Microsoft Azure – Protecting Hybrid Cloud Workloads using Azure Defender
In this article, we will learn how to use Azure Defender to protect hybrid cloud workloads. Azure Defender is a feature of the Security Center and provides advanced threat analysis capabilities. It can also protect hybrid workloads. Let’s try to have it monitor your local computer.
There are several ways to onboard your computer, including onboarding it to Azure Arc. It would show up in the inventory of the Security Center where it keeps track of things to monitor and defend.
Configuring Azure Defender:
Follow the below steps to configure Azure Defender to protect Hybrid cloud applications:
Let’s first add a non-Azure server. We will connect our local computer to a Log Analytics workspace, which brings the logs into Security Center.
Then we will create a new log analytics workspace. First, select a resource group and now fill in a name for the workspace.
Next, let’s create the workspace. In the new workspace. We need to upgrade it so that it has Azure Defender capabilities enabled on it.
Now we can add servers to the workspace. Here are the workspace details. We need these to connect to it from our computer. Here, we have a Windows computer, so we will download this Log Analytics agent, which is also available for Linux.
Now open it and get started. Next, we should read the entire agreement, and agree.
Next, we need to connect to Log Analytics, so click it.
Now we need to enter the details of the workspace, so the workspace ID and also the workspace key. That’s it.
Next, we do want updates and now install it. Our computer will be now connected.
It can take a while for the computer to show up in Security Center. We can drill down into it to see recommendations. We get a lot of them because our computer is being monitored and protected by Azure Defender.
The security recommendation comes with a quick fix. We just click “Fix” and confirm it and the fix is applied.
Azure Defender is an advanced feature of Azure Security Center. It provides intelligent security monitoring and detection capabilities and does this for resources in Azure, on-premises, and in other clouds.