Tag: Azure Security Center

Secure your Server with Azure Security Center

Use Azure Security Center with Windows Server on-premises

Windows Admin Center makes it easy to connect Azure Hybrid Cloud services to your on-premises Windows Server environment. For a while now we can connect services like Azure Monitor, Azure File Sync, Azure Update Management and many more to Windows Server. This helps us to make our on-premises environment even better, by using Azure Cloud Services. At Microsoft Ignite we also announced Azure Arc, which brings cloud-native management to your on-premises environment. With the latest version of the Windows Admin Center, we can now easily connect Windows Servers to Azure Security Center. Azure Security Center will help you to quickly strengthen your security posture and protect against threats. It will not just scan your Azure resources but also your hybrid resources, for example, servers running on-premises or at other cloud providers. You can add Linux and Windows servers to Azure Security Center, and Windows Admin Center makes it easy to onboard your Windows Server.

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Keeping your resources safe is a joint effort between your cloud provider, Azure, and you, the customer. You have to make sure your workloads are secure as you move to the cloud, and at the same time, when you move to IaaS (infrastructure as a service) there is more customer responsibility than there was in PaaS (platform as a service), and SaaS (software as a service). Azure Security Center provides you the tools needed to harden your network, secure your services and make sure you’re on top of your security posture.

You can find more about Azure Security Center here.

Add an on-premises Windows Server to Azure Security Center

To add an on-premises Windows Server to Azure Security Center you can install an agent or you can use Windows Admin Center.

Secure your Server with Azure Security Center

Secure your Server with Azure Security Center

Open Windows Admin Center and click on Azure Security Center in the menu. Click on Sign into Azure and set up. This will open the wizard to onboard the server.

Onboard Server to Azure Security Center with Windows Admin Center

Onboard Server to Azure Security Center with Windows Admin Center

The wizard will ask you to with Azure subscription, resource group and log analytics workspace the server should be connected to. After a couple of minutes, you will get recommendations which you can review in the Azure Security Center or directly for the Windows Server in Windows Admin Center.

Azure Security Center Recommendations

Azure Security Center Recommendations

Get Windows Admin Center

Windows Admin Center is a free download to use with your Windows Servers, you can download Windows Admin Center here. If you want to know more about the Hybrid capabilities, check out my blog post on ITOpsTalk.com. If you want to know more about Azure Hybrid Cloud, check out azure.com/hybrid.

I hope this gives you an overview of how you add Windows Servers to Azure Security Center using Windows Admin Center. Let me know if you have any questions in the comments.



Altaro Azure Security Center Webinar

Free Webinar: Azure Security Center: How to Protect Your Datacenter with Next Generation Security

I am happy to announce that I will be speaking in a free webinar together with Microsoft MVP Andy Syrewicze about Azure Security Center. The Altaro webinar called Azure Security Center: How to Protect Your Datacenter with Next Generation Security will be focusing on Azure Security Center, and how you can protect your Cloud and Datacenter Infrastructure. The webinar will be free and it will be held twice on Tuesday, July 30th, 2019. You can save your seat by filling out the form here.

Webinar presented live twice:

  • Session 1: 2pm CEST – 8am EDT – 5am PDT
  • Session 2: 7pm CEST – 1pm EDT – 10am PDT

Free Webinar

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Azure Security Center: How to Protect Your Datacenter with Next Generation Security

Security has always been a fundamental concern of IT admins and now more than ever, in the age of the cloud datacenter, you need to ensure your workload security is ahead of the curve.

Join Thomas Maurer from the Microsoft Azure Team, alongside Microsoft MVP Andy Syrewicze, for a value-packed webinar that will show you how to batten down the hatches, even when your workloads are hosted in the public cloud! You’ll learn:

  • Azure Security Center Introductions
  • Deployment and first steps
  • Best Practices
  • Integration with other tools
  • And more!

