Configuring Security Policies using Azure Security Center

  1. Home
  2. Configuring Security Policies using Azure Security Center

Go back to AZ-500 Tutorials

In this tutorial, we will learn and understand about configuring security policies using Azure Security Center.

Security policies overview 

A security policy specifies how your workloads should be configured. Furthermore, it aids in ensuring that your company’s or regulators’ security needs are met.

The Azure Security Center delivers security recommendations based on policies that have been selected. In which the Security Center policies are based on Azure Policy policy efforts. Azure Policy, on the other hand, may be used to manage policies and define policies across Management groups and subscriptions.

For working with security policies security center offers the following options:

  • Firstly, viewing and editing the built-in default policy. That means when you enable Security Center, then a built-in initiative named ‘ASC default’ is automatically assigned to all Security Center registered subscriptions. 
  • Secondly, adding your own customs policies. This means if you want to customize the security initiatives applied to your subscription, then you can do so within the Security Center. 
  • Thirdly, adding regulatory compliance policies. This states that the security center’s regulatory compliance dashboard displays the status of all the assessments within your environment in the context of a particular standard or regulation.
AZ-500 Practice tests

Managing your security policies

For viewing your security policies in Security Center:

  • Firstly, in the Security Center dashboard, select Security policy.
  • Secondly, select the subscription or management group whose policies you want to view.
  • Thirdly, the security policy page for that subscription or management group appears. It displays the available and assigned policies.
  • Then, select from the available options on this page:
  1. To working with industry policies, select Add more standards.
  2. For assigning and managing custom initiatives, select Add custom initiatives. 
  3. For viewing and editing the default policy, select View effective policy.

However, this Security policy screen reflects the action taken by the policies assigned on the subscription or management group you selected.

  • Firstly, use the links at the top to open a policy assignment that applies on the subscription or management group. 
  • Secondly, in the list of policies, you can see the effective application of the policy on your subscription or management group. However, the settings of each policy that apply to the scope are taken into consideration and the cumulative outcome of actions taken by the policy is shown. 
  • Lastly, the policies’ effect can be Append, Audit, AuditIfNotExists, Deny, DeployIfNotExists, Disabled. 

You should know that you can edit security policies through the Azure Policy portal, via REST API, or using Windows PowerShell.

Disabling security policies and disable recommendations

You can prohibit a recommendation from surfacing again if your security effort activates one that is irrelevant to your environment. Deactivate the policy that creates the suggestion to disable the recommendation.

If the advice you wish to deactivate is necessary for a regulatory standard you’ve applied with Security Center’s regulatory compliance capabilities, it will still show. Even if you’ve deactivated a policy in the built-in initiative, if it’s required for compliance, a policy in the regulatory standard’s initiative will activate the suggestion.

  • Firstly, in the Security Center, from the Policy & Compliance section, select the Security policy.
  • Secondly, select the subscription or management group for which you want to disable the recommendation.
  • Thirdly, select View effective policy.
  • Then, select the assigned policy.
  • After that, in the PARAMETERS section, search for the policy that invokes the recommendation that you want to disable. And then, from the dropdown list, select Disabled
  • Lastly, select Save.
AZ-500 Online Course security policies concept

Reference: Microsoft Documentation

Go back to AZ-500 Tutorials

Menu