This post was written by Michael Makhlevich
Our customers have asked for this and weve been listening advanced data security is now available for SQL Server onAzure Virtual Machines!Using just a few simple steps, you can nowprotectyour SQL ServerinstallationsonAzure VMswith Microsofts advanceddatasecurity capabilities.
Advanced data security for SQL Server on Azure VM currently includes functionality for surfacing and mitigating potential database vulnerabilities and detecting anomalous activities that could indicate a threat to your server. To get started today, read the Advanced data security for SQL Server onVMsetup instructions.
Why you should enable advanced data security for SQL Server on Azure VM
While in public preview, advanced data security for SQL Server on Azure VM is free and includes:
- Vulnerability assessment – A database scanning service that can discover, track, and help you remediate potential database vulnerabilities. Detected vulnerabilities across all connected SQL Servers will appear in one unified dashboard!
- Advanced threat protection – A detection service that continuously monitors your database for suspicious activities and provides action-oriented security alerts on anomalous database access patterns. All alerts will appear in your centralized go-to location for security management in the Azure portal the Azure Security Center threatsdashboard.
For fulldetails regarding threat detectors inPublic Preview, readthe Advanced data security for SQL Server on VM documentation.
These advanced securityfeatureshaveevolved andbenefited from continuous improvementover the past couple of years,and havealreadybeenrunning on more than 1 million databases inthecorrespondingAzureSQL DatabaseserviceAdvanced datasecurityforAzure SQLdatabases.
How does it work?
UsingtheAzureLog Analytics agent,you connect your SQL Servers hosting machine to a Log Analytics workspace. The agent collects audit logsforlogin events (omitting anysensitivedatalike queries or users data) and uploadsthem from the machine to the workspace,whereour security analytics capabilitiesgointo action.In addition, the agent alsocollects results from the vulnerability assessment scansand sendsthose to the workspace as well.
Logsand assessment resultswill appear in the workspace andareentirelyunderyourcontrol andcan be queriedfor more insights. You can alsoidentifythe logs that triggered Advanced Threat Protection alertsfor further investigation.Finally,the workspacecontainsa built-in dashboard forintuitive analysis ofthevulnerabilityassessment results.
For a complete set ofinstructions,review the documentation forAdvanced data securityfor SQL Server onVM.
We want to hear from you!
We greatly appreciate your feedback and want to hear from you. Please contact usdirectly throughSQL Security Feedback firstname.lastname@example.org.
The post Advanced data security for SQL Server is coming to Azure Virtual Machines appeared first on SQL Server Blog.