SlideShare une entreprise Scribd logo

Flash card security-azure disk

Télécharger en tant que PPTX, PDF
Y
Yoong Seng Lai

Flash card security-azure disk

Technologie
1  sur  10
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Flash Card – Security of Azure Disk Prepared by Lai
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Disk Encryption Technologies Azure Disk Encryption (AES 256 bit encryption)Storage Service Encryption (SSE) Azure Disk Encryption (ADE) Perform on the physical disk in the datacenter Enable on storage account Encrypt the VM virtual disk Use bitlocker (Windows) and DM- Crypt (Linux)
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Disk Encryption(ADE) Prerequisites 1. Create a key vault 2. Set the key vault access policy to support disk encryption 3. Use the key vault to store the encryption keys for ADE Encryption key stored in Azure Key vault ADE requires key vault and VM are in the same region Powershell:- New-AZKeyVault Azure CLI: Az keyvault create
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Create Key Vault Encryption key stored in Azure Key vault ADE requires key vault and VM are in the same region Powershell:- New-AZKeyVault Azure CLI: Az keyvault create
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Key Vault Access Policies Powershell Azure CLI Set-AzKeyVaultAccessPolicy az keyvault update
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Encrypting an Existing VM Disk Windows VM Linux VM All disk or OS disk to encrypt Data disk encrypt (some distro) Powershell Azure CLI Set-AzVmDiskEncryptionExtension az vm encryption enable
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Viewing the status of a disk Powershell Azure CLI Get-AzVmDiskEncryptionStatus az vm encryption New disks added after encryption will not be automatically encrypted. You can re- run the Set-AzVMDiskEncryptionExtension cmdlet to encrypt new disks
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Decrypting Drives Powershell Azure CLI Disable-AzVMDiskEncryption az vm encryption disable
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Automate Secure VM Deployment • Use Azure Resource Manager Templates (JSON files)
© 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Thank You

Recommandé

Installing and Using XBMC
Installing and Using XBMCInstalling and Using XBMC
Installing and Using XBMC
Thecus Technology Corp.,
 
H0 w decrypt
H0 w decryptH0 w decrypt
H0 w decrypt
LudmilkaLocse
 
Resume
ResumeResume
Resume
John Bennett
 
Date Guard Remote Backup
Date Guard Remote BackupDate Guard Remote Backup
Date Guard Remote Backup
Thecus Technology Corp.,
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)
qsantechnology
 
Ogt e series-12-bay_brochure_aug2017
Ogt e series-12-bay_brochure_aug2017Ogt e series-12-bay_brochure_aug2017
Ogt e series-12-bay_brochure_aug2017
Michael Wang
 
TechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSTechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCS
Robb Boyd
 
Data At Rest Encryption
Data At Rest EncryptionData At Rest Encryption
Data At Rest Encryption
Steven Aiello
 

Recommandé

Installing and Using XBMC
Installing and Using XBMCInstalling and Using XBMC
Installing and Using XBMC
Thecus Technology Corp.,
 
H0 w decrypt
H0 w decryptH0 w decrypt
H0 w decrypt
LudmilkaLocse
 
Resume
ResumeResume
Resume
John Bennett
 
Date Guard Remote Backup
Date Guard Remote BackupDate Guard Remote Backup
Date Guard Remote Backup
Thecus Technology Corp.,
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)
qsantechnology
 
Ogt e series-12-bay_brochure_aug2017
Ogt e series-12-bay_brochure_aug2017Ogt e series-12-bay_brochure_aug2017
Ogt e series-12-bay_brochure_aug2017
Michael Wang
 
TechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCSTechWiseTV Workshop: 5th Generation UCS
TechWiseTV Workshop: 5th Generation UCS
Robb Boyd
 
Data At Rest Encryption
Data At Rest EncryptionData At Rest Encryption
Data At Rest Encryption
Steven Aiello
 
