- [Instructor] Now let's talk about advanced cloud defense and adaptive application controls. Adaptive application controls is an intelligent, automated application whitelisting solution. You can easily control which applications are allowed to run on your Azure VMs. In help of machine learning, Security Center analyzes applications running on your VMs and help you to apply whitelisting, as well as block, alert, prevent, and avoid unwanted and untrusted software. This feature is only available for Windows VMs. Adaptive application controls can be found under Advanced Cloud Defense option, in a Security Center blade. On the top, we have three working tabs available. Under our Configured tab, under each subscription, there are groups that you see created. Those groups are created automatically by machine learning to make sure that similar virtual machines gets the optimal set of recommendations by the similar or the same applications. Under No recommendation tab, there are a list of virtual machines on which applications are always changing and no recommendation can be made. In order to create the whitelist of applications let's go and click the recommendation. Now we have to choose the recommended group that is created under a subscription. Let's click on the first group. And now we're going to be forwarded to another window where we can apply and create application control rules. In the very first section we have all the available VMs to choose which we want to create a group to. We can select or deselect VMs that we want to include into a group. If you scroll down another section is recommended applications. You can choose which of the recommended applications you want to include into this recommendation setting. As a security best practice, Security Center will always try to create a publisher rule for applications first. And only if application doesn't have published information a rule will be created instead. If you scroll down there is another option with more application that we can include in this rule set. At the very bottom we have a Create button. After clicking the Create button the group of application control set will be created and after some time will be appeared under Configured tab. Important to mention that Security Center needs at least two weeks of data in order to provide recommendations. And if you already have App logger always enabled adaptable application control will skim most VMs for providing recommendations.
Released
3/7/2019- Azure Policy in action
- Logging and monitoring
- Managing data
- Protecting SQL resources
- Protecting virtual machines, identity, and access
- File integrity monitoring
- Azure data and SQL security best practices
- Network security best practices
Share this video
Embed this video
Video: Adaptive application controls