South Lakes Housing Increases Security & Visibility With Azure Sentinel

South Lakes Housing (SLH) is rapidly moving it’s IT infrastructure and applications into the cloud and is starting to embrace the many cloud solutions on offer within Azure cloud such as Azure Sentinel to greatly improve its security posture.

For SLH security is always high on the agenda hence the decision was made to dramatically enhance its security visibility across it’s estate through the use of Microsoft’s cloud security information and event management solution (SIEM) Azure Sentinel.

South Lakes Housings need for Azure Active Directory

South Lakes Housing has moved much of its information assets into Office 365 platforms such as Exchange Online and OneDrive, their authentication is integrated into Azure Active Directory to enable seamless sign in. With such critical functions hosted in the cloud it becomes even more important to establish and maintain a capability to detect and manage security attacks.

SLH needed a security view across their Office 365 estate that would highlight suspicious activities that may indicate a risk to the business and its data, with its deep native integration into Office 365; Sentinel is able to hunt for and report on such events with ease.

Azure active directory

Despite having a new cloud first strategy many of the clients toolsets are traditional on-premise solutions, Sentinel would be the clients first step towards cloud based SIEM solutions that need to be fast, intuitive and integrated without adding too much complexity.

Azure Sentinel and A4S Monitoring Solution

A4S proposed combining Azure Sentinel with the already implemented A4S Monitor currently monitoring and alerting across their Windows infrastructure environment.

Security is automatically improved by the inbuilt capabilities of Sentinel such as:

  • Gain a single security-focused view of data across users, infrastructure, devices and applications.
  • Scale the solution to meet your needs.
  • Leverage the benefits of cloud artificial intelligence and machine learning.
  • Manage, automate and speed responses to security events.

Sentinels real-time out-of-the-box connectors for solutions such as Office 365, Azure AD, Cloud apps and more can potentially bring significant value.

Microsoft sentinel

Sentinels ready made dashboards and queries meant the solution could be implemented quickly and can be built upon in the future as our needs grow.

What Is Azure Sentinel?

Azure Sentinel is a cloud-native intelligent security analytics solution for Enterprises. Azure sentinel is based on artificial intelligence (AI) to analyse any security threats that might be threatening your data, application, servers, or devices running on-premises or in the cloud.

Microsoft sentinel

Ease Of Implementation

Working together with A4S experts, SLH enjoyed a quick and simple move to Azure Sentinel. Now SLH used A4S Monitor to maintain visibility across the entirety of its Microsoft infrastructure, moving forwards; solutions with as Azure WAF and Azure Front Door, along with other host-based and web application firewalls, will then feed into Azure Sentinel and A4S Monitor.

“The ability to combine our Microsoft-based data with our other log data sources is what makes Azure Sentinel so powerful,” says Paul Aitken SLH IT Manager. “We now have incredible visibility across our hybrid cloud environment, all in one place.”

Even when the deployment was in progress it became obvious that data was being imported and inspected quickly, the team immediately was able to use the ‘out of the box’ reports and dashboards to begin viewing security related events and configurations.

Implementation Results

Now that South Lakes Housing has connected many of its Microsoft cloud applications to Sentinel they’re able to detect and managed security events far quicker than before.

The client also appreciates the ease of implementation such as ‘out of the box’ connectors, reports, queries and alerts that make Sentinel a useful solution almost immediately.

Azure sentinel

Future Scope

Azure Sentinel grows with your business as it expand its infrastructure estate and moves into the cloud, when combined with solutions such as A4S Monitor to provide real time operational and security alerting the scope of protected solutions can include the below (and many more):

  • Firewalls
  • Anti-Virus End Points
  • Hypervisors
  • Syslog

Increased Security & Visibility: Conclusion

Sentinel is a cloud first SIEM solution that natively integrates into cloud environments, when combined with data capture from on-premise solution using either native connectors or Syslog. The result is a tremendously powerful hybrid cloud security solution giving total visibility of the client’s entire estate.

This particular deployment will start by focusing on specific areas of the IT security and can scale as needs grow, out of the box reports, connectors and queries mean the client is realising benefit immediately and has greatly improved their security posture.

If you have any questions about this deployment then please get in touch here.

South Lakes Housing Increases Security & Visibility With Azure Sentinel

Want Help With Azure Sentinel?
Click the link below

To see the wide range of projects we’ve worked on, click here to read other case studies.