Friday, July 23, 2021

AzUpdate: New Azure Firewall Premium capabilities, Microsoft acquires CloudKnox, JulyOT and more

More Microsoft goodies coming out of Redmond this week. News this week includes Next-generation security capabilities with Azure Firewall Premium, Microsoft acquires CloudKnox Security, Microsoft Defender for IoT overview and a secure Microsoft Learn module of the week.

 

 

Next-generation firewall capabilities with Azure Firewall Premium

Azure Firewall Premium provides advanced threat protection that meets the needs of extremely sensitive and regulated environments found in industries like payment and healthcare. Organizations can leverage Premium stock-keeping unit (SKU) features like IDPS and TLS inspection to prevent malware and viruses from spreading across networks in both lateral and horizontal directions.

 

Azure Firewall PremiumAzure Firewall Premium
 

Based on the public preview announced back in February 2021, Microsoft has announced the general availability release of Microsoft Azure Firewall Premium which includes the following key features:

 

  • TLS inspection: Azure Firewall Premium terminates outbound and east-west transport layer security (TLS) connections. Inbound TLS inspection is supported in conjunction with Azure Application Gateway allowing end-to-end encryption. Azure Firewall performs the required value-added security functions and re-encrypts the traffic which is sent to the original destination.
  • IDPS: Azure Firewall Premium provides signature-based intrusion detection and prevention system (IDPS) to allow rapid detection of attacks by looking for specific patterns, such as byte sequences in network traffic or known malicious instruction sequences used by malware.
  • Web categories: Allows administrators to filter outbound user access to the internet based on categories (for example, social networking, search engines, gambling, and so on), reducing the time spent on managing individual fully qualified domain names (FQDNs) and URLs. This capability is also available for Azure Firewall Standard based on FQDNs only.
  • URL filtering: Allow administrators to filter outbound access to specific URLs, not just FQDNs. This capability works for both plain text and encrypted traffic if TLS inspection is enabled.
     

Microsoft acquires CloudKnox Security

Microsoft's acquisition of CloudKnox further enables organization who use Microsoft Azure Active Directory with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. Microsoft is committed to providing customers with unified privileged access management, identity governance and entitlement management including:
 

  • Automated and simplified access policy enforcement in one integrated multi-cloud platform for all human and workload identities.
  • The widest breadth of signal-enabling, high-precision machine learning-based anomaly detections.
  • Seamless integration with other Microsoft cloud security services, including Microsoft 365 Defender, Azure Defender and Azure Sentinel.

Further information surrounding this latest acquisition can be found here: Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management

 

Microsoft Defender for IoT overview

 

 

IoT has quickly become the new hybrid architecture many IT Professionals need to secure. That need does come with additional complexities in terms of deployment, monitoring and access especially when possible new tools need to be implemented. I recently sat down with Senior Solution Architect Matt Soseman to discuss how operational technology (OT) is different from IT, IoT deployment methodologies, and demos the audit-analytic and data management process made available via Microsoft Defender to help defend and protect critical OT and industrial control system (ICS) networks from cyberattacks.

 
 

MS Learn Module of the Week

Microsoft_Learn_Banner.png
 

Manage identity and access in Azure Active Directory

This learning path will detail how to work with subscriptions, users, and groups by configuring Microsoft Azure Active Directory for workloads. This learning path can help you prepare for the Microsoft Certified: Azure Security Engineer Associate certification.

 

 

Modules in this learning path include:

  • Protecting against security threats on Azure
  • Creating an Azure account
  • Managing users and groups in Azure Active Directory
  • Creating Azure user and groups in Azure Active Directory
  • Securing your application by using OpenID Connect and AzureAD
  • Securing Azure Active Directory users with Multi-Factor Authentication
  • Managing device identity with Azure AD join and Enterprise State Roaming
  • Allowing users to reset thier passwords with Azure Active Directory self-service password reset
  • Adding custom domain name to Azure Active Directory

 

Learn more here: Managing identity and access in Azure Active Directory
 

 

 

AzUpdate_News_azure_firewall_cloudknox.png

Posted at https://sl.advdat.com/3i03zWa