Azure Security For Critical Workloads

This is a crisp, practical, and hands-on guide to moving mission-critical workloads to Azure. This book focuses on the process and technology aspects of Azure security coupled with pattern-oriented, real-world examples. You will implement modernized security controls, catering to the needs of authentication, authorization, and auditing, thereby protecting the confidentiality and integrity of your infrastructure, applications, and data.

The book starts with an introduction to the various dimensions of cloud security, including pattern-based security and Azure's defense security architecture. You will then move on to identity and access management with Azure Active Directory. Here, you will learn the AAD security model, application proxy, and explore AAD B2B and B2C for external partners. Network security patterns and infrastructure security patterns are discussed next, followed by application and data security patterns. Finally, you will learn how to set up security policies and work with Azure Monitor and Azure Sentinel, and to create leadership support and training for a rigorous security culture.

After completing this book, you will understand and be able to implement reusable patterns for mission critical workloads, standardizing and expediting the move of those workloads to Azure.

WHAT WILL YOU LEARN

* Understand security boundaries required to implement Azure's defense-in-depth security architecture
* Understand Azure Active Directory security model
* Master design patterns relating to network, infrastructure, and software
* Automate security monitoring with advanced observability and gain practical insights on how this can be implemented with Azure Monitor and Azure Sentinel

WHO IS THIS BOOK FOR

Developers and IT consultants/architects who are working on Azure.

Sagar Lad is a Data Solution Architect working with a leading multinational software company in Netherlands and has deep expertise in implementing Data & Analytics solutions for large enterprises using Cloud and Artificial Intelligence. He is an experienced Azure Platform evangelist with a strong focus on driving cloud adoption for enterprise organizations using Microsoft Cloud Solutions & Offerings with 8+ Years of IT experience. He loves blogging and is an active blogger on Medium, LinkedIn, and the C# Corner developer community. He was awarded the C# Corner MVP in September 2021 for his contributions to the developer community.

CHAPTER 1: INTRODUCTION: DIMENSIONS OF CLOUD SECURITY

History about security and public cloud

Cloud security boundaries and responsibilities

Pattern-based security

Azure's defence-in-depth security architecture

30 pages

CHAPTER 2: IDENTITY AND ACCESS MANAGEMENT WITH AZURE ACTIVE DIRECTORY

Identity protocols and application types

Azure active directory security model

Active directory federation services

Azure AD Application proxy

Exploring Azure AD B2B and B2C for external partners

PIM Azure AD Identity protection hybrid implementation

Single sign on with Azure AD

60 pages

CHAPTER 3: NETWORK SECURITY PATTERNS

Software defined networks

Network topologies

Segmenting subnets

Controlling routing behaviour

Using gateways and firewalls

30 pages

CHAPTER 4: INFRASTRUCTURE SECURITY PATTERNS

Physical security

Built in Azure security controls

Azure tenant security

Container security

Securing Azure resources

30 pages

CHAPTER 5: APPLICATION AND DATA SECURITY PATTERNS

Securing the application access

Data classification

Securing the data access

Data encryption patterns

30 pages

CHAPTER 6: SECURITY PROCESSES

Complete mediation with threat modelling

Securing the infrastructure and application deployment

Security testing

Key Management - Vulnerability management

Disaster recovery

40 pages

CHAPTER 7: AUTOMATED SECURITY MONITORING

Setting up security policies

Advanced observability

Azure Monitor

Azure Sentinel

30 pages

CHAPTER 8: CREATING A SECURITY CULTURE

Leadership support

Training

10 pages