Join cloud automation experts as they highlight how you can craft a cloud automation strategy in Azure.
fedramp_logo

Azure already supports a large number of these controls—those dealing with physical access to data storage facilities, network security, and the security of servers. Under the shared responsibility security model, departments and agencies are required to implement measures to satisfy the remaining controls relevant to data and application security.

Trend Micro Deep Security—a leading solution for securing physical, virtual, and hybrid data centers—includes host-based capabilities that support compliance with many of these controls.

Read about Deep Security for FedRAMP Compliance

All or nothing is a really bad strategy for securing your Microsoft Azure workloads. You need to know exactly what it is that you must secure. But you can’t do it alone. Microsoft provides robust physical security, network infrastructure, and virtualization layer. Ideally, you will match their excellence with equally robust security for your workloads, including operating system, applications, and data.

Diagram

But there’s a small catch. If you try to use traditional security to protect your applications and data in the cloud, you risk slowing your Azure project with needless complexity. There’s a simpler and more effective solution: Security that is built for the cloud is easier to deploy in the cloud and works better to secure the cloud. But even then, the way you deploy it can impact your entire project. You have to be careful not to do anything that makes security stand between you and your success in the cloud.

Bake security into your project from the get go

First, start thinking about security very early in the game. The earlier the better. Baking security into your strategy from the get go is the best way to ensure full coverage when your deployment is complete. That includes thinking about implementing the proper controls, such as who has access to the Azure Management Portal, how designated administrators will access cloud resources, and what you need to do to maintain restrictive network policies.

Monitor traffic in and out of your cloud

Now that’s a great start. But you’ll still need to be sure that your applications remain secure during day-to-day usage. That’s where host-based IPS systems come in. They’ll help you ward off unauthorized access by monitoring incoming traffic to make sure it’s legitimate. Plus, vulnerability shielding functionality will help you keep all workloads up to date. Implementing virtual patches on templates helps you avoid the hassles of patching live workloads.

Detect threats early in the game

But your job is never really done. You still need to find ways to monitor your security posture to uphold continuous integrity of critical system files, application configuration files, and application logs. Sure Azure provides monitoring. But you need every advantage in getting a jump on the attackers. And host-based integrity monitoring will provide an earlier indication of compromised systems.

Be prepared to act fast if you have to

And in the unlikely event that you reveal an attack, you need to be prepared to act quickly to isolate the infected server, identify the cause, and begin repair. Only then can you restore service as quickly as possible. Azure is built to help you improve your incident response. To speed your time to protect, you’ll also want to take advantage of vulnerability assessments and penetration testing to discover as many vulnerabilities as possible before an attacker can use them against you.

Get started now

Want to dive deeper? Get more specifics on the ways you can get the security you need for your Azure project without slowing you down. Trend Micro has created a new white paper that outlines the top 10 security actions you can take to accelerate your application protection within Azure.

The “WHAT”

Disable Monitor Responses from Web Server

The “WHY”

To improve performance on your Web Servers, the ‘Monitor responses from Web Server’ setting may be disabled. When disabled, the DPI engine will not inspect web server response traffic. This would typically result in improved performance, especially for large responses.

Web client requests incoming to the server are still inspected by the DPI engine when this option is unchecked, and DPI rules which protect the web server and web application from malicious attacks are not affected by setting.

The “HOW”

  • Open up any Policy
  • Click on Intrusion Prevention (on the left)
  • Click on “Assign/Unassign…” button
  • From the top dropdown menus select the following options:
    • Web Application Protection
    • All
    • By Application Type

lindsey image 1

  • Find the “Web Server Common” section (I believe it should be second on the list and reference 22 rules)
  • You now have to click on where it says “Web Server Common” (it will highlight all of the rules) à Then right click (again, you must right click where it says “Web Server Common”
  • Select the “Application Type Properties…” option

lindsey image 2

  • Click on the Configuration tab
  • Uncheck the “Default” checkbox
  • Uncheck “Monitor responses from Web Server” checkbox:

Disable Monitor

Congratulations you’ve successfully disabled the monitor responses from Web Server!

Everyone seems to be looking for ways to simplify security, especially cloud security. That’s why Trend Micro has designed Azure security solutions to be as automatic, agile and flexible as Microsoft Azure itself. So it was no surprise when Microsoft chose to integrate the new Azure Security Center with Trend Micro. The Azure Security Center provides you with a single view of all your Azure subscriptions, performs live monitoring on workloads, and recommends remediation steps to address identified security issues. When the Azure Security Center discovers malware vulnerabilities on virtual machines it presents Trend Micro Deep Security as a recommended solution to address them. To make things even easier, you can then deploy Deep Security directly from the Azure Marketplace to enhance the protection of your environments from network attacks. Why is Trend Micro presented as a recommended solution? Trend Micro is a leader in cloud security1. And we have earned that position because we understand that to fully embrace the cloud, you need security that preserves its economic and operational benefits. Trend Micro has been working closely with Microsoft to ensure that we deliver elastic, flexible, and scalable security solutions that are compatible with the Azure environment. As a result, the integration of Trend Micro with Azure Security Center makes it easier than ever to secure cloud workloads. Easily identify virtual machine security issues Trend Micro Deep Security provides the security capabilities you need to meet shared responsibility in the cloud. And we do it with the industry’s most complete set of security capabilities for Microsoft Azure. With Deep Security, you can detect and remove malware in real-time, protect against known and unknown vulnerabilities, including zero-day attacks. You can also detect suspicious or malicious activity, including integrity monitoring required to meet compliance with key regulations, including PCI DSS 3.1, HIPAA, and others. Fast deployment and automated management Deep Security monitors your Azure environment, automatically recognizing and provisioning security to new instances. Plus, Deep Security automates repetitive, resource-intensive security tasks, such as provisioning and deprovisioning, to dramatically reduce operational cost and time. So you get the security you need to move sensitive workloads to Microsoft Azure without compromising its promise of automation and agility. Deep Security secures Azure workloads and sign up for a 30-day free trial, please visitwww.trendmicro.com/azure.