Introduction
You can limit the applications that can run on a Windows Server infrastructure as a service (IaaS) virtual machine (VM) to those on an approved list. You do this by using the Adaptive application controls feature of Azure Security Center.
Scenario
Contoso is a medium-size financial services company in London with a branch office in New York. Most of its compute environment runs on-premises on Windows Server. This includes virtualized workloads on Windows Server 2012 R2 hosts. Contoso IT staff are in the process of migrating Contoso servers to Windows Server 2019.
Contoso’s IT director realizes that Contoso has an outdated operational model with limited automation and reliance on dated technology. The Contoso IT Engineering team has started exploring Azure capabilities. They want to determine whether Microsoft Azure services might assist with modernizing the current operational model through automation and virtualization.
As part of the initial design, the Contoso IT team asked you, their lead system engineer and server administrator, to set up a proof of concept environment. This environment must verify whether Azure services can help to modernize the IT infrastructure and meet business goals.
For security, Contoso IT operations staff need to know if an unusual application or script is running on one of their Windows Server IaaS VMs. You have been tasked with investigating what they can use to control the applications that can run on their VMs.
In this module, you'll learn what adaptive application control is, and how to configure this feature in Azure Security Center. You will also learn how to implement adaptive application control policies.
By the end of this module, you'll be able to implement Adaptive application controls within your organization to protect your Windows Server IaaS VMs.
Learning objectives
After completing this module, you'll be able to:
- Enable Adaptive application controls.
- Implement adaptive application control policies.
Prerequisites
In order to get the best learning experience from this module, you should have knowledge and experience of:
- Managing Windows Server workloads
- Common Windows Server management tools
- Core Microsoft compute, storage, networking, and virtualization technologies
- On-premises resiliency Windows Server-based compute and storage technologies
- Implementing and managing IaaS services in Azure
- Microsoft Entra ID
- Security-related technologies (firewalls, encryption, multi-factor authentication)
- Windows PowerShell scripting
- Automation and monitoring