With the industry’s transition to the cloud, we’ve seen a number of workloads migrate to service provider datacenters and public clouds like Azure. While many IT Pros are comfortable in dealing with core services in this manner, many find themselves at a loss when it comes to securing these next generation deployments. Pair that with an overly eager bad-actor community, and you have a recipe for disaster. However, new tools are designed to enhance existing security paradigms and help you sleep at night, such as Azure Security Center. Are you concerned about the strength of your Azure workload security? Struggling with where to start? We’ve got the webinar for you!

Taking advantage of the latest in security tools will ensure your organization stays one step ahead of the bad guys, and we’re here to help you get started!

See you there!

As mentioned, we will give you an overview of how Azure Security Center and strengthen your security posture and protect against threats with Azure Security Center. I will also show you features like Azure Just-in-Time VM access and many others.

I hope that you join the webinar and if you have any questions, let me know in the comments.



AZ-500 Microsoft Certified Azure Security Engineer Associate

Passed Exam AZ-500 Microsoft Certified Azure Security Engineer Associate

The new Azure Security exam just came out of beta, and I took some time to learn and see if I would pass it. I am happy that I just passed exam AZ-500: Microsoft Azure Security Technologies, which focuses on Microsoft Azure security engineers who implement security controls, maintain the security posture, manages identity and access and protects data, applications, and networks. After passing this exam, you can call yourself a Microsoft Certified: Azure Security Engineer Associate. Azure Security Engineers implement security controls and threat protection, manage identity and access, and protect data, applications, and networks in cloud and hybrid environments as part of the end-to-end infrastructure. That means this exam covers different topics across the Azure infrastructure and many various Azure services like Azure AD, Azure IaaS, Azure Networking, Azure Kubernetes Service (AKS), Databases, Azure Monitor, Azure Security Center and many more.

Exam AZ-500: Microsoft Azure Security Technologies

Candidates identify and remediate vulnerabilities by using a variety of security tools, implements threat protection, and responds to security incident escalations. As a Microsoft Azure security engineer, candidates often serve as part of a larger team dedicated to cloud-based management and security and may also secure hybrid environments as part of an end-to-end infrastructure.

Candidates for this exam should have strong skills in scripting and automation, a deep understanding of networking, virtualization, and cloud N-tier architecture, and a strong familiarity with cloud capabilities, Microsoft Azure products and services, and other Microsoft products and services.

You can find more detailed information on the Microsoft exam website. There you will find all the skills measured in this exam.

How to prepare for the AZ-500 exam

Microsoft Learn

Microsoft Learn

Exams always have a specific focus; this one covers a broad set of Azure security topics over different Azure services. This means you not only need to have particular security know-how, but also a good overview of the various Azure services. If you don’t have that right now, I recommend that you might start with other exams, such as AZ-900 and AZ-10X for the Microsoft Certified: Azure Administrator Associate. But if you want to go forward with the AZ-500 exam and become a Microsoft Certified: Azure Security Engineer Associate, first have a look at the more detailed information on the Microsoft exam website. Start reading through the Microsoft Docs about the different security topics mentioned in the skills measured, and also get some hands-on experience by trining out the various technologies. My favorite place to learn and understand some tutorials about different topics is Microsoft Learn! On Microsoft learn, you can use a lot of different learning modules, and some of them are focused on Azure Security. If you want to know more about Microsoft learn, check out my blog post: Microsoft Learn – A Great Place To Learn!

At Microsoft Ignite The Tour, our team also presented a session on securing your Azure environment, my session in Amsterdam was recorded, you can watch it here: Microsoft Ignite The Tour 2019 Azure Hybrid Session Recordings.

Are you also interested in becoming Microsoft Azure Certified? Check out my blog posts about why you should become Microsoft Azure Certified, how to pick the right Azure exam certification path and how to prepare and pass a Microsoft Azure certification exam. With that, I wish you happy learning and good luck with the AZ-500 Microsoft Azure Security Technologies exam!