Info Sharing Blog

Monday, July 6, 2020

Mizrosoft Azure Services #Index

July 06, 2020 Posted by jaacostan ,

Microsoft Azure Services and Resources #Index

Compute - Virtual machines, virtual machine scale sets, app services
Networking - virtual networks, load balancer, VPN gateway, application gateway, content delivery network
Storage - Blog, disk, file, archive storage and Azure Files
Databases - Cosmos DB, SQL Database, database migration service, SQL Data Warehouse
IoT - IoT Central, IoT Hub
Big Data - HDInsight, Data Lake Analytics
AI - Azure Machine Learning Service, Azure Machine Learning Studio
Serverless - Azure Functions, Logic Apps
Identity services - identity concepts, Azure Active Directory, Multi Factor Authentication concepts
Security products - including both the Azure Security Center, Information Protection, Advanced Threat Protection and security features in the product groups above, like Network Security Groups
Governance - including Policy and Role Based Access Control, but also compliance and privacy concepts.
Monitoring - Azure Monitor and Service Health
Azure tools - like Azure Resource Manager, Azure CLI, Cloud Shell and PowerShell

Azure Blueprints
    This is a service that allows you to define a repeatable set of Azure resources.The definition of the Azure resources can adhere to an organization’s standards, patterns and requirements.Using blueprints , you can orchestrate the deployment of resources such as role assignments, policy assignments, Azure resource manager templates and resource groups.You can use blueprints to upgrade several subscriptions at once .
    
Azure Security Center
  •     This is an infrastructure security management system.
  •     You can use this tool to improve the security of your Azure based resources and on-premise resources as well.
  •     Azure Security Center has in-built support for services such as Azure virtual machines , Function Apps, Azure SQL Server databases.
  •     You can also allow Azure Security Center to give recommendations on what to do for on-premise Windows and Linux servers.
  •     On these servers, you need to ensure you install the Microsoft Monitoring agent.
  •     This service also helps detect and prevent threats at an Infrastructure layer

Azure AD Identity Protection
This is a service that can help detect suspicious actions related to user identities and add more security to the sign-ins to your Azure AD Account.
It can help in detecting the following,
  •     Users with leaked credentials
  •     Sign-ins from anonymous IP addresses
  •     Sign-ins from infected devices
  •     Sign-ins from IP addresses with suspicious activity
  •     Sign-ins from unfamiliar locations
  •     Impossible travel to atypical locations

Azure AD Privileged Identity Management
This is a service that can help manage, control and monitor access to important resources in your organization. With this service, you can provide just-in-time privileged access to Azure AD and Azure resources.

  •     Provide time-bound access to resources using start and end dates.
  •     Enforce multi-factor authentication to activate any role.
  •     Get notifications when privileged roles are activated.
  •     Conduct access reviews to ensure users still require the roles.