I was having difficulty keeping up with all of the Microsoft security related products, services, features and nomenclature.  So I started this taxonomy.  What I found is that there can be multiple “product” names or brand names that apply across the same technology set.  It can get confusing.  This listing might be helpful in certain cases.  It has certainly helped me get my mind around what Microsoft has to offer.7 ways whitepaper

Fortunately, it turns out that it is not so difficult to match the right set of security services to your situation and need.  We do it all the time with customers.  It may just be easier than sorting out all of these names!

  • Azure Rights Management(ARM)
    • Policies and encryption
    • Includes:
      • Information Rights Management (IRM)
        • Document, library and message policy based data loss protection
      • Office 365 Message Encryption (OME)
        • Protected sharing via email and OneDrive
  • Azure Information Protection (AIP)
    • A broader label and product packaging over ARM
  • Azure Advanced Threat Analytics (ATA)
    • On premise solution
    • Uses Azure Machine Learning to adapt
  • Azure IaaS Security
    • Network Security Groups, VPN Gateway
    • Azure Storage Service Encryption
    • Azure Disk Encryption
    • Web Application Firewalls
    • Azure Monitor
    • User Defined Routes
    • Network Watcher
    • Azure Storage Account Keys
    • The following have an impact on security:
      • Azure Traffic Manager, Application Proxy
      • Azure Storage Analytics
      • Azure Backup and ASR
      • Remote Desktop Gateway
      • Azure Dev/Test Labs
    • Azure PaaS Security
      • Azure SQL Transparent data Encryption
      • Firewall, Connection Encryption
    • Azure Security Center
      • Monitoring of Azure resources
      • Full monitoring, threat detection, policy based platform for security in Azure
      • Application Whitelisting
      • Just-in-Time Network Access to VM’s
      • Machine Learning for Brute force detection and Outbound DDoS
      • Azure SQL Database Threat Detection
      • Integration with Partners : Fortinet, Cisco
    • OMS
      • Log reporting and alerting
      • Can collect Azure resource logs as well as on premise logs when connected to SCCM
      • Security & Compliance Solution
        • Security Compliance Manager
      • Update and Change Management
      • Antimalware Assessment
      • Active Directory and SQL Health Analysis
    • Azure Active Directory
      • Premium
      • B2C
      • Domain Services
      • Multi-factor Authentication (MFA)
    • Azure Key Vault
      • Hardware Security Models
      • SIEMS Export
    • Enterprise Mobility + Security (EM+S) (aka Enterprise Mobility Suite (EMS))
      • InTune for mobile device management
      • Azure Rights Management Services
      • Advanced Threat Analytics
      • Azure AD Premium
      • Remote Desktop Services
    • Office 365
      • Advanced Threat Protection
      • Security & Privacy Settings
        • Password policy
        • Customer Lockbox
        • Sharing
        • Self-service password reset
      • Security & Compliance
        • Cloud App Security (aka Advanced Security Management)
        • Threat management
        • Data Loss Prevention
        • Data Governance
        • Search & Investigation
        • Service Assurance/Compliance Reports