Today, Microsoft Azure boasts an incredible growth rate of 39 percent in the first half of 2020, making it the world’s second-largest public cloud provider after AWS. Many organizations host environments on several public cloud platforms as well as on-premise and private cloud servers. As organizations continue to adopt multi-cloud strategies that include Azure, Armor is working with our customers and with Microsoft-certified MSP partners and technology consultants to deliver solutions for hybrid cloud environments.
Azure is popular among organizations with legacy Microsoft infrastructures and a commitment to Microsoft applications or SaaS offerings. Azure also naturally links well with key Microsoft on-premise systems such as Windows Server, System Center, and Active Directory. Armor cloud security customers who maintain Azure cloud services can now improve security and compliance outcomes derived from Azure native logs.
Log and Data Management Enhancements
Organizations with hybrid or multi-cloud strategies must maintain visibility of threats across networks, applications and data, collecting log data from a variety of sources. These include native logs from public cloud providers and third-party log sources. One organization’s cloud strategy may include hosting a customer-facing application on AWS, protecting sensitive healthcare data on Azure, and also maintaining financial data in on-premise servers. The challenge for security teams is to keep eyes on each environment, knowing what logs are most critical to watch, and correlating findings into action for security and compliance outcomes.
One way that Armor helps organizations improve visibility into hybrid cloud environments is through our log and data management solution, where we collect a growing array of log sources from which customers can detect and respond to threats. For multi-cloud or hybrid cloud environments that include Azure as part of their IT infrastructure, Armor Anywhere products now offer the ability to ingest Azure Application Gateway and Azure Network Security Group (NSG) flow logs.
Enhanced Security Telemetry
The Azure log sources now available to customers on the Armor cloud security platform are ones critical to understanding Azure cloud environments. Application Gateway logs detail access, performance, and web application firewall incidents, while NSG flow logs provide information about IP traffic flowing through an NSG.
As customers move away from managing security controls and more toward security and compliance goals or outcomes, broad visibility and continuous automated correlation become critical. By adding Azure Application Gateway and Azure Network Security Group (NSG) flow logs, Armor Anywhere provides enhanced threat detection and response capabilities for Azure cloud administrators.
Customers and partners have cited unified visibility across hybrid cloud environments as critical to incident response. Armor’s agnostic cloud security platform, with an ability to ingest and store over 250 log sources, provides that visibility. Security teams can collectively view logs from cloud-native sources and tools, or from third-party sources such as appliances, firewalls, endpoints, and network devices—all from a single dashboard on the Armor Management Portal.
For customers driving for compliance outcomes in Azure, the additional log sources can be stored to meet requirements for regulatory frameworks such as PCI DSS, HIPAA and HITRUST. Combined with Armor’s audit-ready products or our cloud security posture management add-on, customers can drive compliance and reduce audit resources through automation.
Working with Microsoft Azure Partners
For partners who harness the power of Azure, Armor helps deliver better security and compliance outcomes tailored to their customers. Combining the experience of Microsoft-certified Azure specialists like Crayon with Armor’s multi-cloud security solutions and knowledge of Azure log sources, we help customers reduce their time to detection and provide a place to house all the logs to fulfill compliance requirements.
“Armor’s decision to support Azure native logs could not come at a better time. Just as Armor is seeing companies migrate their workloads to multi-cloud environments, we too are seeing a spike in the number of customers seeking help in designing, implementing, securing and managing a hybrid cloud or multi-cloud IT environment,” said Regina Manfredi, Senior Vice President, US Sales for Crayon. “If a cloud environment is not secure and/or does not meet required compliance regulations, then this exposes a company to great risk. Robust and comprehensive security is a must, and we are delighted to have Armor as our security partner.”
The result? Organizations looking to simplify security management across hybrid cloud environments that include Azure can now see threats across environments more clearly and faster than they ever have before, and they can do it with the confidence that they are secured by Armor. Combining these data points with analytics and threat intelligence, teams can become hero defenders of critical networks, applications, and data.