Microsoft and Booz Allen Hamilton yesterday announced the general availability of Virtual Cloud Defense (VCD) for Azure Government. It helps Azure Government customers to secure cloud workloads and protect data by deploying cost-effective cloud workload protection and security services.
Whether building custom applications, migrating existing applications, or integrating commercial or government off-the-shelf solutions, deploying Virtual Cloud Defense in an organization’s environment provides immediate benefit. Virtual Cloud Defense defines network and application architectures compliant with HIPPA, NIST and DoD cloud computing requirements, simplifies the deployment of virtual security appliances and security solutions and provides comprehensive situational awareness by providing analytics on activities within the virtual network, subnet, virtual machine guest operating systems and applications.
Key Features of Virtual Cloud Defense
- Encryption of Data at Rest: with native Azure and third-party solutions that offer encryption of cloud storage, data is protected from unintentional disclosure and malicious activity
- Network Traffic Inspection and Protection: in-line packet inspection and passive SSL decryption of traffic into and out of Azure Government, as well as between Azure virtual machines and virtual networks, detects and blocks intrusions and other malicious traffic
- Log Aggregation, Dashboards, and Analytics: the collection and analysis of security events and configurations range from network appliances, cloud infrastructure, operating systems, and applications to support security operations, auditing, and executive reporting
- Identity and Authentication Services: integration of these services with Public Key Infrastructure (PKI) supports Common Access Card (CAC) and multi-factor authentication for hosted applications and management functions
- Network Tiering: a framework for restricting traffic between zones, based on user-defined criteria, VCD’s network tiering provides logical network segregation of security zones, user planes, data planes, and management planes
- Deployment Automation: Azure Resource Manager expedites initial setup and configuration
You can get more info about VCD here from Booz Allen.