New Microsoft Azure cloud security tools will work on prem, in Amazon’s cloud too
Microsoft CEO Satya Nadella gave a keynote address at a Government Cloud Forum in Washington, D.C. this morning in which he talked about his company’s broad security efforts. Microsoft spends $1 billion annually in research and development to improve security across the company’s three major products: Windows 10, Office 365 and Azure. “We don’t think of security as being a separate piece of technology,” Nadella said. “It has to be core to the operational systems that you use, where your data resides, where your most critical application usage is.”
+ MORE AT NETWORK WORLD: Cloud providers target baking security into the app design process | Top Tech Turkeys of 2015 +
Microsoft has begun testing Azure Security Center, a web-based console where IT administrators can get a central view of their cloud environment’s security posture. It uses policy-based scans to detect if security best practices are in place. For example, if there’s a server hosting a website that does not have a Web Application Firewall (WAF) attached to it, Azure Security Center can flag that and provide users with an opportunity to download a WAF from a the third-party vendor, like Barracuda, F5, or Trend Micro.
(Amazon Web Services, which is Azure’s biggest competitor in the IaaS cloud, is testing a similar product named Inspector.)
Azure Security Center uses what Microsoft calls its Advanced Threat Analytics to search for unusual behavior in a customer’s environment. For example, it could detect that a user is logging in from an unusual location, has attempted incorrect passwords an abnormal number of times, and has eventually gained access. It can also detect communications between a virtual machine and a malicious IP address that Microsoft has found.
Nadella says that functionality can be extended to customers’ on-premises environments as well, and even clouds delivered by other providers, such as Amazon Web Services, using Microsoft’s Operations Management Suite. A user could for example, be alerted if a virtual machine it has deployed in Amazon’s cloud is communicating with that same malicious IP address.
“We recognize that it’s not just us building these technologies, but we also need to interoperate in a heterogeneous environment,” Nadella said. “So that’s something that’s first class in how we deal with identity, how we deal with device management, data protection. Those are all key to our design.”
At the Government Cloud Forum Nadella outlined a variety of other security features Microsoft has, including facial recognition authentication in Windows 10, automatic scanning of emails for malware and viruses in Office 365, and securing access to endpoint devices using Active Directory and the company’s Enterprise Mobility Suite. Nadella said Microsoft inspects 200 billion emails a month for malware.