Microsoft Azure Security Infrastructure
Microsoft Press (Verlag)
978-1-5093-0357-1 (ISBN)
Three Microsoft Azure experts show you how to:
• Understand cloud security boundaries and responsibilities
• Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection
• Explore Azure’s defense-in-depth security architecture
• Use Azure network security patterns and best practices
• Help safeguard data via encryption, storage redundancy, rights management, database security, and storage security
• Help protect virtual machines with Microsoft Antimalware for Azure Cloud Services and Virtual Machines
• Use the Microsoft Azure Key Vault service to help secure cryptographic keys and other confidential information
• Monitor and help protect Azure and on-premises resources with Azure Security Center and Operations Management Suite
• Effectively model threats and plan protection for IoT systems
• Use Azure security tools for operations, incident response, and forensic investigation
YURI DIOGENES is a Senior Content Developer on the CSI Enterprise Mobility and Security Team, focusing on enterprise mobility solutions, Azure Security Center, and OMS Security. Previously, Yuri worked at Microsoft as a writer for the Windows Security team and as a Support Escalation Engineer for the CSS Forefront team. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from Utica College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite–Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press. DR. THOMAS SHINDER is a program manager in Azure Security Engineering and a 20-year veteran in IT security. Tom is best known for his work with ISA Server and TMG, publishing nine books on those topics. He was also the leading voice at ISAserver.org. After joining Microsoft in 2009, Tom spent time on the UAG DirectAccess team and then took a 3-year vacation from security to be a cloud infrastructure specialist and architect. He’s now back where he belongs in security, and spends a good deal of time hugging his Azure Security Center console and hiding his secrets in Azure Key Vault. DEBRA LITTLEJOHN SHINDER, MCSE, is a former police officer and police academy instructor who is self-employed as a technol¿ogy consultant, trainer, and writer, specializing in network and cloud security. She has authored a number of books, including Scene of the Cybercrime: Computer Forensics Handbook (Syngress Publishing, 2002) and Computer Networking Essentials (Cisco Press, 2001). She has co-authored more than 20 additional books and worked as a tech editor, developmental editor, and contributor to more than 15 books. Deb is a lead author for WindowSecurity.com and WindowsNetworking.com, and a long-time contributor to the GFI Software blog and other technology publications, with more than 1,500 published articles in print magazines and on websites. Deb focuses on Microsoft products, and has been awarded the Microsoft MVP (Most Valuable Professional) award in the field of enterprise security for 14 years in a row. She lives and works in the Dallas-Fort Worth area and has taught law enforcement, computer networking, and security courses at Eastfield College in Mesquite, Texas. She currently sits on the advisory board of the Eastfield Criminal Justice Training Center Police Academy.
Chapter 1 Cloud security
Cloud security considerations
Compliance
Risk management
Identity and access management
Operational security
Endpoint protection
Data protection
Shared responsibility
Cloud computing
Distributed responsibility in public cloud computing
Assume breach and isolation
Azure security architecture
Azure design principles
Chapter 2 Identity protection in Azure
Authentication and authorization
Azure hierarchy
Role-Based Access Control
On-premises integration
Azure AD Connect
Federation
Suspicious activity identification
Identity protection
User risk policy
Sign-in risk policy
Notification enabling
Vulnerabilities
Multi-Factor Authentication
Azure Multi-Factor Authentication implementation
Azure Multi-Factor Authentication option configuration
Chapter 3 Azure network security
Anatomy of Azure networking
Virtual network infrastructure
Network access control
Routing tables
Remote access (Azure gateway/point-to-site VPN/
RDP/Remote PowerShell/SSH)
Cross-premises connectivity
Network availability
Network logging
Public name resolution
Network security appliances
Reverse proxy
Azure Network Security best practices
Subnet your networks based on security zones
Use Network Security Groups carefully
Use site-to-site VPN to connect Azure Virtual Networks
Configure host-based firewalls on IaaS virtual machines
Configure User Defined Routes to control traffic
Require forced tunneling
Deploy virtual network security appliances
Create perimeter networks for Internet-facing devices
Use ExpressRoute
Optimize uptime and performance
Disable management protocols to virtual machines
Enable Azure Security Center
Extend your datacenter into Azure
Chapter 4 Data and storage security
Virtual machine encryption
Azure Disk Encryption
Storage encryption
File share wire encryption
Hybrid data encryption
Authentication
Wire security
Data at rest
Rights management
Database security
Azure SQL Firewall
SQL Always Encrypted
Row-level security
Transparent data encryption
Cell-level encryption
Dynamic data masking
Chapter 5 Virtual machine protection with Antimalware
Understanding the Antimalware solution
Antimalware deployment
Antimalware deployment to an existing VM
Antimalware deployment to a new VM n
Erscheinungsdatum | 14.10.2016 |
---|---|
Reihe/Serie | IT Best Practices - Microsoft Press |
Verlagsort | Boston |
Sprache | englisch |
Maße | 189 x 229 mm |
Gewicht | 378 g |
Themenwelt | Informatik ► Betriebssysteme / Server ► Windows |
Informatik ► Netzwerke ► Sicherheit / Firewall | |
Informatik ► Weitere Themen ► Hardware | |
ISBN-10 | 1-5093-0357-X / 150930357X |
ISBN-13 | 978-1-5093-0357-1 / 9781509303571 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich