protection Standard, combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It's automatically tuned to help protect your specific Azure resources in a virtual network.

Azure Private Link enables you to access Azure PaaS Services (for example, Azure Storage and SQL Database) and Azure hosted customer-owned/partner services over a? private endpoint in your virtual network.

The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS. When you connect via Azure Bastion, your virtual machines don't need a public IP address, agent, or special client software.

Virtual Network (VNet) service endpoint provides secure and direct connectivity to Azure services over an optimized route over the Azure backbone network. Endpoints allow you to secure your critical Azure service resources to only your virtual networks. Service Endpoints enables private IP addresses in the VNet to reach the endpoint of an Azure service without needing a public IP address on the VNet.

Azure Active Directory's Application Proxy provides secure remote access to on-premises web applications. After a single sign-on to Azure AD, users can access both cloud and on-premises applications through an external URL or an internal application portal. For example, Application Proxy can provide remote access and single sign-on to Remote Desktop, SharePoint, Teams, Tableau, Qlik, and line of business (LOB) applications.

Azure Active Directory (Azure AD) is a cloud-based identity and access management service. This service helps your employees access external resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications.

Azure Active Directory B2C provides business-to-customer identity as a service. Your customers use their preferred social, enterprise, or local account identities to get single sign-on access to your applications and APIs. It is a customer identity access management (CIAM) solution capable of supporting millions of users and billions of authentications per day.?

Azure Active Directory Domain Services (Azure AD DS) provides managed domain services such as domain join, group policy, lightweight directory access protocol (LDAP), and Kerberos/NTLM authentication. You use these domain services without the need to deploy, manage, and patch domain controllers (DCs) in the cloud.

Azure role-based access control (Azure RBAC)?: It helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to. Azure RBAC is an authorization system built on?Azure Resource Manager?that provides fine-grained access management to Azure resources.

Azure AD Multi-Factor Authentication: Multi-factor authentication is a process in which users are prompted during the sign-in process for an additional form of identification, such as a code on their cellphone or a fingerprint scan.

References:

?????????????? ?????????? ????????????????

- ? Microsoft Defender for Cloud:?https://lnkd.in/gqEqCduG

- ? Microsoft Sentinel:?https://lnkd.in/ggTwMFdm

- ? Azure Key Vault:?https://lnkd.in/gjkPzvrw

- ? Azure Monitor logs:?https://lnkd.in/gb-gJSw2

????????????????????

- ? Network Security Groups:?https://lnkd.in/gsXeEajC

- ? Application Security Groups:?https://lnkd.in/gr_a9J2Q

- ? Azure VPN Gateway:?https://lnkd.in/gSepkqtB

- ? Azure ExpressRoute:?https://lnkd.in/gTCuBHdV

- ? Web application firewall (Provides centralized protection of web applications from exploits and vulnerabilities):?https://lnkd.in/gtmQzcgq

- ? Azure Firewall (A security service that protects Azure VNet resources):?https://lnkd.in/gdhTK8b6

- ? Azure Load Balancer:?https://lnkd.in/gM-ynvSA

- ? Azure Traffic Manager:?https://lnkd.in/g_xKt67t

- ? Azure Application Gateway:?https://lnkd.in/gSyua6aZ

- ? Azure Front Door:?https://lnkd.in/gKb23w6e

- ? Azure DDoS protection:?https://lnkd.in/gQgVayze

- ? Azure Private Link:?https://lnkd.in/gfNA2qej

- ? Azure Bastion:?https://lnkd.in/gcztdqGj

- ? Virtual Network service endpoints:?https://lnkd.in/g6w_TJjS

- ? Azure Application Proxy:?https://lnkd.in/gM9FUu8N

???????????????? ????????????????

- ? Azure SQL Firewall:?https://lnkd.in/ge-p_RiR

- ? Virtual network rules:?https://lnkd.in/gAasBwPW

- ? Azure SQL Always Encryption:?https://lnkd.in/g444Bfgh

- ? Azure SQL Transparent Data Encryption:?https://lnkd.in/gEjmxrSe

- ? Azure SQL Database Auditing:?https://lnkd.in/gMcJRqtQ

- ? Azure SQL Cell Level Encryption:?https://lnkd.in/gP_HBepm

?????????????? ????????????????

- ? Azure Storage Service Encryption:?https://lnkd.in/gUY9DqHd

- ? Azure Storage Shared Access Signatures:?https://lnkd.in/ggjtZriR

- ? Azure Storage Account Keys:?https://lnkd.in/g8N_i72t

- ? Azure ClientSide Encryption:?https://lnkd.in/gTQVVRA7

- ? Azure File shares with SMB 3.0 Encryption:?https://lnkd.in/gVqnQxbj

- ? Azure Storage Analytics:?https://lnkd.in/gk8upKJB

???????????????? ?????? ???????????? ????????????????????

- ? Azure Active Directory:?https://lnkd.in/gEjNxbUu

- ? Azure Active Directory B2C:?https://lnkd.in/gCwrpueB

- ? Azure Active Directory Domain Services:?https://lnkd.in/ggWs37uq

- ? Azure role-based access control:?https://lnkd.in/gFxX8i4Z

- ? Azure AD Multi-Factor Authentication:?https://lnkd.in/g7vQ8hn4