Forum Discussion
Security questions
Dears, we have a potential client who is going to use a solution that will be installed on MS Azure servers. The solution include very senstive data, thus he is asking some questions about securi...
For most of the needs you mentioned here is not something Azure would be compliant, it would be the architecture that would be compliant to these requirements.
I would probably suggest using a next generation firewall appliance (Azure VM) in a DMZ subnet that manages all internet traffic and even possible Site to Site VPN's to and from your azure network. Microsoft Azure Security center will recommend this as well.
have a look at this link https://docs.microsoft.com/en-us/azure/security-center/security-center-add-next-generation-firewall
have a look at the other recommendations stated under the security-center.
Azure's web application gateways have WAF features, so i would look at those as well.
look here for disaster recovery of Azure VM's, the ability to protect Azure VM's is in public preview. https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-disaster-recovery-guidance
I would probably suggest using a next generation firewall appliance (Azure VM) in a DMZ subnet that manages all internet traffic and even possible Site to Site VPN's to and from your azure network. Microsoft Azure Security center will recommend this as well.
have a look at this link https://docs.microsoft.com/en-us/azure/security-center/security-center-add-next-generation-firewall
have a look at the other recommendations stated under the security-center.
Azure's web application gateways have WAF features, so i would look at those as well.
look here for disaster recovery of Azure VM's, the ability to protect Azure VM's is in public preview. https://docs.microsoft.com/en-us/azure/virtual-machines/virtual-machines-disaster-recovery-guidance