Microsoft Unveils New Security Tools for Azure Platform
Microsoft announced a series of security tools for its Azure and Microsoft 365 platforms at its Ignite 2019 conference in Orlando, FL. The ultimate aim of these tools is to boost the security capabilities of both platforms.
One of the major tools is Azure Arc, which is built on Azure Stack. It is currently available in preview, the Azure Arc extends Azure management and security to extends Azure management capabilities to Linux and Windows servers, and Kubernetes clusters (which includes infrastructure on-premises, multi-cloud and edge).
Azure Arc also provides a unified management solution for multiple environments using capabilities such as
- Azure Portal
- API
- Azure
- Resource Manager
- Azure Shell Azure Policy
Azure Arc enables app developers to build containerized applications with the tools of their choice. Azure Arc also allows Azure data services anywhere, equipping customers with real-time insights. With AI capabilities, Azure Arc can run Azure SQL Database and Azure Database for PostgreSQL Hyperscale on any infrastructure.
Microsoft is offering Azure Arc enabled API Management to equip enterprises with the ability to manage APIs across any environment, including hybrid and multi-cloud environments.
What’s more? With Da_v4 and Das_v4 Azure virtual machine series available publicly for general-purpose workloads, the tech giant also announced the preview of Serial Console for Azure Government Cloud.
The tech giant has also made the Generation 2 virtual machines in Azure generally available with new enhanced features, such as increased memory and Intel Software Guard Extensions, along with support for large VMs (up to 12 TBs) and OS Disk sizes that exceed 2 TBs.
In addition to that, Microsoft is also making Azure Bastion generally available in six Azure regions:
- South Central US
- West Europe
- Australia East
- East US
- Japan East
- West US
Serving as a fully managed Platform as a Service (PaaS), Azure Bastion provides a secure and seamless RDP and SSH access to VMs, directly through the Azure Portal.
Another preview announced at the Ignite 2019 conference is the Internet Analyzer, which provides performance reporting across multiple endpoints for app migration and delivery, as well as Internet content and app delivery. The tech giant has also made the IPv6 for Azure VNet generally available across Azure regions worldwide.
Microsoft is also making server-side encryption with customer-managed keys (SSE with CMK) available for Azure Managed Disks, in preview for Premium SSD, Standard SSD, and Standard HDD disk types. With this new enhanced feature, customers can use Azure Key Vault as the repository for their Azure Disk encryption keys.
Moreover, the tech giant also announced new capabilities to make governance easier in Azure. Azure Policy is now moving into Azure KeyVault in public preview, that custom RBAC can be applied at the management group level, offering better tracking of subscriptions, courtesy of support for subscription tags.
The tech giant also announced enhanced features such as
- Network Insights (now in preview)
- Traffic Analytics
- New Application Insights agent for Azure Monitor
Azure Monitor for containers has now expanded with the preview of Hybrid Monitoring (allowing users to monitor a hybrid Kubernetes deployment with on-premises and Azure infrastructure).
The tech giant also announced the general availability of a new enhanced version of the Windows Admin Center. It includes integration with Azure Security Center and the public preview of Azure Firewall Manager.
In addition to that, Microsoft also announced the preview availability of
- Azure Arc support
- Windows Virtual Desktop on Azure Stack Hub
- Azure Stream Analytics support
- Kubernetes on Azure Stack Hub
The tech giant also announced an enhanced version of Azure Security Center, which now comes with extended coverage and improved cloud security posture management.