Azure Sentinel is Microsoft cloud-native SIEM and SOAR. Say goodbye to 6 months SIEM solution setup and architecture – get started with visibility on you environement just now, and use the rich ecosystem of connectors to extend intelligence to your complete security suite.
Since we started to help customers of all sizes to deploy cloud technologies, we have developed many frameworks which all evolved in parallel over time. You may have heard about: Cloud Adoption Framework, Cloud Operations Model, Entreprise Cloud Strategy, Entreprise Scaffolding and maybe a couple more.
The CAF is dead, long live the CAF!
A couple of weeks ago, we published a new version of CAF – Cloud Adoption Framework for Azure, which consolidates all of our engineering and field best practices, as well as patterns that we’ve seen from big entreprises going to the cloud.
CAF has now five main sections which guide you throughout the whole circle:
This model is very realistic and field inspired, including some discussions around adoption with one or more cloud providers.
Governance
One of the most intimidating aspects of cloud adoption is the governance: how to manage new risks that are involved with cloud deployments and how to accompany that with entreprise processes and policies (and how does it remain current).
It is of course an iterative process that will evolve as you add new services into your environment: from dev/test to prod, and from legacy 3-tiers application to a brand new cloud-native application.
We distinguish 5 disciplines in governance:
Cost management
Security baseline
Resource consistency
Identity baseline
Deployment Acceleration
But the difficulty is the first step: how do I get a minimal viable product (MVP) for my first cloud deployment?
Actions: In order to avoid you the blank page syndrome, we have prepared you some actions:
Determine your immediate objectives with cloud, and the readiness of your organization. Cloud Assessment Tool: https://aka.ms/CAF/gov/assess
For all those journey we document a minimum viable product across the five disciplines, we explain the design decisions we took for you, the discussion points and alternative design considerations.
When we define governance, we also think about compliance to the rules, and automatic remediation methods for it: this is called Azure Policy.
Along the way, if you are going for ongoing compliance, why not going to continuous integration and continuous deployment for your infrastructure?
If you want to have a look at all of that in action, check at:
We used to talk a lot of “scaffolding” as it is an excellent checklist, or set of mandatory technical implentation details for a good cloud deployment. It is being replaced by the “landing zone” construct (see next section).
Here is a refresher picture about what scaffolding includes:
Azure VDC is a set of concepts, implentation guidance and automation scripts that allows you to build a highly available and highly secure datacenter, based on Microsoft Azure services.
Check at the automation scripts and all the archetypes that allow you to deploy a VDC environment fast – based on Docker and Python : https://github.com/Azure/vdc
Please find below materials from our online session for 29th August 2018 10am Singapore time!
Microsoft Azure enables you to meet the compliance requirements for data confidentiality, while ensuring data integrity and availability at all times. Tune in to this webinar to find out more about the available security technologies for your application and learn more about the security tools to help you meet the data compliance and protection requirements for your organization.
In this article we continue to review our online sessions covering Azure Infrastructure fundamentals that went live couple of weeks ago. Please find below the links to the sessions, the slides, demos and step by steps guides to reproduce the demos!
Session 3: Azure Backup and Disaster Recovery
Azure Site Recovery and Backup are two features that allow you to easily build Disaster Recovery and Backup plans. In this session, we will review the different options that are available to build a DRP that you can rely on.
The security and compliance session review the fundamentals of Azure security in both technical and non-technical terms. After a review of certification against the best in class policies and procedures, we will spend some time reviewing the technologies that customers can leverage to deploy solutions.