Security overview - Azure Arc
Security gaps often emerge when managing infrastructure across public cloud, private cloud, and on-prem environments. Azure Arc helps bridge those gaps by extending Azure security tools to Arc-enabled servers running anywhere. Read this Microsoft Learn article to see how it works and how your organization can benefit. Contact Network Technology Solutions for a complimentary security assessment of your hybrid environment.
What is the shared responsibility model for Azure Arc-enabled servers?
The security of Azure Arc-enabled servers is a shared responsibility. Microsoft is responsible for securing the cloud service that stores system metadata, protecting privacy, documenting optional security features, publishing regular agent updates, managing RBAC access, and securing the server infrastructure. Users are responsible for securing the server itself, managing credentials, determining the application of security features, and ensuring compliance with legal and internal policies.
How does the Azure Connected Machine agent function?
The Azure Connected Machine agent acts as an enablement platform that connects your machine to Azure. It establishes a relationship with your Azure subscription, provides a managed identity for authentication, enables additional capabilities through extensions, and enforces settings on your server. The agent is essential for relaying data and actions between your managed server and Azure.
What security measures should be taken for Tier 0 assets?
For Tier 0 assets, it is recommended to use a dedicated Azure subscription to minimize access and closely monitor permissions. You should also disable unnecessary management features, such as remote access capabilities and the extension manager, unless they are needed. Implementing an extension allowlist can help restrict the use of extensions to only those that meet your security requirements.
Security overview - Azure Arc
published by Network Technology Solutions
Network Technology Solutions, LLC (“NTS”) provides technology solutions that are aimed at
helping organizations by simplifying infrastructure management, improving productivity, and
optimizing information technology (“IT”) resources. Their service vision is to provide high value
solutions and services that enable their customers to focus on strategic business initiatives.
NTS offers a variety of solutions to help their customers address IT issues such as IT
management, infrastructure hosting, infrastructure management, infrastructure security, and IT
optimization.
NTS maintains its headquarters in Thomasville, Georgia as well as a 240 square foot data
center. NTS occupies three racks of collocated space between a second location in Thomasville
GA and a third location in Atlanta GA.
NTS complements their customers’ existing IT capabilities on a per-project basis or acts as a
virtual extension of the IT organization, providing the foundation for a comprehensive managed
services partnership. The following is a description of the Network Managed Services,
Application Development, and Hosting Services provided by NTS to its customers. The scope of
this report is limited to the Network Managed Services, Application Development, and Hosting
Services solutions.
Network Managed Services, Application Development, and Hosting Services - NTS uses its data
center, proprietary documentation and monitoring tools, and certified employees to provide
their customers with quality IT administrative and management services.
NTS’ Network Managed Services, Application Development, and Hosting Services include
housing and managing computers and network equipment supporting their customers’
business. NTS provides a continuum of services from basic colocation to the more advanced
managed hosting.
Sign in with LinkedIn