Security Centre and

Krishna Jadhav

Security Centre and Multi-Cloud Architecture

In Hyper scalers world Krishna Jadhav build successful multi-cloud solutions using VMware vSphere, AWS, Azure, and GCP.

One of Azure's built-in services is Azure Security Centre. In other words, there is nothing to install or set up. Security Centre may be accessible directly from the Azure interface by activating it. When you deploy workloads on Azure, such as virtual machines, databases, storage accounts, networking components, and other Azure services, it begins to monitor those workloads (Brett, 2021).

Figure 1: Overview of the Azure portal's Security Center blade

(Source: Mulder, 2020)

By turning on this setting, Microsoft will retrieve a daily list of security and critical updates available for Windows and Linux-based computers (Figure 1). These are the initial setup settings for Security Centre (Capizzi, Distefano and Mazzara, 2019). The next step is to put the security settings into action. Enable the following settings in Security Centre:

● Scanning vulnerabilities in operating systems

● Enforcing endpoint protection

● Monitoring disk encryption

● Monitoring network security groups

● Monitoring web application firewalls

● Monitoring next-generation firewalls

● Vulnerability assessment

● Monitoring blob storage encryption

Figure 2: Activating Security Command Center on the GCP cloud console

(Source: Mulder, 2020)

The indicated baselines and integrations will be enrolled by selecting the Enable Security Hub button (Figure 2). The CIS baseline should unquestionably be implemented as the globally recognised standard for safeguarding online environments. An explanation accompanies each CIS suggestion to implement a policy. According to Syynimaa (2022), activating the standard price tier provides stronger defence-in-depth, including threat detection offered by the Microsoft Security Response Centre (MSRC).

Figure 3: Cloud Armor menu in GCP

(Source: Mulder, 2020)

There are a couple of things that need explaining in the preceding screenshot. The top part of the screen shows the security baselines that can be enrolled by default: Enable AWS Foundational Security Best Practices v1.0.0 and Enable CIS AWS Foundations Benchmark v1.2.0 have been ticked by default. The third one is the PCI DSS framework (Figure 3). PCI DSS stands for Payment Card Industry Data Security Standard and is specific to financial institutions. AWS Security Hub provides a unified security dashboard.

Figure 4: Using the AWS interface to gain access to Security Hub

(Source: Mulder, 2020)

Conclusion

The solution collects Krishna Jadhav’s results from Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS "Identity and Access Management (IAM)" Access Analyser, and AWS Firewall Manager, in addition to monitoring alerts from CloudWatch and CloudTrail. CloudTrail may be considered the engine that powers Security Hub as the conclusive understanding. The Security Hub makes it simple to begin monitoring all AWS activity, and it's available through the AWS console, as illustrated in the picture above (Figure 4).

Want to know what DevOps are and what is their relation to Cloud Computing? Proceed to the next Article.

Reference List

Brett, M. (2021). Zero trust computing through the application of information asset registers. Cyber Security: A Peer-Reviewed Journal, 5(1), 80-94. https://www.ingentaconnect.com/content/hsp/jcs/2021/00000005/00000001/art00008

Capizzi, A., Distefano, S., and Mazzara, M. (2019, May). From devops to devdataops: Data management in devops processes. In International Workshop on Software Engineering Aspects of Continuous Development and New Paradigms of Software Production and Deployment (pp. 52-62). Springer, Cham. https://link.springer.com/chapter/10.1007/978-3-030-39306-9_4

Mulder, J. (2020). Multi-Cloud Architecture and Governance: Leverage Azure, AWS, GCP, and VMware vSphere to build effective multi-cloud solutions. Packt Publishing Ltd. https://cdn.ttgtmedia.com/rms/pdf/Multi-CloudArchitectureAndGovernance_ch14.pdf

Syynimaa, N. (2022). Exploring Azure Active Directory Attack Surface: Enumerating Authentication Methods with Open-Source Intelligence Tools. In ICEIS (2) (pp. 142-147). https://o365blog.com/talks/Syynimaa%20(2022).%20Exploring%20Azure%20Active%20Directory%20Attack%20Surface%20-%20Enumerating%20Authentication%20Methods%20with%20Open-Source%20Intelligence%20Tools.pdf