Connect Non-Azure Resources to Azure Defender
Protect Non Azure Resources
Besides defending your Azure environment, you can also add Azure Defender capabilities to your hybrid environment to:
- Protect your non Azure servers.
- Protect your VMs in other clouds (such as AWS and GCP).
- Protect SQL databases.
For machines, the Log Analytics Agent is the only required technology while providing more insights for the security alerts, connecting other cloud providers resources to offer cloud security posture management information.
Add non Azure machines with Azure Arc
Azure Arc enabled servers always preferred the way of adding your non Azure machines to the Azure Security Center while providing enhanced capabilities such as the option to enable the guest configuration policies on the machine, deploy the Log Analytics agent as an extension, simplify deployment with other Azure services, and more.
What are Azure Arc enabled servers?
Azure Arc enabled servers permits you to manage your windows and Linux machines hosted outside of Azure, on your corporate network, or the other cloud providers consistent with how you manage native Azure Virtual Machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure that has a Resource ID, which is included in a resource group, and benefits from standard Azure constructs such as Azure Policy and applying tags.
The Azure Connected Machine agent needs to be installed on each machine that you plan on connecting to Azure to get this experience with your hybrid machines hosted outside of Azure. This agent does not deliver any other functionality, or replace the Azure Log Analytics agent.
Add non-Azure machines from the Azure portal
You can start the process of adding a non-Azure server from two different locations in Security Center:
- From Security Center's menu, open the Getting started page.
- Select the Get Started tab.
- Below Add non-Azure servers, select Configure.
- From Security Center's menu, open the Inventory page.
- Select the Add non-Azure servers button.
Log Analytics workspaces list is shown which includes (if applicable) the default workspace created for you by the Security Center when automatic provisioning, from which you can select Add Servers for the relevant workspace. After that the agent management page appears where you can choose the relevant procedure below depending on the type of machines you're onboarding:
- Onboard your Azure Stack VMs.
- Onboard your Linux machines.
- Onboard your Windows machines
Connect AWS Accounts
Onboarding your AWS account into the Security Center, integrates AWS Security Hub and Azure Security Center which provides visibility and protection across both of these cloud environments to provide:
- Automatic agent provisioning
- Policy management
- Vulnerability management
- Embedded Endpoint Detection and Response
- Detection of security misconfigurations
- A single view showing Security Center recommendations and AWS Security Hub findings
- Incorporation of your AWS resources into Security Center's secure score calculations
- Regulatory compliance assessments of your AWS resources
Connect your GCP accounts
Onboarding your GCP account into Security Center, integrates GCP Security Command an Azure Security Center which provides the visibility and protection across both of these cloud environments to provide:
- Detection of security misconfigurations
- A single view showing Security Center recommendations and GCP Security Command Center findings
- Incorporation of your GCP resources into Security Center's secure score calculations
- Integration of GCP Security Command Center recommendations based on the CIS standard into the Security Center's regulatory compliance dashboard
Comments
Post a Comment