Table of Content
- Security Concepts
- Identity & Access Management
- Secret Management
- Network Security
- Governance Management
- Azure Encryption
Azure Bastion
Intermediate hardened instance that can be used to connect to target via SSH or RDP
It will provision a web-based RDP client or SSH Tunnel
Some devices cannot run RDP (Google Chromebook) so only way to connect to VM
When we create Azure Bastion that has to be added to a subnet in our VNet called AzureBastionSubnet
with at least a size of /27
With Bastion we can connect to a VM without an Public IP Address
Azure Sentinel
Cloud-native SIEM and SOAR
Uses Log Analytics Workspace to log storage
Workbooks: Provides a flexible canvas for data analysis and creation of rich visual reports
Capacity Reservation: Fixed fee based on selected tier
Pas-As-You-Go: Billed per GB for the volume of data ingested for analysis
Microsoft Endpoint Manager
Microsoft Intune and Configuration Manager merged into a single service
Microsoft Intune: Used for managing security of Mobile devices
Configuration Manager: Used for managing desktops, servers and laptops
Device Identity Management