Monitoring and reporting in Azure Government
Microsoft partners who build next-generation applications in Microsoft Azure Government and/or deliver services on the platform must focus on keeping data safe and limiting access to authorized users. They need to ensure compliance with FedRAMP, the government’s program to provide a standardized approach to cloud security, enabling “Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost effective cloud-based IT.”1 A critical part of FedRAMP compliance is the ability to monitor and report on what’s happening within an application.
Microsoft Azure’s GovCloud offers many services that together provide a comprehensive solution for collecting, analyzing, and acting on telemetry from your applications and the Microsoft Azure resources that support them. These services can extend to monitoring and reporting on-premises resources to provide a hybrid monitoring environment.
Partners in government sales and implementation should get to know the four services that provide end-to-end monitoring and reporting on Microsoft Azure: Azure Monitor, Azure Service Health, Azure Advisor, and Azure Security Center.
Azure Monitor allows monitoring and visualization of metrics collected from Azure resources like VMs, Azure SQL, CosmoDB, and others. In addition to Azure resource metrics, Azure Service Health, Azure activity and diagnostic logs, and logs from 3rd party monitoring and management systems can be collected and analyzed. Collected data is stored in the Log Analytics central repository and queried for insight with the Kusto query language. Service health thresholds can be defined, and alerts created to trigger corrective actions and send data to IT service management tools.
Azure Service Health visualizes the health of your Azure services as well as regions that are used in your Azure and/or Azure Gov tenant. Health information is posted to the Service Health service, and provides regular updates reflecting when an issue is closed. Planned maintenance windows are posted and proactive alerts can be configured to notify you when health and planned maintenance events occur.
Azure Advisor is a tool that analyzes your deployments and helps you implement best practices on Azure. The tool focuses on the key areas of High Availability (HA), Security (coming soon to Government), Performance, and Cost optimization. Recommendations are determined based on the resources deployed in Azure; for example, using ScaleSets for high availability, locking down Network Security Groups (NSGs), enabling disk encryption for better security, boosting SQL query performance by creating indexes, and driving savings by resizing or shutting down underutilized Virtual Machines (VMs).
Azure Security Center (ASC) is your one-stop-shop for executing your monitoring strategy. ASC monitors the security of your machines (both Azure and on-prem), networks, storage, data services, and applications. Using machine learning and behavioral analytics, it provides advanced threat detection to identify and protect your Azure and on-prem assets. ASC blocks malware and reduces the surface attack area of brute force or other network styled attacks.
In addition to monitoring applications running in Azure Government, Azure Monitor and Azure Security Center can be extended to monitor and report on on-prem applications. Together, these products enable you to build a very comprehensive monitoring and reporting practice.
1 Source: www.fedramp.gov
Join us for Azure Gov Meetup: Emerging tech in government – June 26 @1176 in Crystal City