TechWiseTV Workshop: Q&A 5th Generation UCS
TechWiseTV Workshop: Q&A 5th Generation UCSTechWiseTV Workshop: Q&A 5th Generation UCS
TechWiseTV Workshop: Q&A 5th Generation UCS
Robb Boyd
 
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Netgear Italia
 
GWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell EnvironmentsGWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell Environments
GWAVA
 
Jekyll
JekyllJekyll
Jekyll
جشنوارهٔ روز آزادی نرم‌افزار تهران
 
Vmware training course
Vmware training courseVmware training course
Vmware training course
FuturePoint Technologies
 
Iscsi adpater configuration on esxi 6.7 nas
Iscsi adpater configuration on esxi 6.7 nasIscsi adpater configuration on esxi 6.7 nas
Iscsi adpater configuration on esxi 6.7 nas
ARUN SUNDAR B
 
vista
vistavista
vista
susumu
 
vista
vistavista
vista
susumu
 
Mount10 india With Tridev Entertainment!
Mount10 india With Tridev Entertainment!Mount10 india With Tridev Entertainment!
Mount10 india With Tridev Entertainment!
Rahul Masal
 
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best PracticesWordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
Brecht Ryckaert
 
vCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for OpenstackvCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for Openstack
Vinothini Raju
 
The investigation of operating systems
The investigation of operating systems The investigation of operating systems
The investigation of operating systems
gwaite97
 
Mastering VMware datacenter
Mastering VMware datacenterMastering VMware datacenter
Mastering VMware datacenter
M.M.Rahman Munna, Linux, VMware and Mail Server Expert
 
Fuel porting-prophetstor
Fuel porting-prophetstorFuel porting-prophetstor
Fuel porting-prophetstor
泳毅 李
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013
Puppet
 
Virtual Box Presentation
Virtual Box Presentation Virtual Box Presentation
Virtual Box Presentation
Pete DuMelle
 
Mise en place d'un client VPN l2tp IPsec sous docker
Mise en place d'un client VPN l2tp IPsec sous dockerMise en place d'un client VPN l2tp IPsec sous docker
Mise en place d'un client VPN l2tp IPsec sous docker
Nicolas Trauwaen
 
Azure Backup component matrix
Azure Backup component matrixAzure Backup component matrix
Azure Backup component matrix
Anthony Clendenen
 
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NASNexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
Suministros Obras y Sistemas
 
VirtualBox Ubuntu Host Windows Guest
VirtualBox Ubuntu Host Windows GuestVirtualBox Ubuntu Host Windows Guest
VirtualBox Ubuntu Host Windows Guest
aindilis
 
SCVM_Deployment_VMware_OVA.pdf
SCVM_Deployment_VMware_OVA.pdfSCVM_Deployment_VMware_OVA.pdf
SCVM_Deployment_VMware_OVA.pdf
FinnJohn2
 
Flash card caching and performance in azure storage disk
Flash card caching and performance in azure storage diskFlash card caching and performance in azure storage disk
Flash card caching and performance in azure storage disk
Yoong Seng Lai
 

Contenu connexe

Tendances

GWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell EnvironmentsGWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell Environments
GWAVA
 
Jekyll
JekyllJekyll
Jekyll
جشنوارهٔ روز آزادی نرم‌افزار تهران
 
vCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for OpenstackvCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for Openstack
Vinothini Raju
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013
Puppet
 

Tendances (20)

TechWiseTV Workshop: Q&A 5th Generation UCS
TechWiseTV Workshop: Q&A 5th Generation UCSTechWiseTV Workshop: Q&A 5th Generation UCS
TechWiseTV Workshop: Q&A 5th Generation UCS
 
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
Webinar NETGEAR - Acronis e Netgear, una soluzione concreta per la virtualizz...
 
GWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell EnvironmentsGWAVACon 2013: Backup Strategies in Novell Environments
GWAVACon 2013: Backup Strategies in Novell Environments
 
Jekyll
JekyllJekyll
Jekyll
 
Vmware training course
Vmware training courseVmware training course
Vmware training course
 
Iscsi adpater configuration on esxi 6.7 nas
Iscsi adpater configuration on esxi 6.7 nasIscsi adpater configuration on esxi 6.7 nas
Iscsi adpater configuration on esxi 6.7 nas
 
vista
vistavista
vista
 
vista
vistavista
vista
 
Mount10 india With Tridev Entertainment!
Mount10 india With Tridev Entertainment!Mount10 india With Tridev Entertainment!
Mount10 india With Tridev Entertainment!
 
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best PracticesWordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
WordPress Meetup Ieper - 15/03/2018 - WordPress Security Best Practices
 
vCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for OpenstackvCloudSync – Hybrid disaster recovery for Openstack
vCloudSync – Hybrid disaster recovery for Openstack
 
The investigation of operating systems
The investigation of operating systems The investigation of operating systems
The investigation of operating systems
 
Mastering VMware datacenter
Mastering VMware datacenterMastering VMware datacenter
Mastering VMware datacenter
 
Fuel porting-prophetstor
Fuel porting-prophetstorFuel porting-prophetstor
Fuel porting-prophetstor
 
Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013Puppet for Production in WebEx - PuppetConf 2013
Puppet for Production in WebEx - PuppetConf 2013
 
Virtual Box Presentation
Virtual Box Presentation Virtual Box Presentation
Virtual Box Presentation
 
Mise en place d'un client VPN l2tp IPsec sous docker
Mise en place d'un client VPN l2tp IPsec sous dockerMise en place d'un client VPN l2tp IPsec sous docker
Mise en place d'un client VPN l2tp IPsec sous docker
 
Azure Backup component matrix
Azure Backup component matrixAzure Backup component matrix
Azure Backup component matrix
 
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NASNexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
Nexsan E5000 Family / Familia E5000 Nexsan / Enterprise NAS
 
VirtualBox Ubuntu Host Windows Guest
VirtualBox Ubuntu Host Windows GuestVirtualBox Ubuntu Host Windows Guest
VirtualBox Ubuntu Host Windows Guest
 

Similaire à Flash card security-azure disk

Nexsan_E-Series Encryption at Rest SED_US_Eng
Nexsan_E-Series Encryption at Rest SED_US_EngNexsan_E-Series Encryption at Rest SED_US_Eng
Nexsan_E-Series Encryption at Rest SED_US_Eng
Deborah Lindquist
 
Back-ups: Hoe ze je kunnen redden van een cyberaanval
Back-ups: Hoe ze je kunnen redden van een cyberaanvalBack-ups: Hoe ze je kunnen redden van een cyberaanval
Back-ups: Hoe ze je kunnen redden van een cyberaanval
Combell NV
 
Cloud Foundry and OpenStack
Cloud Foundry and OpenStackCloud Foundry and OpenStack
Cloud Foundry and OpenStack
vadimspivak
 
Linux On V Mware ESXi
Linux On V Mware ESXiLinux On V Mware ESXi
Linux On V Mware ESXi
Masafumi Ohta
 

Similaire à Flash card security-azure disk (20)

SCVM_Deployment_VMware_OVA.pdf
SCVM_Deployment_VMware_OVA.pdfSCVM_Deployment_VMware_OVA.pdf
SCVM_Deployment_VMware_OVA.pdf
 
Flash card caching and performance in azure storage disk
Flash card caching and performance in azure storage diskFlash card caching and performance in azure storage disk
Flash card caching and performance in azure storage disk
 
Flash card architect storage infrastructure in azure
Flash card architect storage infrastructure in azureFlash card architect storage infrastructure in azure
Flash card architect storage infrastructure in azure
 
