Microsoft has announced the general availability of Virtual Cloud Defense (VCD). The company created the Azure Government solution in collaboration with Booz Allen Hamilton. With the platform, customers can secure cloud workloads and protect their data in Azure Government.
In its announcement, Microsoft says Virtual Cloud Defense is a cost-effective way for customers to deploy workload protection.
VCD can be an important tool for numerous security service implementations. This could be building applications or integrating solutions to the cloud. The service complies with HIPPA, NIST, and DoD cloud requirements.
Microsoft developed the solution with Booz Allen Hamilton. The Virginia-based management consultancy firm has 80 offices in the United States. In the announcement, the pair described VCD:
“The Virtual Cloud Defense solution enables organizations to fulfill the benefits that they expect from the cloud—improved performance and near infinite scale, agility to respond to changing demands, lower costs, and a transition from capital expenses to operational expenses for infrastructure.
Whether building custom applications, migrating existing applications, or integrating commercial or government off-the-shelf solutions, deploying Virtual Cloud Defense in an organization's environment provides immediate benefit.”
Key Features of Virtual Cloud Defense
- Encryption of Data at Rest: with native Azure and third-party solutions that offer encryption of cloud storage, data is protected from unintentional disclosure and malicious activity
- Network Traffic Inspection and Protection: in-line packet inspection and passive SSL decryption of traffic into and out of Azure Government, as well as between Azure virtual machines and virtual networks, detects and blocks intrusions and other malicious traffic
- Log Aggregation, Dashboards, and Analytics: the collection and analysis of security events and configurations range from network appliances, cloud infrastructure, operating systems, and applications to support security operations, auditing, and executive reporting
- Identity and Authentication Services: integration of these services with Public Key Infrastructure (PKI) supports Common Access Card (CAC) and multi-factor authentication for hosted applications and management functions
- Network Tiering: a framework for restricting traffic between zones, based on user-defined criteria, VCD's network tiering provides logical network segregation of security zones, user planes, data planes, and management planes
- Deployment Automation: Azure Resource Manager expedites initial setup and configuration