© Copyright Fortinet Inc. All rights reserved.

運用 Azure Security Center 深入分析企業混合雲環境資安問題Thomas Huang

Cloud Solution Architect

台北,2018/11/15

Hybrid cloud requires a new approach for security

Distributed infrastructure

Need better visibility and control

Rapidly changing cloud resources

Require solutions that keep pace with speed and agility of cloud

Increasingly sophisticated threats

Leverage analytics and threat intelligence to detect threats quickly

StorageComputeIdentity Networking

Effective IaaS workload protection strategies target unique requirements of modern, hybrid cloud

3

Key challenges for protecting IaaS workloads

Security Dashboards

Deliver Rapid Insights into

Security State Across All

Workloads

API

Microsoft Managed

Customer Managed

Identity

& Access

Information

Protection

Threat

Protection

Security

Management

Physical

Security

Operational

Security

Infrastructure

Security

Built-in Azure, no setup required

Automatically discover and monitor security of Azure resources

Set Security Policy

Determine which security controls/assessments ASC should apply to your environment

Gain insights for hybrid resources

Easily onboard resources running in other clouds and on-premises

1

Continuous assessment of machines, networks, and Azure services

Hundreds of built-in security assessments, or create your own

Fix vulnerabilities quickly

Prioritized, actionable security recommendations

2

Lock down ports on virtual machines

Enable just-in-time access to virtual machines

Access automatically granted for limited time

3

Allow safe applications only

Adaptive whitelisting learns application patterns

Simplified management with recommended whitelists

4

5

PORT SCANNINGACTIVITY DETECTED

BRUTE FORCE ACTIVITY DETECTED

SUSPICIOUS PROCESS EXECUTED ON VM

DNS DATA EXFILTRATIONACTIVITY DETECTED

KILL CHAIN INCIDENT GENERATED

Anatomy of real attack-detected by Security Center

Explore detected threats in a visual and interactive way

Interactive experience to explore links across alerts, computers and users

Use predefined or ad hoc queries for deeper examination

6

Automate and orchestrate common security workflows

Create playbooks with integration of Azure Logic Apps

Trigger workflows from any alert to enable conditional actions

7

Centrally manage security across all of your IaaS

deployment

Harden OS, VNet, storage, and SQL configurations and

apply preventive controls

Monitor VM events and network traffic to identify threats and react quickly

To learn more, visit azure.microsoft.com/en-us/services/security-center/

Use Security Center for Azure resources

Start trial for ASC standard to get advanced

threat protection

Onboard on-premises and other cloud

workloads