This post was written by Michael Makhlevich
Our customers have asked for this and we’ve been listening – advanced data security is now available for SQL Server on Azure Virtual Machines! Using just a few simple steps, you can now protect your SQL Server installations on Azure VMs with Microsoft’s advanced data security capabilities.
Advanced data security for SQL Server on Azure VM currently includes functionality for surfacing and mitigating potential database vulnerabilities and detecting anomalous activities that could indicate a threat to your server. To get started today, read the Advanced data security for SQL Server on VM setup instructions.
Why you should enable advanced data security for SQL Server on Azure VM
While in public preview, advanced data security for SQL Server on Azure VM is free and includes:
- Vulnerability assessment – A database scanning service that can discover, track, and help you remediate potential database vulnerabilities. Detected vulnerabilities across all connected SQL Servers will appear in one unified dashboard!
- Advanced threat protection – A detection service that continuously monitors your database for suspicious activities and provides action-oriented security alerts on anomalous database access patterns. All alerts will appear in your centralized go-to location for security management in the Azure portal – the Azure Security Center threats dashboard.
For full details regarding threat detectors in Public Preview, read the Advanced data security for SQL Server on VM documentation.
These advanced security features have evolved and benefited from continuous improvement over the past couple of years, and have already been running on more than 1 million databases in the corresponding Azure SQL Database service – Advanced data security for Azure SQL databases.
How does it work?
Using the Azure Log Analytics agent, you connect your SQL Server’s hosting machine to a Log Analytics workspace. The agent collects audit logs for login events (omitting any sensitive data like queries or user’s data) and uploads them from the machine to the workspace, where our security analytics capabilities go into action. In addition, the agent also collects results from the vulnerability assessment scans and sends those to the workspace as well.
Logs and assessment results will appear in the workspace and are entirely under your control and can be queried for more insights. You can also identify the logs that triggered Advanced Threat Protection alerts for further investigation. Finally, the workspace contains a built-in dashboard for intuitive analysis of the vulnerability assessment results.
For a complete set of instructions, review the documentation for Advanced data security for SQL Server on VM.
We want to hear from you!
We greatly appreciate your feedback and want to hear from you. Please contact us directly through SQL Security Feedback firstname.lastname@example.org.