AvePoint Learn
記事をリクエストする
サポートに問い合わせる
記事をリクエストする
サポートに問い合わせる
日本語

    Home > Azure Security Management

    Download this article
    お知らせ: このページは現在英語のみで提供されています。日本語版は準備中です。ご不便をおかけして申し訳ございません。

    Azure Security Management

    Azure security management helps partners run cross-tenant security and data protection operations from one place. It includes policy-based risk scanning, vulnerability detection with severity tracking and remediation guidance, and tenant-level insights for issues. It also provides inventory and identity access analytics, and point-in-time backup and restore for Azure virtual machines, file shares, blobs, SQL databases, and Azure DevOps.

    Note that Azure security management service is not supported in the U.S. Government environment.

    On the top of the Azure security management page, you can view the following tiles:

    • Cloud posture risk policies – Displays the number of cloud posture risk policies that are currently active and the number of rules in the policies. Click View details on the tile to manage cloud posture risk policies. For details, refer to Configure Cloud Posture Risk Policies.

    • Backup profiles – Displays the number of backup profiles that defines the settings for Azure resource backup. Click View details on the tile to manage backup profiles. For details, refer to Configure Backup Profiles.

    • Process center – Click View details on the tile to access the process center, where you can review all processes that have been initiated within this module.

    By default, all tenants that are connected to the Azure security management service are listed in the table with the following information:

    • Tenant – The tenant name. The customer’s organization name is displayed below the tenant name. Click the tenant name to access the Overview page where you can view the general information of issues and data protection status of Azure resources for the tenant.

    • Issues – The number of issues detected in the tenant, organized by severity.

    • Backup subscription status – The backup subscription status of the tenant.

    • Consumed backup size – The consumed size by Azure resource backup.

    • CSPM subscription status – The CSPM subscription status of the tenant.

    • Consumed workloads – The consumed workloads by risk scan.

    • Last updated time – The last updated time of the tenant.

    You can select a tenant and click Edit subscription to edit the Azure security management subscription information for the tenant. Refer to Manage Customer Subscriptions for details.

    Subscription Modules

    When you purchase an Azure security management subscription, you can enable one or both modules based on your needs:

    • CSPM – Provides security posture management for Azure resources.

    • Backup and restore – Provides backup and restore for Azure resources.

    The trial subscription for Azure security management includes both CSPM and Backup and restore subscriptions, with support for up to five workloads and five backups.

    CSPM Workload Billing

    For CSPM subscriptions, workload is the billing unit. Each eligible resource counts as one workload when risk scan is enabled.

    The following resource types are counted as billable workloads:

    • App service
    • Key vault
    • Storage account
    • API management
    • SQL server
    • SQL database
    • Kubernetes service
    • Virtual machine
    • Subscription

    If risk scan is disabled for a resource, the corresponding workload count is released.