Thursday, December 6, 2018

Protect Linux containers running in IaaS with Azure Security Center


These days most of the enterprises are transforming their monolith applications to run mission-critical, containerized cloud-native applications in production. Using Containers, they can achieve multiple advantages, both for developers and IT professionals. Easy and fast to deploy, immutable, and provide fast iteration are some of them. As the number of containers deployed continues to increase, security solutions need to be in place to provide you with visibility into the security state of your containers and help protect them from threats.
Microsoft Azure team is now providing you with several new capabilities to help you secure your containers.

1.     Visibility to the containers hosted on IaaS Linux machines

There is a new tab to display all virtual machines with Docker.

There is additional information that Security Center now provides, when user exploring the security issues of a virtual machine.
E.g.: Information related to the containers on the machine, such as Docker version and the number of images running on the host.



2. Security recommendations based on the CIS benchmark for Docker

By using security center AI technology Security center scans (Reads) user’s Docker configurations and gives you visibility into misconfigurations by providing a list of all failed rules that were assessed and gives quick fixes as well as it helps you to resolve the issues quickly and save time. Security Center continuously assesses the Docker configurations and provides you with their latest state.


3. Real time container threat detection

Real-time threat detection is searching for threats for the containers using Linux machines, AuditD component
The alerts identify several suspicious Docker activities, such as the creation of a privileged container on host, an indication of Secure Shell (SSH) server run inside a Docker container, or the usage of crypto miners. You can use this information to quickly remediate security issues and improve the security of your containers.





Monday, November 26, 2018

Azure Cognitive Services in Containers


To build solutions with machine learning, requires a data scientist. Now Microsoft is enabling the cognitive services to take advantage of AI with developers, without requiring a data scientist. This is happening by getting machine learning models and the pipelines and the infrastructure needed to build a model and packaging it up into a Cognitive Service for vision, speech, search, text processing, language understanding, and more.
The advantage of this scenario is it is possible for anyone who can write a program to now use machine learning to improve an application. But if the developer tries to create Large scale applications using AI they face many problems on that. To overcome the problems Microsoft is introducing container support for Cognitive Services, making it significantly easier for developers to build ML-driven solutions.
This allows developers to build big AI systems that run at scale, reliably, and consistently in a way that supports better data governance.

Friday, November 16, 2018

Customer Lockbox for Azure


Azure is always try to ease up your data as much as confidential and secure. To improve much more Azure is introducing Customer Lockbox for Microsoft Azure.
What it does:
Customer Lockbox for Microsoft Azure is a service which is integrated into Azure portal.It gives you explicit control in the very rare instance when a Microsoft Support Engineer may need access to your data to resolve an issue.
Some instances may occur where a Microsoft Microsoft Support Engineer requires elevated permissions to resolve this issue such like debugging remote access issue.On that scenario Microsoft engineers use just-in-time access service that provides limited, time-bound authorization with access limited to the service.

Friday, November 2, 2018

Azure Monitor for Containers


Microsoft Azure team has released a useful tool for Azure Kubernetes Service (AKS) called Azure Monitor - container health monitoring capability. And it’s in public preview right now and developers are welcome to work on it. This will Enables to developers to track the health and performance of your Azure Kubernetes Service (AKS) cluster. Later, Microsoft will release new features and updates to onboarding and the portal experience.

What is Azure Monitor for container

Azure Monitor for containers works as the performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API and Logs even. After User enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Friday, October 26, 2018

Azure Monitor for virtual machines


In Microsoft Ignite Microsoft VM team have announced number of services and products that they are going to launch in near future. And one of its service was public preview of Azure Monitor for VMs which provides an in-depth view of VM health, performance trends, and dependencies.

How to access?

To view Azure Monitor for VMs, navigate to Azure VM resource blade and view details about VMs. From there users can identify compute issues at scale, and from the Resource Group blade to understand whether all the VMs in a common deployment are behaving as you expect.

Sunday, October 14, 2018

Azure VM Image Builder: Private Preview


Windows Azure were more popular in creating VMs (Virtual Machines) in your cloud and login remotely to them and access them as remotely. By the time Microsoft has implemented number of images (OS) to install in to it. Now they are expanding the ability to create images by users or customers. They have introduced the private preview of Azure VM Image Builder, a service which allows users to have an image building pipeline in Azure. To configure the image creation set up with Azure VM Image Builder, you can take an ISO or Azure Marketplace image and start creating your own golden images in a few steps.

Monday, October 8, 2018

Azure Front Door Services - Public Preview


In the earliest era of Microsoft there were huge struggle to increase the scalability and performance. People / Users asked several times to scale the products without decreasing performance or security. So this led Microsoft to build large, enterprise grade network and application infrastructure to solve reliability, scalability, performance and agility problems and took around 10 years via cloud journey. The result was the y made some enterprise services from Bing, Office, Skype, Azure, etc to overcome those challenges. And it led to developing unique infrastructure and services, battle-tested by years of constant support for Microsoft’s largest businesses.

Now they are releasing another huge project called Azure Front Door Service and its enterprise-grade  service and the public preview of newest addition to the Azure Networking and Azure’s application delivery suite of products. It is highly secure and highly available entry point for delivering your high performance global hyperscale apps.