Nexsan_E-Series Encryption at Rest SED_US_Eng
Nexsan_E-Series Encryption at Rest SED_US_EngNexsan_E-Series Encryption at Rest SED_US_Eng
Nexsan_E-Series Encryption at Rest SED_US_Eng
 
Back-ups: Hoe ze je kunnen redden van een cyberaanval
Back-ups: Hoe ze je kunnen redden van een cyberaanvalBack-ups: Hoe ze je kunnen redden van een cyberaanval
Back-ups: Hoe ze je kunnen redden van een cyberaanval
 
Flash Card- Architect Migration, Business Continuity and DR in Azure
Flash Card- Architect Migration, Business Continuity and DR in AzureFlash Card- Architect Migration, Business Continuity and DR in Azure
Flash Card- Architect Migration, Business Continuity and DR in Azure
 
SCVM_Deployment_VMware_ISO.pdf
SCVM_Deployment_VMware_ISO.pdfSCVM_Deployment_VMware_ISO.pdf
SCVM_Deployment_VMware_ISO.pdf
 
How to configure esx to pass an audit
How to configure esx to pass an auditHow to configure esx to pass an audit
How to configure esx to pass an audit
 
Web Werks Cloud Hosting FAQ
Web Werks Cloud Hosting FAQWeb Werks Cloud Hosting FAQ
Web Werks Cloud Hosting FAQ
 
Flash card introduction to azure vm
Flash card introduction to azure vmFlash card introduction to azure vm
Flash card introduction to azure vm
 
Xap memory xtend-tutorial-2014
Xap memory xtend-tutorial-2014Xap memory xtend-tutorial-2014
Xap memory xtend-tutorial-2014
 
Flash card Module 9- Manage Security Operation in Azure
Flash card Module 9- Manage Security Operation in AzureFlash card Module 9- Manage Security Operation in Azure
Flash card Module 9- Manage Security Operation in Azure
 
Cloud Array : Exploitez le stockage Cloud en toute simplicité
Cloud Array : Exploitez le stockage Cloud en toute simplicitéCloud Array : Exploitez le stockage Cloud en toute simplicité
Cloud Array : Exploitez le stockage Cloud en toute simplicité
 
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
XPDS16: AMD's virtualization memory encryption technology - Brijesh Singh, A...
 
Kubestr browse2021.pptx
Kubestr browse2021.pptxKubestr browse2021.pptx
Kubestr browse2021.pptx
 
Guia instalacion SQL Server Denali
Guia instalacion SQL Server DenaliGuia instalacion SQL Server Denali
Guia instalacion SQL Server Denali
 
Securing sensitive data with Azure Key Vault
Securing sensitive data with Azure Key VaultSecuring sensitive data with Azure Key Vault
Securing sensitive data with Azure Key Vault
 
Cloud Foundry and OpenStack
Cloud Foundry and OpenStackCloud Foundry and OpenStack
Cloud Foundry and OpenStack
 
Linux On V Mware ESXi
Linux On V Mware ESXiLinux On V Mware ESXi
Linux On V Mware ESXi
 
Deploying FuseMQ with Fuse Fabric
Deploying FuseMQ with Fuse FabricDeploying FuseMQ with Fuse Fabric
Deploying FuseMQ with Fuse Fabric
 

Plus de Yoong Seng Lai

Plus de Yoong Seng Lai (14)

Evacuate Backup Data from Normal Repository to Dedup Appliance
Evacuate Backup Data from Normal Repository to Dedup ApplianceEvacuate Backup Data from Normal Repository to Dedup Appliance
Evacuate Backup Data from Normal Repository to Dedup Appliance
 
Flash card Module 12-Administer Container in Azure
Flash card Module 12-Administer Container in AzureFlash card Module 12-Administer Container in Azure
Flash card Module 12-Administer Container in Azure
 
Flash Card Module 10-Implement Resource Management Security in Azure
Flash Card Module 10-Implement Resource Management Security in AzureFlash Card Module 10-Implement Resource Management Security in Azure
Flash Card Module 10-Implement Resource Management Security in Azure
 
