What is our primary use case?
We are working for a major client in the UK. So, we are moving all the products of clients from their on-premises environment to the cloud. One of the biggest challenges we face, “Once the infrastructure is created in the cloud, how can we make sure that the infrastructure is secure enough?” For that purpose, we are using Azure Security Center, which gives us all the security loopholes and vulnerabilities for our infrastructure. That has been helpful for us.
How has it helped my organization?
We use the Azure Security Center to scan the entire infrastructure from a security point of view. It gives us all the vulnerabilities, observations, etc. It reports most of the critical issues.
From an organization or security audit point of view, there are few tools available in the market. The output or score of Azure Security Center has really helped the organization from a business point of view by showing that we are secure enough with all our data, networks, or infrastructure in Azure. This helps the organization from a business point of view to promote the score, e.g., we are secure enough because this is our score in Azure Security Center.
We are using it from a security point of view. If there is a threat or vulnerability, the solution will immediately scan, report, or alert us to those issues.
What is most valuable?
We are using most of the good services in Azure:
- The load balancing options
- Application Gateway
- Azure AD.
I value Azure Security Center the most from a security point of view. Everybody is concerned about moving data or infrastructure to the cloud. This solution proves that we are secure enough for that infrastructure, which is why I really value the Azure Security Center. We are secure in our infrastructure.
This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot.
What needs improvement?
From a business point of view, the only drawback is that Azure or Microsoft need to come up with flexible pricing/licensing. Then, I would rate it 10 out of 10.
For how long have I used the solution?
We have been using it in production for the last three years. I have been part of the cloud migration team for Azure Cloud for the last two years.
What do I think about the stability of the solution?
We started using Azure Cloud from the initial version. Every week or month, there are updates in Azure. For the last three years, we have been using the latest version.
What do I think about the scalability of the solution?
Whenever we increase the number of our resources, Azure Security Center easily copes with it. Since this is a ready-made service, it will automatically scale.
We are working with around 100 to 150 major clients in the UK. Each client has 200 to 500 users.
From an overall infrastructure point of view, we have a five member team.
How are customer service and technical support?
We are getting adequate support and documentation from Microsoft. We are a Premium customer of Microsoft, so we are getting support in terms of documentation and manual support.
Which solution did I use previously and why did I switch?
We were using this service from the onset.
How was the initial setup?
This is a PaaS service. It is a ready-made service available in Azure Cloud. It is very easy to use and set up because you are using the platform. We don't want to maintain this service from our end.
There are different models when it comes to the cloud:
- Infrastructure as a service
- Platform as a service
- Software as a service.
We are using sort of a hybrid, both infrastructure as a service and platform as a service.
What about the implementation team?
We are using our own team for the deployment.
We consume or subscribe to the service. Azure takes care of the maintenance and deployment, and we don't need to worry about it.
What was our ROI?
We are securing our customers' infrastructure using Azure Security Center. That internally helps their overall organization meet their goal/score on security.
So far, the feedback from the customer and our team have been really positive. We are very happy and getting return on investment from this product.
What's my experience with pricing, setup cost, and licensing?
Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool.
One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view.
Which other solutions did I evaluate?
Other than Azure Security Center, we did not find a single tool which could analyze all our infrastructure or resources in Azure Cloud.
We were mainly looking for products or tools native to Azure. The other tools that we evaluated were not native to Azure. Azure Security Center is natively attached to Azure. Because other tools were not natively supporting Azure, then we would have to maintain and deploy them separately.
What other advice do I have?
So far, we have received very positive feedback from the team and customers. Because it is a single tool where we list all the problems or vulnerabilities, we are happy as a team. The customer is also happy.
End users are not interacting with Azure Security Center. This is a back-end service that evaluates security.
There are no other good tools in Azure, other than Azure Security Center, which will evaluate and alert you to security vulnerabilities and threats. So, if somebody is really concerned about the security of their infrastructure in Azure, I suggest you use Azure Security Center. The features that it provides from a security point of view are amazing.
I would rate the product as a seven or eight (out of 10) because it is really helping us to improve our security standards.