• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Assuring Customers About Cross-Border Data Flows

Azure Arc for a Hybrid World

March 25, 2021
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
8×8 makes raft of updates to platform

Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

April 22, 2021
Microsoft renames and unifies more products under Microsoft Defender brand

UK government signs new three-year Memorandum of Understanding with Microsoft

April 22, 2021
Azure Stack, AWS Outposts Poised to Impact Colocation

Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

April 22, 2021
How to set up Microsoft Cloud App Security

Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

April 22, 2021
GHD accelerates digital transformation to ensure business continuity

ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

April 22, 2021
Microsoft continues to extend security for all with mobile protection for Android

HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

April 22, 2021
Hackers Cryptojack Microsoft Azure ML Clusters

6clicks partners with Microsoft to bring greater security to Aus Government

April 22, 2021
Seattle Seahawks Shift From Microsoft Azure to Amazon Web Services

Security should start in software engineering

April 21, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, April 22, 2021
  • Login
Azure Security News
  • Home
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Juniper Networks extends connected security with two new updates

    5 channel partner program and MSP News update 21 April . 2021

    Automate Evidence Collection With Hypersync

    CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Device Connectivity and Edge Intelligence in Resource-Constrained Situations

    8×8 makes raft of updates to platform

    Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

    Microsoft renames and unifies more products under Microsoft Defender brand

    UK government signs new three-year Memorandum of Understanding with Microsoft

    Azure Stack, AWS Outposts Poised to Impact Colocation

    Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

    How to set up Microsoft Cloud App Security

    Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

    GHD accelerates digital transformation to ensure business continuity

    ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

    Microsoft continues to extend security for all with mobile protection for Android

    HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Windows 10 21H1: A small but significant update, with bigger changes to come in 21H2

    Microsoft Touts Secured-Core PCs To Block Driver Exploits

    KDDI Taps Cato SASE for Secure Remote Access

    Juniper Networks inspires overarching approach to connected security

    Going serverless? Rethink your data security approach

    Juniper Networks inspires overarching approach to connected security

    Introducing the Azure Network Security Tech Community and Github Repo

    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Azure WAF Custom Rule Samples and Use Cases

    Aruba ClearPass Policy Manager Integrates with Microsoft

    How Microsoft Is Powering Digital Transformation From the Cloud

    Part 4 – Data Disclosure and Exfiltration Playbook: Azure WAF Security Protection and Detection Lab

    The Mountain Of A Manager

    Microsoft offers startups free cloud tech

    Microsoft Launches Host of Security Products in Time for RSA

    The 14 Best Cloud Security Courses on Pluralsight

    Microsoft Adds Anti-Phishing ‘Campaign Views’ to Office 365 ATP

    How 4 cities are modernizing their IT infrastructure through the cloud

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News World

Azure Arc for a Hybrid World

by AZURE SECURITY NEWS EDITOR
March 25, 2021
in World
0
Assuring Customers About Cross-Border Data Flows
492
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

We live in a hybrid world, and most medium-to-large businesses will have IT applications and infrastructure on-premises and in various clouds for a long time to come.

Microsoft has always been aware of this fact and has architected its cloud solutions with this in mind. For identity, Active Directory (AD) works seamlessly with Azure Active Directory (AAD). For email and collaboration, Exchange and SharePoint Server talks to Exchange/SharePoint Online in Office 365. Azure Files gives you SMB shares in the cloud while Azure File Sync hooks up your file servers to “bottomless” storage and backup in the cloud.

If you need cloud computing on premises Microsoft was first to market with Azure Stack Hub, a set of integrated servers running the same software as Azure (slightly behind the public Azure but updated monthly) in a turnkey solution that lets you run VMs and Platform-as-a-Service (PaaS) services such as Kubernetes or Service Fabric. You can purchase Azure Stack Hub from Lenovo, Cisco, HPE and a few others and deploy it wherever you need it. Alternatively you can purchase it as a service from a worldwide network of service providers. If imitation is the highest form of flattery it certainly makes sense that AWS followed in Microsoft’s footsteps and released Outposts.

And the reverse is also true: Many Azure services can reach out to your on-premises or multicloud infrastructure and extend automation through Azure Automation, for instance, or monitor it through Azure Monitor. The next logical step is making your infrastructure and data outside of Azure (on-premises or in other clouds) be part of the Azure Resource Manager (ARM) control plane. Linux and Windows VMs appear alongside your cloud VMs and you can control access with Role Based Access Control (RBAC) and configuration through Azure Policy on all of them, no matter where they’re running. If you’re running Kubernetes anywhere you can manage all of your clusters from a single pane of glass. And if you have databases outside of Azure they can also be managed together with the ones in Azure. This is the premise of Azure Arc, which first debuted at Ignite last year.

This article will look at the current capabilities of the public preview of Azure Arc and why you should care. Google’s Anthos is a similar offering but it’s exclusively focused on Kubernetes workloads whereas Azure Arc casts a much wider net.

Azure Arc-Enabled Servers
This was the first cab off the rank and the public preview has now been available for nearly a year (if I was a betting man I’d say this will be released to General Availability at Ignite 2020). The concept is simple: Take a Linux or Windows VM wherever it’s running, install the Azure Connected Machine agent and it’ll receive an Azure ID, be part of an ARM Resource Group and appear in your Azure portal.

