Published: August 2016
In This Article
- Alert Logic Support Changes
- Microsoft Azure & Amazon Web Services
- Azure Technical Functionality
- Additional Resources
This document summarizes general support information for Alert Logic® services running on Microsoft® Azure® Infrastructure as a Service (IaaS). This includes general capabilities, value to our customers, and a comparison to our services available on Amazon Web Services as reference. This guide is intended to assist Alert Logic customers interested in extending their Alert Logic services on protected workloads already running on Microsoft Azure, or customers in the planning stages of migrating to Microsoft Azure.
Available products and services for Microsoft Azure include:
- Alert Logic Cloud Defender™
- Alert Logic Web Security Manager™
- Alert Logic ActiveWatch™ services
- Alert Logic Threat Manager™ - Learn more with the following documentation:
- Threat Manager for Microsoft Azure IaaS Manual Deployment (Linux)
- Threat Manager for Microsoft Azure IaaS Manual Deployment (Windows)
- Alert Logic Log Manager™ - Learn more with the following documentation:
NOTE: Web Security Manager is available for out-of-band deployments as part of Cloud Defender.
Please contact Alert Logic regarding availability of Web Security Manager™ Premier or ActiveWatch™ Premier.
Alert Logic support of Microsoft Azure introduces information for current Alert Logic customers. Understand how Alert Logic support for Azure may impact you.
- Azure Marketplace - Alert Logic Threat Manager is available in Azure Marketplace via a bring-your-own-license (BYOL) model.
- Pricing - Customers can configure Alert Logic services to protect Azure workloads at no additional charge, granted they stay within their allotted subscription entitlement tier.
- Compliance - Customers using Alert Logic products and services for PCI, SOX, and HIPAA compliance can include Azure workloads at no additional charge, granted they stay within their allotted subscription entitlement tier.
NOTE: Customers that exceed their subscription entitlement should contact Alert Logic Customer Care or their account manager for guidance.
Alert Logic services and functionality within Microsoft Azure and Amazon Web Services (AWS) are similar. Learn how Azure stacks up to AWS and how solution functionality compares.
- Scaling - Alert Logic deployments running on Microsoft Azure are manually configured. Alert Logic deployments running on AWS scale dynamically with the customer's environment.
- Threat Manager - Threat Manager scanning capabilities are carried out identically within Microsoft Azure and AWS.
- Log Manager - Log collection within AWS includes access to AWS-specific event logs. Log collection within Azure include Audit, SQL, and App logs.
- Alert Logic Web Console - The Alert Logic web console can include security data and events from Azure and AWS cloud platforms.
Understand the technical functionality of products and services supported by Alert Logic for Microsoft Azure.
- Logs - Alert Logic can collect Azure SQL logs and IIS logs for web workloads from Azure directly. Application and OS logs are collected via an agent running on the VMs. All of these logs are transported back to Alert Logic for analysis and retention.
- NOTE: While Alert Logic does not export logs from our data centers to other tools, customers can turn on logging for their individual environments, send those logs to a storage account in their environment, and then pull those logs into OMS. These logs will be captured by the Azure agent.
- Data Transfer Charges - Data transfer between Microsoft Azure services located within the same region will not be charged, but those located in two different regions will incur Azure transport-related charges. Outbound data transfer is charged at the normal rate, while inbound transfer is free. Further, virtual networks in Azure are free of charge. Every subscription is allowed to create up to 50 virtual networks across all regions. Public IP and Reserved IP addresses used on services inside a virtual network, however, incur Azure charges.
- Azure Cloud Configuration - Preferred configuration for an all-Azure Cloud offering includes:
- One appliance per VNET
- All hosts configured to point to the appliance within the VNET
- Agents in close proximity to the appliance
- This configuration reduces latency of appliance performance, and is also cost effective, as data packets across Azure regions incur charges.
- Agent Configuration - Agents are manually configured to connect to the closest appliance, which is normal best practice.
- Deployment Models - Microsoft Azure utilizes two deployment models, or APIs. These are Classic (v1) and Azure Resource Management (v2). Microsoft Azure guides all new customers to deploy on ARM. Azure Resource Management (ARM) is supported by Alert Logic, while Classic is not.
- IaaS & PaaS - Microsoft Azure supports two different service structures, Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). Alert Logic supports the Microsoft IaaS structure, but does not fully support PaaS. Microsoft doe snot currently expose network traffic to us, which excludes network security monitoring from Alert Logic services.
Self-service training, installation manuals, and other information regarding Alert Logic services for Microsoft Azure are available to you in several forms. Documentation and installation guides are available within Alert Logic Docs. You can pose questions or participate in discussions within the Alert Logic Community. You may also contact Alert Logic Customer Care with any questions.
You can find more information about Alert Logic support on Microsoft Azure Cloud Platform here.