Flash card Module 8-Manage Identity and Access in Azure Active Directory
Flash card Module 8-Manage Identity and Access in Azure Active DirectoryFlash card Module 8-Manage Identity and Access in Azure Active Directory
Flash card Module 8-Manage Identity and Access in Azure Active Directory
 
Flash Card : Manage Resources in Azure
Flash Card : Manage Resources in AzureFlash Card : Manage Resources in Azure
Flash Card : Manage Resources in Azure
 
Flash Card-Architect Compute Infrastructure in Azure
Flash Card-Architect Compute Infrastructure in AzureFlash Card-Architect Compute Infrastructure in Azure
Flash Card-Architect Compute Infrastructure in Azure
 
Flash Card -Architect Infrastructure Operation in Azure
Flash Card -Architect Infrastructure Operation in AzureFlash Card -Architect Infrastructure Operation in Azure
Flash Card -Architect Infrastructure Operation in Azure
 
Flash card architect network infra in azure
Flash card architect network infra in azureFlash card architect network infra in azure
Flash card architect network infra in azure
 
Flash card managing using azure cli
Flash card managing using azure cliFlash card managing using azure cli
Flash card managing using azure cli
 
Flash card health monitoring of azure vm
Flash card health monitoring of azure vmFlash card health monitoring of azure vm
Flash card health monitoring of azure vm
 
Flash card azure disk
Flash card azure diskFlash card azure disk
Flash card azure disk
 
Flash card azure automation state
Flash card azure automation stateFlash card azure automation state
Flash card azure automation state
 
Extending Availability to the Cloud
Extending Availability to the CloudExtending Availability to the Cloud
Extending Availability to the Cloud
 
Business Continuity with Disaster Recovery
Business Continuity with Disaster RecoveryBusiness Continuity with Disaster Recovery
Business Continuity with Disaster Recovery
 

Dernier

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Dernier (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Flash card security-azure disk

  • 1. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Flash Card – Security of Azure Disk Prepared by Lai
  • 2. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Disk Encryption Technologies Azure Disk Encryption (AES 256 bit encryption)Storage Service Encryption (SSE) Azure Disk Encryption (ADE) Perform on the physical disk in the datacenter Enable on storage account Encrypt the VM virtual disk Use bitlocker (Windows) and DM- Crypt (Linux)
  • 3. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Azure Disk Encryption(ADE) Prerequisites 1. Create a key vault 2. Set the key vault access policy to support disk encryption 3. Use the key vault to store the encryption keys for ADE Encryption key stored in Azure Key vault ADE requires key vault and VM are in the same region Powershell:- New-AZKeyVault Azure CLI: Az keyvault create
  • 4. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Create Key Vault Encryption key stored in Azure Key vault ADE requires key vault and VM are in the same region Powershell:- New-AZKeyVault Azure CLI: Az keyvault create
  • 5. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Key Vault Access Policies Powershell Azure CLI Set-AzKeyVaultAccessPolicy az keyvault update
  • 6. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Encrypting an Existing VM Disk Windows VM Linux VM All disk or OS disk to encrypt Data disk encrypt (some distro) Powershell Azure CLI Set-AzVmDiskEncryptionExtension az vm encryption enable
  • 7. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Viewing the status of a disk Powershell Azure CLI Get-AzVmDiskEncryptionStatus az vm encryption New disks added after encryption will not be automatically encrypted. You can re- run the Set-AzVMDiskEncryptionExtension cmdlet to encrypt new disks
  • 8. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Decrypting Drives Powershell Azure CLI Disable-AzVMDiskEncryption az vm encryption disable
  • 9. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Automate Secure VM Deployment • Use Azure Resource Manager Templates (JSON files)
  • 10. © 2019 Veeam Software. Confidential information. All rights reserved. All trademarks are the property of their respective owners. Thank You