Azure Security Infrastructure (IT Best Practices - Microsoft Press)

De (autor) , ,
Notă GoodReads:
en Limba Engleză Paperback – 09 Sep 2016
Implement maximum control, security, and compliance processes in Azure cloud environmentsInMicrosoft Azure Security Infrastructure, three leading experts show how toplan, deploy, and operate Microsoft Azure with outstanding levels of control, security, and compliance. You ll learn how to prepare infrastructure withMicrosoft s integrated tools, prebuilt templates, and managed services anduse these to help safely build and manage any enterprise, mobile, web, orInternet of Things (IoT) system. The authors guide you through enforcing, managing, and verifying robust security at physical, network, host, application, and data layers. You ll learn best practices for security-aware deployment, operational management, threat mitigation, and continuous improvement so you can help protect all your data, make services resilient to attack, and stayin control no matter how your cloud systems evolve.

Three Microsoft Azure experts show you how to:

Understand cloud security boundaries and responsibilities

Plan for compliance, risk management, identity/access management, operational security, and endpoint and data protection

Explore Azure s defense-in-depth security architecture

Use Azure network security patterns and best practices

Help safeguard data via encryption, storage redundancy, rightsmanagement, database security, and storage security

Help protect virtual machines with Microsoft Antimalware forAzure Cloud Services and Virtual Machines

Use the Microsoft Azure Key Vault service to help secure cryptographickeys and other confidential information

Monitor and help protect Azure and on-premises resources withAzure Security Center and Operations Management Suite

Effectively model threats and plan protection for IoT systems

Use Azure security tools for operations, incident response, andforensic investigation

Citește tot Restrânge

Din seria IT Best Practices - Microsoft Press

Preț: 16722 lei

Preț vechi: 20902 lei

Puncte Express: 251

Preț estimativ în valută:
3210 3433$ 2767£

Carte indisponibilă temporar

Doresc să fiu notificat când acest titlu va fi disponibil:

Preluare comenzi: 021 569.72.76


ISBN-13: 9781509303571
ISBN-10: 150930357X
Pagini: 224
Dimensiuni: 189 x 229 x 12 mm
Greutate: 0.36 kg
Editura: Microsoft Press
Seria IT Best Practices - Microsoft Press

Notă biografică

YURI DIOGENES is a Senior Content Developer on the CSI Enterprise Mobility and Security Team, focusing on enterprise mobility solutions, Azure Security Center, and OMS Security. Previously, Yuri worked at Microsoft as a writer for the Windows Security team and as a Support Escalation Engineer for the CSS Forefront team. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from Utica College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite-Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator's Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press.

DR. THOMAS SHINDER is a program manager in Azure Security Engineering and a 20-year veteran in IT security. Tom is best known for his work with ISA Server and TMG, publishing nine books on those topics. He was also the leading voice at After joining Microsoft in 2009, Tom spent time on the UAG DirectAccess team and then took a 3-year vacation from security to be a cloud infrastructure specialist and architect. He's now back where he belongs in security, and spends a good deal of time hugging his Azure Security Center console and hiding his secrets in Azure Key Vault.

DEBRA LITTLEJOHN SHINDER, MCSE, is a former police officer and police academy instructor who is self-employed as a technol￿ogy consultant, trainer, and writer, specializing in network and cloud security. She has authored a number of books, including Scene of the Cybercrime: Computer Forensics Handbook (Syngress Publishing, 2002) and Computer Networking Essentials (Cisco Press, 2001). She has co-authored more than 20 additional books and worked as a tech editor, developmental editor, and contributor to more than 15 books. Deb is a lead author for and, and a long-time contributor to the GFI Software blog and other technology publications, with more than 1,500 published articles in print magazines and on websites. Deb focuses on Microsoft products, and has been awarded the Microsoft MVP (Most Valuable Professional) award in the field of enterprise security for 14 years in a row. She lives and works in the Dallas-Fort Worth area and has taught law enforcement, computer networking, and security courses at Eastfield College in Mesquite, Texas. She currently sits on the advisory board of the Eastfield Criminal Justice Training Center Police Academy.


Chapter 1 Cloud security

Cloud security considerations


Risk management

Identity and access management

Operational security

Endpoint protection

Data protection

Shared responsibility

Cloud computing

Distributed responsibility in public cloud computing

Assume breach and isolation

Azure security architecture

Azure design principles

Chapter 2 Identity protection in Azure

Authentication and authorization

Azure hierarchy

Role-Based Access Control

On-premises integration

Azure AD Connect


Suspicious activity identification

Identity protection

User risk policy

risk policy

Notification enabling


Multi-Factor Authentication

Azure Multi-Factor Authentication implementation

Azure Multi-Factor Authentication option configuration

Chapter 3 Azure network security

Anatomy of Azure networking

Virtual network infrastructure

Network access control

Routing tables

Remote access (Azure gateway/point-to-site VPN/ RDP/Remote PowerShell/SSH)

Cross-premises connectivity

Network availability

Network logging

Public name resolution

Network security appliances

Reverse proxy

Azure Network Security best practices

Subnet your networks based on security zones

Use Network Security Groups carefully

Use site-to-site VPN to connect Azure Virtual Networks

Configure host-based firewalls on IaaS virtual machines

Configure User Defined Routes to control traffic

Require forced tunneling

Deploy virtual network security appliances

Create perimeter networks for Internet-facing devices

Use ExpressRoute

Optimize uptime and performance

Disable management protocols to virtual machines

Enable Azure Security Center

Extend your datacenter into Azure

Chapter 4 Data and storage security

Virtual machine encryption

Azure Disk Encryption

Storage encryption

File share wire encryption

Hybrid data encryption


Wire security

Data at rest

Rights management

Database security

Azure SQL Firewall

SQL Always Encrypted

Row-level security

Transparent data encryption

Cell-level encryption

Dynamic data masking

Chapter 5 Virtual machine protection with Antimalware

Understanding the Antimalware solution

Antimalware deployment

Antimalware deployment to an existing VM

Antimalware deployment to a new VM n