Microsoft Azure Network Security

Book description

Master a complete strategy for protecting any Azure cloud network environment!

Network security is crucial to safely deploying and managing Azure cloud resources in any environment. Now, two of Microsofts leading experts present a comprehensive, cloud-native approach to protecting your network, and safeguarding all your Azure systems and assets. Nicholas DiCola and Anthony Roman begin with a thoughtful overview of network securitys role in the cloud. Next, they offer practical, real-world guidance on deploying cloud-native solutions for firewalling, DDOS, WAF, and other foundational services all within a best-practice secure network architecture based on proven design patterns.

Two of Microsofts leading Azure network security experts show how to:

  • Review Azure components and services for securing network infrastructure, and the threats to consider in using them

  • Layer cloud security into a Zero Trust approach that helps limit or contain attacks

  • Centrally direct and inspect traffic with the managed, stateful, Platform-as-a-Service Azure Firewall

  • Improve visibility into Azure traffic with Deep Packet Inspection

  • Optimize the way network and web application security work together

  • Use Azure DDoS Protection (Basic and Standard) to mitigate Layer 3 (volumetric) and Layer 4 (protocol) DDoS attacks

  • Enable log collection for Firewall, DDoS, WAF, and Bastion; and configure NSG Flow Logs and Traffic Analytics

  • Continually monitor network security with Azure Sentinel, Security Center, and Network Watcher

  • Customize queries, playbooks, workbooks, and alerts when Azures robust out-of-the-box alerts and tools arent enough

  • Build and maintain secure architecture designs that scale smoothly to handle growing complexity

About This Book

  • For Security Operations (SecOps) analysts, cybersecurity/information security professionals, network security engineers, and other IT professionals

  • For individuals with security responsibilities in any Azure environment, no matter how large, small, simple, or complex

Table of contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Contents at a Glance
  5. Contents
  6. Acknowledgments
  7. About the authors
  8. Foreword
  9. Introduction
    1. Who is this book for?
    2. How is this book organized?
    3. Errata, updates, & book support
    4. Stay in touch
  10. Chapter 1. Introduction to Azure Network Security
    1. Network connectivity
    2. Current threats and challenges
    3. Azure Network Security
    4. Summary
  11. Chapter 2. Secure Azure Network architectures
    1. Best practices
    2. Network architectures
    3. Summary
  12. Chapter 3. Controlling traffic with Azure Firewall
    1. The role of Azure Firewall in secure architecture
    2. Advanced features
    3. Rule types
    4. Azure Firewall Manager
    5. Summary
  13. Chapter 4. Traffic Inspection in Azure Networks
    1. Azure Firewall Premium
    2. Network Watcher packet capture
    3. Summary
  14. Chapter 5. Secure application delivery with Azure Web Application Firewall
    1. Integrating WAF into app delivery architecture
    2. WAF deployment
    3. WAF rules and tuning
    4. Summary
  15. Chapter 6. Mitigating DDoS attacks
    1. How Azure DDoS Protection Works
    2. Enabling Azure DDoS Protection Standard
    3. Validation and testing
    4. Summary
  16. Chapter 7. Enabling Network Security log collection
    1. Azure Firewall
    2. Web Application Firewall
    3. Azure DDoS Protection Standard
    4. Azure Bastion
    5. Network Security Groups
    6. Diagnostic settings at scale
    7. Summary
  17. Chapter 8. Security monitoring with Azure Sentinel, Security Center, and Network Watcher
    1. Security Center
    2. Azure Sentinel
    3. Network Watcher
    4. Summary
  18. Chapter 9. Combining Azure resources for a wholistic network security strategy
    1. Simple virtual network design
    2. Hub-and-spoke topology
    3. Secure administrative access
    4. Application design scenarios
    5. Network Security Monitoring
    6. Summary
  19. Index
  20. Code Snippets

Product information

  • Title: Microsoft Azure Network Security
  • Author(s): Nicholas DiCola, Anthony Roman
  • Release date: June 2021
  • Publisher(s): Microsoft Press
  • ISBN: 9780137252022