Intro to Azure Security Center
This post is the first part of a of series about Azure Security Center
Introduction
In this post series, we will talk about one of the most important services on Azure, the Azure Security Center. Throughout this post, we will read what Azure Security Center is, what are the licensing tiers, how we can enable and use the security functionalities that it offers. Azure Security Center is a unified monitor security management platform across our cloud, on-premises and hybrid workloads. We can achieve this security for our workloads by using security policies, advanced analytics reports, security alerts, threat prevention, JIT access, etc.
Licensing Tiers
Azure Security Center has two tier offerings:
- Free: The Free tier is by default enable to all Azure Subscriptions and it provides security assessment, policy and recommendations.
- **Standard: **The Standard tier provides more security functionalities, like regulatory compliance, Just in time VM access, threat protection for PaaS and IaaS, adaptive application controls.
In the table below we can see what Standard tier provides in contrast to Free.
| Functionality | Free | Standard |
| Continuous assessment and security recommendations | Yes | Yes |
| Azure Secure Score | Yes | Yes |
| Adaptive application Controls and network hardening | No | Yes |
| Threat protection for supported PaaS services | No | Yes |
| Regulatory compliance dashboard and reports | No | Yes |
| Threat protection for Azure VMs and non-Azure servers (including Server EDR) | No | Yes |
| Just in time VM Access | No | Yes |
| Microsoft Defender ATP for Servers | No | Yes |
Licensing Costs
| Resource Type | Standard Tier |
| Virtual Machine | Server/hour |
| App Services | App Service/hour |
| SQL Database | Server/hour |
| Storage | €0.018/Server/hour |
| IoT Devices - by device | €0.0009/month |
| IoT Devices - by messages | €0.169/25K transactions |
| Azure Kubernetes Services | vCore/hour |
| Azure Container Registry | Per image |
| Key Vaults | 10K transactions |
For more details please check this document.
Supported environments
Azure Security Center supports the following Cloud and Hybrid environments:
- Only Azure
- Azure and on-premises
- Azure and other clouds
- Azure, other clouds, and on-premises
Azure Security Center Modules Overview
Policy & Compliance
Resource Security Hygiene
- Recommendations
- Compute & apps
- Networking
- IoT Hubs & resources
- Data & storage
- Identity & access
- Security solutions
Advanced Cloud Defence
- Adaptive application controls
- Just in time VM access
- Adaptive network hardening
- File Integrity Monitoring