For IT decision makers, here’s why it’s pertinent to consider Azure Arc:
- An integrated management and governance solution that is centralized and unified, providing streamlined control and oversight.
- Securely extending your on-prem and non-Azure resources into Azure Resource Manager (ARM), empowering you to:
- Define, deploy, and manage resources in a declarative fashion using JSON template for dependencies, configuration settings, policies, etc.
- Manage Azure Arc-enabled servers, Kubernetes clusters, and databases as if they were running in Azure with consistent user experience.
- Harness your existing Windows and Azure sysadmin skills honed from on-premises deployment.
- When connecting to Azure Arc-enabled servers, you may perform many operational functions, just as you would with native Azure VMs including these key supported actions:
- Govern
- Assign Azure Automanage machine configurations to audit settings inside the machine.
- Protect
- Secure non-Azure servers with Microsoft Defender for Endpoint, included through Microsoft Defender for Cloud, for threat detection, vulnerability management, and proactive monitoring for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected.
- Configure
- Use Azure Automation and Update Management for your Windows and Linux servers. (Ref: 1, 2)
- Monitor
- Keep an eye on OS, processes, and dependencies along with other resources using VM insights. Additionally collect, store, and analyze OS as well as workload logs, performance data, and events. Which may be injected into Microsoft Sentinel real-time analysis, threat detection, and proactive security measures across the entire IT environment.
- Govern
Extended Security Updates (ESUs) is enabled by Azure Arc. IT can seamlessly deploy ESUs through Azure Arc in on-premises or multi-cloud environments, right from the Azure portal. In addition to providing a centralized management of security patching, ESUs enabled by Azure Arc is flexible with a pay-as-you-go subscription model compared to the classic ESU offered through the Volume Licensing Center which are purchased in yearly increments.
To test it out, follow Quickstart – Connect hybrid machine with Azure Arc-enabled servers.