You can then use RBAC to assign different users (or groups) access to it and assign it tags just like any other resource. And you can also use Azure Policy to audit settings in the VMs and its workloads. Furthermore, you can deploy (some of) the same extensions that are available for Azure Infrastructure-as-a-Service (IaaS) VMs to bring additional capabilities. This includes the Custom Script Extension so you can run scripts inside the VMs from the Azure portal, Desired State Configuration (DSC) and the Log Analytics agent for OS and workload monitoring. All of these are available for both Windows and Linux. Guest configuration is also available, sort of like Group Policy for any VM (domain joined or not), letting you audit settings inside any server.

Tags aren’t just for organizing resources or for tracking costs across resource usage; you can also use tags to enforce policy, i.e. VMs that are tagged as High Business Impact (HBI) must have Azure Backup configured. You can also use Azure Update Management to ensure that both Linux and Windows VMs are up to date with OS updates.

If you have a handful of VMs the easiest deployment option is the script that the portal generates, but if you have lots of VMs it’s better to create a Service Principal in Azure AD to be able to script the entire workflow. Windows Admin Center can also onboard managed servers to Arc, and Azure Automation offers preconfigured jobs to do it, with System Center support to come.

The public preview of Azure Arc-enabled servers is available in the East US, West US2, WestEurope and SoutheastAsia regions.

Azure Arc-Enabled Kubernetes
Similar to servers, you can attach Kubernetes clusters to Azure, in this case through an agent in the azure-arc namespace. The configuration data in the Azure end is stored encrypted in an Azure Cosmos DB. The following distributions have been tested in this preview:

  • RedHat OpenShift 4.3
  • Rancher RKE 1.0.8
  • Canonical Charmed Kubernetes 1.18
  • AKS Engine
  • AKS Engine on Azure Stack Hub
  • Cluster API Provider Azure

To access the cluster, you need the cluster-admin role, Helm 3 needs to be installed for onboarding the cluster, and Azure CLI version 2.3 or later is required for the Arc-enabled CLI extensions. Step-by-step instructions here. Note that Arc is not a cluster management solution; it assumes that the cluster is already configured. Arc uses the open source project Flux to pull configurations and applications from Git.

Once connected you can use Azure tags and apply Azure Policy for Kubernetes as well as use Azure Monitor to view/monitor your clusters. Furthermore, you can deploy applications and apply configuration using GitOps-based management. There are quite a few different policies you can enforce.

The Arc-enabled Kubernetes preview is only supported in the East US and West Europe regions.

Azure Arc-Enabled Data Services
This third leg of Arc is not yet in public preview, but it will enable you to run Azure SQL Managed Instance and Azure Database for PostgreSQL Hyperscale on Kubernetes on-premises and in any cloud. Here’s a short video covering the highlights.

In Azure, SQL is protected by security vulnerability assessments, and this same protection will extend to your databases connected through Arc. Another powerful security feature in Azure is Advanced Threat Protection (ATP); when a database is managed by Arc it can receive ATP security recommendations.

Conclusion
These are powerful features and I think Microsoft is on to a winner here: the ability to connect to all your VMs, no matter where they’re running, and see them in a single pane is useful. To then be able to apply RBAC across those resources, tag them, apply policy for configuration and auditing, deploy applications and configuration to K8s clusters and manage it as a single cohesive whole is very powerful.

I can see how large retail chains, for instance, might run small servers in each store, with LOB applications in containers on top of Kubernetes and perhaps a local SQL database where Arc would manage the VMs, the Kubernetes clusters and the database from a single pane in Azure.

Managed service providers aren’t left out either. Arc plays nice with Azure Lighthouse, which lets your IT provider connect to (parts of) your IT infrastructure and manage it on your behalf. I can’t wait to see what will be revealed about Arc at Ignite 2020.

Source: https://virtualizationreview.com/articles/2020/08/31/azure-arc.aspx

Share197Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Microsoft To Build New Azure Cloud Data Centers In Greece

Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

By Jared Ruckle and Azure Security News The Cloud Security Alliance (CSA), a non-profit organization, recently published its findings on the state of...

SafeBreach Enters Into Strategic Partnership with Microsoft

EUCafrica, leader on Citrix on Azure, achieves Citrix platinum status

by AZURE SECURITY NEWS EDITOR
April 12, 2021
0

By EUCAFRICA  and Azure Security News EUCafrica, South Africa’s leading Citrix on Azure solutions provider, has achieved Citrix Platinum Solution Advisor Status....

Microsoft Adds Anti-Phishing ‘Campaign Views’ to Office 365 ATP

Recommendation of information protection measures for three birds with one stone using labels [Part 2]

by AZURE SECURITY NEWS EDITOR
April 7, 2021
0

Why is information leaked?  In the previous "Part 1" , we will discuss " regular labels " and " automatic labeling " on how to classify...

Preventing attackers from taking your organization’s data ransom

Yorktel’s Microsoft Practices Expands their Global Modern Workplace as a Service (MWaaS) and Enhanced Security Competencies

by AZURE SECURITY NEWS EDITOR
April 2, 2021
0

By EATONTOWN, N.J. (PRWEB) and Azure Security News A dedicated Microsoft Modern Workplace team is responsible for the engineering, architecture...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Analyzing Azure Active Directory Sign-In Data with PowerShell

December 18, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In