Azure Security Center with NGINX

Azure Security Center (ASC) is a service that comes in a free tier with limited functionality and a fee-based standard tier with a complete set of security capabilities for organizations that need enhanced functionality. The free tier monitors compute, network, storage, and application resources in Azure. It also provides security policy, security assessment, security recommendations, and the ability to connect with other security partner solutions. The standard tier includes all the capabilities of the free tier for on-prem environments (private cloud) as well as other public clouds such as AWS and Google Cloud Platform (GCP). The standard tier also includes many more security features along with the following critical security controls:

  • Built-in and custom alerts
  • Security event collection and advanced search
  • Just-in-time VM access
  • Application white listing

The NGINX configuration deployed to Azure virtual machines (VMs) and virtual machine scale sets (VMSS) can have the Microsoft Monitoring Agent installed to read various security-related configurations and event logs from the VM for monitoring in Azure Security Center. This provides a unified view of Azure resources including the NGINX resources.

Azure Monitor with NGINX

Meaningful metrics play a key role in helping understand applications and the underlying services and infrastructure that they run to create nominal operational baselines as well as detect, investigate and diagnose issues.

Azure monitor integrates the capabilities of Log Analytics and Application Insights for end-to-end monitoring of applications that include NGINX as well the virtual machines and virtual machine scale sets hosting NGINX.

Syslog is an event logging protocol that is common to Linux and the best way to consolidate logs from multiple sources into a single location. The Microsoft Monitoring Agent (MMA) for Linux hosting NGINX configures the local Syslog daemon to forward messages to MMA which then sends the message to Azure Monitor where a record is created.

Azure Governance and Policy Management for NGINX

Azure Management refers to the tasks and processes required to maintain business applications and the resources to support them. Azure Governance is one aspect of Azure Management. Azure Governance can be summarized by the following features and services which can be implemented across all your Azure environments:

  1. Create flexible hierarchies with Azure Management Groups for applying policies across multiple subscriptions
  2. Azure policies enforce different rules and effects over your resources
  3. Azure Blueprints allow the creation of fully compliant environments and the ability to apply group policies to new Azure subscriptions
  4. Azure Resource Graph allows fast visibility into all your resources
  5. Cost management allows the analysis of costs and the ability to monitor usage from a single dashboard

NGINX as well the virtual machines and virtual machine scale sets hosting NGINX can be managed with the functionality provided in Azure governance and policies.