Integration of Azure security products in Azure Security Center

Azure Security Center provides you with additional Microsoft licenses to work with the following security products:

Azure WAF

Azure Application Gateway offers a web application firewall (WAF) that provides centralized protection of your web applications from common exploits and vulnerabilities.

Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. The Application Gateway WAF is based on Core Rule Set 3.0 or 2.2.9 from the Open Web Application Security Project. The WAF is updated automatically to protect against new vulnerabilities, with no additional configuration needed. WAF alerts are streamed to Security Center. For more information on the alerts generated by WAF, see Web application firewall CRS rule groups and rules.

Azure DDoS Protection

Distributed denial of service (DDoS) attacks are known to be easy to execute. They have become a great security concern, particularly if you are moving your applications to the cloud.

A DDoS attack attempts to exhaust an application’s resources, making the application unavailable to legitimate users. DDoS attacks can target any endpoint that can be reached through the internet.

Azure DDoS Protection, combined with application design best practices, provide a defense against DDoS attacks. DDoS Protection provides different service tiers. For more information, see Azure DDoS Protection overview.

DDoS Protection Standard can mitigate the following types of attacks:

Alert Description
Volumetric attack detected This attack's goal is to flood the network layer with a substantial amount of seemingly legitimate traffic. It includes UDP floods, amplification floods, and other spoofed-packet floods. DDoS Protection Standard mitigates these potential multi-gigabyte attacks by absorbing and scrubbing them, with global network scale, automatically.
Protocol attack detected These attacks render a target inaccessible, by exploiting a weakness in the layer 3 and layer 4 protocol stacks. It includes SYN flood attacks, reflection attacks, and other protocol attacks. DDoS Protection Standard mitigates these attacks, differentiating between malicious and legitimate traffic, by interacting with the client, and blocking malicious traffic.
Resource (application) layer attack detected These attacks target web application packets, to disrupt the transmission of data between hosts. The attacks include HTTP protocol violations, SQL injection, cross-site scripting, and other layer 7 attacks. Use the Azure Application Gateway WAF, with DDoS Protection Standard, to defend against these attacks. There are also third-party WAF offerings available in Azure Marketplace.