Book Image

Microsoft Azure Infrastructure Services for Architects

By : John Savill
Book Image

Microsoft Azure Infrastructure Services for Architects

By: John Savill

Overview of this book

With Microsoft Azure challenging Amazon Web Services (AWS) for market share, there has been no better time for IT professionals to broaden and expand their knowledge of Microsoft’s flagship virtualization and cloud computing service. Microsoft Azure Infrastructure Services for Architects: Designing Cloud Solutions helps readers develop the skills required to understand the capabilities of Microsoft Azure for Infrastructure Services and implement a public cloud to achieve full virtualization of data, both on and off premise. Microsoft Azure provides granular control in choosing core infrastructure components, enabling IT administrators to deploy new Windows Server and Linux virtual machines, adjust usage as requirements change, and scale to meet the infrastructure needs of their entire organization. This accurate, authoritative book covers topics including IaaS cost and options, customizing VM storage, enabling external connectivity to Azure virtual machines, extending Azure Active Directory, replicating and backing up to Azure, disaster recovery, and much more
Table of Contents (18 chapters)
Free Chapter
1
Cover
2
Acknowledgments
3
About the Author
4
Introduction
17
Index
18
End User License Agreement

Security in Azure

Security is a core part of everything, not just in Azure. Throughout the book, I have talked about security aspects of the technologies and services covered. However, I want to spend a little more time on a few key topics and ways of thinking about certain aspects of cloud usage that are broad across any specific technology.

Advanced Threat Protection (ATP)

This follows very closely from looking at monitoring available in Azure. When I talked about storing various signals, such as logs and metrics, I pointed out that simply looking at signals and trying to generate alerts from a single piece of telemetry for security purposes is typically impractical. Keeping logs and metrics is useful for forensic purposes after an attack, but trying to detect an attack from manually created rules based on metric values or log content is likely to fail. To detect threats, we typically need to not only look at combinations of signals but also apply intelligence. This is where the various...