Today at its Ignite 2019 conference, Microsoft announced a series of tools to expand the security capabilities of its Azure and Microsoft 365 platforms. 

First on the list is Azure Arc, which builds on Azure Stack and aims to extend Azure management and security to any infrastructure. Available in preview starting today, the new product extends Azure management capabilities to Linux and Windows servers, and Kubernetes clusters on infrastructures across on-premises, multi-cloud and edge. 

Azure Arc aims to provide a unified management solution for multiple environments using capabilities such as Azure Resource Manager, Azure Shell, Azure Portal, API, and Azure Policy. It also allows developers to build containerized apps with the tools of their choice, while IT teams are assured that apps are deployed, configured, and managed uniformly.

The tool also enables Azure data services anywhere, to provide customers with insights in real time. Taking advantage of artificial intelligence, it includes the ability to run software such as Azure SQL Database and Azure Database for PostgreSQL Hyperscale on any infrastructure. 

Furthermore, the company is releasing Azure Arc enabled API Management, to provide organizations with the ability to manage APIs across any environment, including hybrid and multicloud. 

In addition to the general availability of the Da_v4 and Das_v4 Azure virtual machine series for general purpose workloads, Microsoft also announced the public preview of Serial Console for Azure Government Cloud, which delivers a text based console for Windows VM and VM scale set instances. 

Starting today, Microsoft is making Generation 2 virtual machines in Azure generally available with new features, such as increased memory and Intel Software Guard Extensions, along with support for large VMs (up to 12 TBs) and OS Disk sizes that exceed 2 TBs.

Also today, Microsoft is making Azure Bastion generally available in six Azure regions: Australia East, East US, Japan East, South Central US, West Europe and West US. A fully managed Platform as a Service (PaaS), it provides secure and seamless RDP and SSH access to VMs, directly through the Azure Portal. 

Another preview announced today is for Internet Analyzer, which was designed to provide performance reporting across multiple endpoints for app migration and delivery, as well as Internet content and app delivery. 

Microsoft also announced that IPv6 for Azure VNet is now generally available across Azure regions worldwide.

Starting today, the tech giant is making server side encryption with customer managed keys (SSE with CMK) available for Azure Managed Disks, in preview for Premium SSD, Standard SSD, and Standard HDD disk types. With the new feature, customers can use Azure Key Vault as the repository for their Azure Disk encryption keys.

Today, Microsoft also announced new capabilities to make governance easier in Azure, including the fact that Azure Policy is moving into Azure KeyVault in public preview, that custom RBAC can be applied at the management group level, and that better tracking of subscriptions is available, courtesy of support for subscription tags. 

Azure Monitor, Microsoft announced, was enhanced with new features such as Network Insights (now in preview), Traffic Analytics, and the new Application Insights agent, which enables no-code monitoring of .NET applications running on Azure virtual machines.

Azure Monitor for containers was expanded with the preview of Hybrid Monitoring (which allows customers to monitor a hybrid Kubernetes deployment with on premises and Azure infrastructure), and the general availability of Prometheus Support. 

The tech giant also announced the general availability of a new version of Windows Admin Center, which includes integration with Azure Security Center, and the public preview of Azure Firewall Manager.

Moreover, the tech company announced the preview availability of Azure Arc support, Azure Stream Analytics support, and Windows Virtual Desktop on Azure Stack Hub, and the general availability of Kubernetes on Azure Stack Hub. 

Azure Security Center has been enhanced as well, now with extended coverage and improved cloud security posture management via preview of new regulatory compliance standards and support for custom policies, simplified secure score, better threat protection for cloud resources, preview of advanced data security for SQL Server on Azure virtual machines, and vulnerability assessment (powered by Qualys). 

Related: Microsoft Unveils New Azure, Windows Defender ATP Tools

view counter

Ionut Arghire is an international correspondent for SecurityWeek.

Previous Columns by Ionut Arghire:

Tags:

Tags: