Time
8 hours 33 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:00
Hello, Siberians. Welcome to this demonstration on Azure Security Center. This demonstration is part of the seventh month you off the 500 Microsoft Azure security technologist costs
00:12
Quick information on the activities that will be completed in this demo will start by enabling Understand that stare off as your security center
00:21
wouldn't Central Life Security and Policy Management in Security center and finally will reveal security recommendations and complains reports in Security center. Let's get into this.
00:33
So in the first, ask how being nimble in the standard tear off your security center. In my environment,
00:40
hand carries a visual representation of what I'll be Dean.
00:44
The free tear off security center is automatically enabled the first time we click on the security center console in the azure Pato. We can enable it tear to this tryout off the standards here before we starts to pay for it. So that's what are we doing? So here I am, in the azure Pato
01:02
on. If I click on Security Center, I can also click on the left, stab over here
01:07
and go to secure its center.
01:10
So here I am in security center, you can see that I currently do not have the standards here and neighborhood, and that's the reason why gets the prompt toe upgrade. So if I scroll down, you can see that it automatic a list like that. My subscription I only have one subscription
01:26
on it's giving me the option to click on upgrade here if I go ahead and click on Upgrade.
01:30
You said that it's also given me the option to say for the collection off events for veteran machines, it can automatically provision the agent on as a veteran machines.
01:40
I can quiet and live that configuration selected, and I can go on install agents. So this way, if I have any existent veteran machine, the agents will be installed on them. And for any new virtual machine, the
01:52
a gentle be automatically provision for them also. So if I click back to Security Center and if I click on prices and settings on the left hand side, this is showing us free at the moment.
02:05
So to move it to the standard here are quiet and click on my subscription, and I can see the free tier, which is currently weight sets to If I go ahead and select standard on if I go ahead and click on safe. So what I would do is that will switch me from the free tier to the stand that's there. So essentially, we had to do that in two steps.
02:23
The first step is to enable the standards here,
02:27
and then the second step is to apply that so you can see that it's now showing as the price and he had been applied. So what I'll do is I'll go back to security center pricing and settings on again. Just need to give this a few minutes before we see that change to standard. So I refresh the screen on this is now showing as the stand that's here.
02:46
So in the next task, how big configuring Central Life's policy management in I just security center. And here is a visual representation off what are between. So when I enabled security center standards here earlier,
03:00
I registered eat at the subscription level. What I wanted to now is I want to centralize dead by a registry added management group level on what that means is any subscription that I put under that management group automatically inherits this policies to keep this cleaned up. I'll go ahead and also remove the policy initiative that assigned at a subscription level.
03:22
So here I am back in the azure Pato. If I goto coverage in the azure Pato, you can see that I have a subscription that's fully covered to centralize things at the management group level. What I'll do is I'll click on security policy on If I click on that, I can see my entire Iraqi. I have a root management group
03:42
on a child management group on my subscription on the child Management group. What I want to do is I want to quiet and click on this manager. Encrypt.
03:51
Now, when I click on that, you see that it's currently showing US policy not assigned. So what I'll do is I'll go ahead and click on a signed policy on the management group level.
04:00
So this is gonna take me to where I can quiet and assigned this initiative. At this level, I won't be making any changes, are just quiet and click on review. Lost, create, and I'll go ahead and click on Create.
04:12
Now it's showing that I have that security policy assigned at the management level, also for the compliance policies. You can say the ones that comes out of the box, that I do not need to do anything to assign them. However, if I want to have extra standards, I can go ahead and click on add most and that
04:29
and I can quiet and hard them and assign them at the right level. So I won't be doing that are just great and close that
04:34
if I click back to a security center security policy here on, if I go to my subscription, I still have my policy has signed at this level. So what I want to do is I want to go clean that up.
04:45
Well, why do I want to go clean? That hope The reason being. If I click on very effective policy, you can see that essentially assigned the same policy initiative twice. One applied directly at the social friend level and the other one applied at the management group level. So the cleanup, the one at the subscription level. What I'll do is I'll go to the
05:03
as a despot on our click on subscriptions, and I'll select my subscription next, my subscription, our quiet and click on policies
05:13
And if I click on assignment,
05:15
I can say the policy assignment here. So what out, though, is our choir and select that policy assignment on our guide and click on the lead assignment on our clicking Yes and our tidy things up at this level also so in the final task off this demonstration
05:31
are reviewing security recommendations and complaints. Reports in Security Centre are also trying an extra demonstration to show you out of configure email notification.
05:44
Here is a visual representation off. What are we? Dean
05:47
from the Azure Pato up reviewing security recommendations and complains with pots.
05:54
So here I am back in the azure Pato
05:56
if I go ahead and click on Security Center so India Overview section we have a quick somebody off water security and complaints posture lives like we have. This thing called the secure score on the left hand side is secure. Score is a very simple way to manage a security hygiene.
06:13
The higher house score, the more hardened our environment is from a security perspective, we can see a summary off the regulatory compliance assessment. Also on, we can see if we have said in subscriptions that are not yet covered and subscriptions that are covered.
06:28
So to drill down into security recommendations, I can click on the left hand side head
06:32
on. The recommendations on is going to give me a list off all the different recommendations. What passed on what field?
06:40
So, for example, there's a recommendation to enable disk encryption for veteran machines that are not yet enabled on that's been displayed to me right here.
06:48
I can also click on regulatory compliance,
06:51
and I can feel down into the different complaints standards on view reports for them.
06:57
So, for example, there's an option he had to download reports for. Go ahead and click on the download report option.
07:02
I can select the complaints Tonder that I'm interested in. I can click on download
07:08
that's going to download a Pdf report. If I go ahead and click on that report, it's going to give me an overview off this complaint standard and what my current complaints pushed your hiss.
07:19
Finally, we may want to configure email notifications to be proactively notified off any security and compliance issues. So to do that, I can click on pricing and settings on the left hand side. I'll go ahead and click OK to that
07:34
on. If I select my subscription
07:36
on on the left hand side, there's an option for email notifications for great and selects that
07:43
on. You can see in your recipients there
07:46
so I can go ahead and specify if I want to automatic understand an email toe anyone that configured for any of this rose I can leave that sets to subscription owner
07:56
I can also have additional email addresses.
07:59
We can also specify the severity of the issues to raise an email notification from.
08:03
We can specify dads too high
08:07
and I can click on safe.
08:09
And now we have proactive email notifications configured.
08:13
He has a summary of what we covered in this demonstration. We started by enabling this stand that's tear off as your security center with Central Nice Policy Management in Security Center by assigning the policy at the management group level.
08:28
And finally we revealed security recommendations on compliance reports in Security center on also configured email notifications.
08:37
Thanks very much for watching and I'll see you in the next lesson

Up Next

AZ-500: Microsoft Azure Security Technologies

In the AZ-500 Microsoft Azure Security Technologies training, students will learn the skills that are needed to pass the AZ-500 certification exam. All exam topics are covered as well as exam preparation strategies and hands-on practice.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor