Azure Government Announces New Services
Azure Sentinel, Azure AD Domain Services and DDoS Protection Now Available in Azure Government
The Microsoft Azure gov Team recently announced new cloud services intended to extend the existing commercially available platform to government contractors. These new services bring enhanced visibility and optimization of security operations. C3 clients have already begun implementing some of these new services, and the early reports are that these services provide a dramatic increase in overall capability. Check out some of the features of the new services below:
Azure Sentinel is the first cloud-native SIEM from a major cloud provider. Sentinel provides a birds-eye view across your organization and has helped clients:
- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds;
- Detect previously uncovered threats and minimize false positives using analytics and threat intelligence;
- Investigate threats with AI and hunt suspicious activities at scale; and
- Respond to incidents rapidly with built-in orchestration and automation of everyday tasks.
This new service allows GCC High clients to start their deployment of SIEM services by quickly and seamlessly connect GCC High to Azure Government Sentinel. Then, as the client is ready, they can add more components of their environment, such as firewalls, servers, etc.
Azure Active Directory Domain Services
Azure AD Domain Services is similar to Azure AD Connect but the opposite flow. Now, Microsoft Azure Government can generate (and manage) two legacy domain controllers that read FROM your cloud-only Azure AD/MS 365 tenant. This creates a legacy LDAP environment attached to an Azure IaaS VNET that allows for a “lift-and-shift” of legacy on-premises servers to be joined as members servers to your newly created Azure AD Domain Services LDAP environment.
Azure AD Domain Services joins Azure machines virtual to a domain, without having to deploy domain controllers. Group Policy is used to more securely administer domain-joined virtual machines—a familiar way to apply and enforce security baselines on all of your Azure virtual machines. Besides, clients can migrate on-prem apps to Azure using features like domain join, LDAP, NT LAN Manager (NTLM), and Kerberos authentication.
Azure AD Domain Services can also help you migrate legacy directory-aware applications running on-premises to Azure without having to worry about identity requirements. On Linux and Windows Server virtual machines on Azure, organizations can quickly deploy line-of-business applications. There’s no longer a need to deploy domain controllers as Azure virtual machines or use a VPN connection back to your identity infrastructure.
Our C3 staff has reported that the addition of AD Domain Services allows customers to manage their on-premises servers, computers, and applications without the need for on-premises domain controllers. C3 can accomplish this shift by creating a secure connection from the on-premises network to Azure. We apply configurations to servers or computers via the use of Active Directory Group Policy Objects, and complete the move from on-premises domain controllers to the cloud with minimal impact by running both environments concurrently. Once AD Domain Services configured, C3 migrates client services to the cloud, and begins decommissioning the on-prem domain controllers.
Azure DDoS Protection Standard
Azure DDoS Protection provides defense against Distributed Denial of Service (DDoS) attacks with the scale and elasticity of Azure. IT managers can scrub traffic at the Azure network edge before it can impact the availability of your service. DDoS Protection can cover all resources on a virtual network with simplified configuration. Always-on traffic monitoring provides near real-time detection of a DDoS attack, with no intervention required.
C3’s security staff report that Azure DDoS protection, combined with application design best practices, provide one of the best defenses against DDoS attacks. Azure DDoS protection provides a Basic service tier, automatically enabled as part of the Azure platform, and a Standard tier, which offers additional mitigation capabilities tuned specifically to Azure Virtual Network resources. The Standard tier is now available in Azure Government.
C3 Integrated Solutions is dedicated to securing our nation’s military infrastructure by protecting the cyber resources of the defense industrial base. To learn more about how these services can help your organization, contact us today at firstname.lastname@example.org.