Azure Government Cloud Adds TiC Support and New Offerings for FedRAMP P-ATO

5 new offerings that meet FedRAMP P-ATO security requirements, Trusted Internet Connection (TIC) initiative support, added to Azure Government. Detailed auditing and sign-in logs in new Azure portal.

Share online:

Azure's Government Cloud expands its FedRAMP Provisional Authorization to Operate (P-ATO) with five new offerings that meet the U.S. government's security requirements.

Service Bus, Notification Hubs, Site Recovery, StorSimple and Backup have all received Joint Authorization Board (JAB) approval for addition to Azure Government's P-ATO at the High Impact Level.

With the addition of these five offerings, "the total number of Azure Government offerings that meet the FedRAMP High baseline grows to 18," Azure team stated.

  • Azure Service Bus provides cloud-enabled communication with enterprise messaging and relayed communication to help connect applications, services, and devices.
  • Azure Notification Hubs is a massively scalable mobile push notification engine for quickly sending millions of notifications to iOS, Android, Windows, or Kindle devices, working with APNS (Apple Push Notification Services), GCM (Google Cloud Message), WNS (Windows Push Notification Services), MPNS (Microsoft Push Notification Service), and more.
  • Azure Site Recovery orchestrates replication of on-premises physical servers and virtual machines to the Azure cloud or to a secondary datacenter allowing organizations to meet BCDR (Business Continuity and Disaster Recovery) objectives.
  • Azure StorSimple is an efficient, cost-effective, and easily manageable storage area network (SAN) solution that eliminates many of the issues and expenses associated with enterprise storage and data protection.
  • Azure Backup, is a simple and cost-effective backup-as-a-service solution that extends tried-and-trusted tools on-premises with rich and powerful tools in the cloud.

Microsoft Azure Government supports Trusted Internet Connection (TIC) initiative, that lets Federal government agencies or departments customers build applications and services that comply with the TIC initiative, leveraging Azure Government.

TIC, if you don't know, "is a common name for initiative number one of the Comprehensive National Cybersecurity Initiative (CNCI)." Most recently introduced is "the TIC Overlay pilot program with a goal of optimized connectivity to FedRAMP compliant cloud service providers (such as Azure Government) with security capabilities to meet TIC initiative obligations."

Azure Government support TIC
Azure Government supports TIC capabilities

The public preview of the Azure AD admin experience with the new Azure portal just a couple months ago—today, adds Azure Active Directory auditing features, that help customers meet their reporting and compliance needs by providing a rich way to view, investigate, and analyze audit and sign-in data.

Azure AD in new Azure portal
Azure Ad in new Azure portal

Here is what's new today:

  • Single view of all audit and sign-in logs within the Azure Active Directory.
  • Contextual audit and sign-in logs lets easily find out who did what to your resources. See pre-filtered audit and sign-in data in different areas, including:
  • User Management blade: see User Activities
  • Single user profile page: see which activities were done by/on the user
  • Enterprise Applications blade: see App Activities
  • Single app profile page: see the operations have been performed by/on the app in the past 30 days
  • Rich search & filtering experience including: "Date and time, Actor's UPN (e.g. danny@contso.com or you can simply type Danny), Activity Type (E.g. User, Group, App, Policy, Domain, etc.), Activity (E.g. Add User, Add Application, Add Owner to App, etc.)."
  • Reporting data insights overview blade provide access to everything you need in your directory, and now there will also be a visualization of your usage data in the context of your location within the Portal.
  • Reporting data insights across all resources in your tenant. All activity data is categorized as audit and sign-in data.
  • Audit logs across all resources include Users, Apps, and Directory.
  • Sign-ins across all resources (Users and Apps)
  • Audit API provides logs for all the audit events listed, as well as features a rich set of filters to filter activity logs through the API.
  • Sign-in API provides all the user sign-in information for your tenant, as well as filters like Sign-in date, Sign-in status, User ID, Application ID, Application Name, and User Name.

Windows Upgrade Analytics, a free solution that is part of Microsoft Operations Management Suite (OMS) is now well integrates into Azure. Thus, it is now a requirement that "all OMS workspaces are linked to an Azure subscription," Microsoft stated.

But, you can still use Upgrade Analytics for free. However, you must take a couple of extra steps to set up your workspace with the OMS Log Analytics technology, see here.

Linking Operations Management Suite workspaces to Microsoft Azure
Linking Operations Management Suite workspaces to Microsoft Azure