Skip to main content

Posts

Showing posts from October, 2016

Security in the cloud - Disk encryption in Azure

Security in the cloud is a priority for every organization planning to adopt public cloud for mission critical applications. In Azure, these security concerns are addressed at different layers starting from the platform layer up to the VM OS layer. This picture shows an overview of the different layers of security in Azure     Any traffic directed to your applications hosted in Azure will first hit the platform's native DDOS protection mechanism. If a DOS attack is happening a specific IP is targeted, the DDOS protection mechanism will blackhole the traffic and the endpoint will be brought down. Thereby the surrounding resources will be protected. If you have resiliency built in, you can bring up another endpoint and ensure that your service is available At the next layer you have endpoints, ie traffic will be received only at the designated endpoints in case of classic model, or as defined in NSGs in case of ARM model. The VMs can be placed in different virtual