Azure Arc Security remediation on Azure Stack HCI Cluster #Azure #Security #ASC #AzureStackHCI

Azure ARC Services

Microsoft Azure Arc enables you to manage your entire environment, with a single pane of glass, by projecting your existing resources into Azure Resource Manager. You can now manage virtual machines, Kubernetes clusters, and databases as if they are running in Azure. Regardless of where they live, you can use familiar Azure services and management capabilities. Azure Arc enables you to continue using traditional ITOps, while introducing DevOps practices to support new cloud native patterns in your environment.

IT Management with Azure ARC

With Microsoft Windows Admin Center I Build a Microsoft Azure Stack HCI Cluster and the Nodes are connected with Azure Arc Services. In the following steps you will see a security feature of Microsoft Azure Arc Services with remediation of the Risks on the Azure Stack HCI Cluster On-premises.

Azure Arc Security Remediation

Here you see the Azure Arc Servers with Azure Stack HCI

On Skywalker01 Node we have two Security Risks

When you click on the risk, you see the description and the remediation steps to solve this risk issue. Here you can also see the remediation script:

Automatic Remediation Script. 

Select the Azure workspace ID and when you don’t have one you can Create new Workspace in Azure.
Select the resource, in my case Skywalker01
Click on remediate resource.

Remediation in progress

The Microsoft Azure Monitor Agent extension in Azure Arc is successfully installed.

Done.

I did the same for Skywalker02 Azure Stack HCI Cluster Node.

The Next Medium Risk is a Vulnerability assessment on the Azure Stack HCI Cluster nodes. Just follow the steps of the wizard.

Azure Arc Security Vulnerability Assessment with Azure Defender

Click on remediate.

This one will use Qualys in Azure Defender.

Click on remediate resource.

The vulnerability scanner included with Azure Security Center is powered by Qualys. Qualys’ scanner is one of the leading tools for real-time identification of vulnerabilities. It’s only available with Azure Defender for servers. You don’t need a Qualys license or even a Qualys account – everything’s handled seamlessly inside Security Center.

Here you find more information about Azure Defender’s integrated vulnerability assessment solution for Azure and hybrid machines

Azure Arc Insights Monitor

Azure Arc Insights of the Azure Stack HCI Cluster Node

Because we have installed the Microsoft Azure Monitor extension in Azure Arc on this Azure Stack HCI Node Server, telemetry and analytics will do his job for Monitoring in Azure and data will be collected. In Azure maps you see the connectivity of the Server.

 

Here you can see the Fired Alerts by severity and Investigate 🙂

You can monitor the Traffic

Here you find more information about Insights and Maps for your Servers

Conclusion

Here you see the power of Hybrid IT management via Microsoft Azure Arc services and get Azure Cloud services for your On-premises Servers. You have the Free Microsoft Windows Admin Center Tool and integration with Azure Arc for all the innovative tools like Azure Monitor, Azure Security Center, Azure Defender, Update management and more. I hope you see the benefits too, Get started Today !

JOIN the Microsoft Azure Monitor & Security for Hybrid IT Community

 

Categories: Azure, Azure Monitor, Azure Security, Azure Stack HCI, Microsoft Azure, SQL, Windows Admin Center, Windows Server 2019, WindowsAzure | Tags: AzOps, Azure, AzureArc, AzureStackHCI, Cloud, HybridIT, Management, Microsoft, MVPBUZZ, WindowsAdminCenter, winserv | Permalink.

Manage Servers On-premises with Microsoft Azure Cloud Services #Azure #Arc #Security #Cloud #AzureMonitor #ASC

Microsoft Azure Arc Servers On-Premises and Azure Cloud Services

Earlier I wrote a blogpost about Microsoft Azure Arc services installation to manage on-premises Servers with Azure Cloud Services, like Azure Monitor and Azure Security Centre from the Cloud.
Here in this post you will see the Newest Microsoft Azure Cloud Services to Manage and Monitor your Servers on-premises with security and compliance included.

Azure Arc Extensions settings of the Server.

Here you can see we have installed the Microsoft Monitoring Agent for Azure Monitor and log analytics, second we have installed the dependency Agent for Windows for
insights, Performance and Service maps. Here you find more information about Virtual machine extension management with Azure Arc for servers (preview)  

After initial deployment of the Azure Arc for servers (preview) Connected Machine agent for Windows or Linux, you may need to reconfigure the agent, upgrade it, or remove it from the computer if it has reached the retirement stage in its lifecycle. You can easily manage these routine maintenance tasks manually or through automation, which reduces both operational error and expenses.

Managing and maintaining the Connected Machine agent

Azure Arc Insights Performance monitor

The Azure Arc Insights Performance monitor is there by default and installed with the following dashboards :

• CPU Utilization
• Available Memory
• Logical disk IOPS
• Logical disk MB/s
• Logical disk Latency
• Max logical disk used %
• Bytes Sent Rate
• Bytes Received Rate

Azure Arc Logs Analytics

Of course you can make your own custom Dashboards in the Azure Portal with your own triggers, so in this way you get the same Azure Monitor Innovative Tools for your On-Premises Servers. 😉

Within Microsoft Azure Arc Insights, you can also see a Service Map of the Server

Here is were the dependency agent comes in, you get a service map of the Server and see the communication lines with other resources. In this picture you see Server Yoda01 a Domain Controller of my MVPLAB.
You can see that there are three Clients are logged on the domain controller.

Microsoft Azure Security Center for Azure Arc Servers

 

One of the most powerful and important features of Microsoft Azure Cloud platform is Security! Microsoft Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Here you see my Azure Arc Servers (On-Premises) in Azure Security Center.

Azure Arc Server in Azure Security Center recommendations Summary

Five security assessments passed the test, but Azure Security assessment has two recommendations one is Medium Risk and one low.

Here you see the Security advise and the Remediation to take action on your Server.

Microsoft Azure Security Center Overview with the Overall Secure Score.

Security controls – Each control is a logical group of related security recommendations, and reflects your vulnerable attack surfaces. A control is a set of security recommendations, with instructions that help you implement those recommendations. Your score only improves when you remediate all of the recommendations for a single resource within a control.

To immediately see how well your organization is securing each individual attack surface, review the scores for each security control.

 Here you find More information about Azure Security Center Secure Score

To get your Azure Arc Servers (On-premises) complaint for the business and security, you can use Microsoft Azure Arc Policies

Azure Arc Policies to meet your Compliance state.

Conclusion

Microsoft is bringing Azure Cloud Power tools everywhere with Azure Arc Services to give you modern tools like Azure Monitor and Azure Security Center to keep you in control, Secure and Compliant for your business. Keep following Microsoft for Hybrid IT Management, because more awesome features are added every day in Microsoft Azure Cloud Services. Let’s start to get your Azure Security Score UP and UP 😉

Categories: ARM, Azure, Azure Monitor, Azure Security, Azure Stack, Azure Stack HCI, Containers, Linux, Microsoft Azure, SQL, Uncategorized, Windows 10, Windows Containers, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, WindowsAzure, WindowsInsiders | Tags: ARC, ASC, AzOps, Azure, AzureArc, Azuremonitor, Cloud, HybridCloud, HybridIT, Management, Microsoft, MVPBUZZ, SecOps, Security, winserv | Permalink.