Uredi

Deli z drugimi prek


Security recommendations for Azure VMware Solution

It's important to take proper measures to secure your Azure VMware Solution deployments. Use the information in this article as a high-level guide to achieve your security goals.

General

Use the following guidelines and links for general security recommendations for both Azure VMware Solution and VMware best practices.

Recommendation Comments
Review and follow VMware Security Best Practices. It's important to stay updated on Azure security practices and VMware Security Best Practices.
Keep up to date on VMware Security Advisories. Subscribe to VMware notifications in my.vmware.com. Regularly review and remediate any VMware Security Advisories.
Enable Microsoft Defender for Cloud. Microsoft Defender for Cloud provides unified security management and advanced threat protection across hybrid cloud workloads.
Follow the Microsoft Security Response Center blog. Microsoft Security Response Center
Review and implement recommendations within the Azure security baseline for Azure VMware Solution. Azure security baseline for VMware Solution

Network

The following recommendations for network-related security apply to Azure VMware Solution.

Recommendation Comments
Only allow trusted networks. Only allow access to your environments over Azure ExpressRoute or other secured networks. Avoid exposing your management services like vCenter Server, for example, on the internet.
Use Azure Firewall Premium. If you must expose management services on the internet, use Azure Firewall Premium with both intrusion detection and detention system (IDPS) Alert and Deny mode along with Transport Layer Security (TLS) inspection for proactive threat detection.
Deploy and configure network security groups on a virtual network. Ensure that any deployed virtual network has network security groups configured to control ingress and egress to your environment.
Review and implement recommendations within the Azure security baseline for Azure VMware Solution. Azure security baseline for Azure VMware Solution

VMware HCX

See the following information for recommendations to secure your VMware HCX deployment.

Recommendation Comments
Stay current with VMware HCX service updates. VMware HCX service updates can include new features, software fixes, and security patches. To apply service updates during a maintenance window where no new VMware HCX operations are queued up, follow these steps.