Application Insights is a feature of Azure Monitor that provides extensible application performance management (APM) and monitoring for live web apps. Developers and DevOps professionals can use it. Application Insights to:
- Automatically detect performance anomalies.
- Help diagnose issues by using powerful analytics tools.
- See what users do with apps.
- Help continuously improve app performance and usability.
Application Insights Features:
- Supports various platforms, including .NET, Node.js, Java, and Python.
- Works for apps hosted on-premises, hybrid, or on any public cloud.
- Integrates with DevOps processes.
- Has connection points to many development tools.
- Can monitor and analyze telemetry from mobile apps by integrating with Visual Studio.
|Config Name||Description||Solution||GE Control ID|
|RG||Resource Group requirement||Must use same region for resource, resource group and subscription||Standard EA|
|Network Type||Access to the service||Must opt NO for "Accept data ingestion& Query from public networks not connected through a Private Link Scope"||SEC 1.2|
|Data Encryption||Send data Securely||To ensure security of data transit to Azure Monitor. With an enforce to configure the agent to use at least TLS 1.2||SEC 7.2|
|Authentication/Authorization||Authenticate to console services and data sources using Azure native security services||Authenticating of services using AAD IAM RBAC||SEC 2.1|
|Keys||API keys stored in keys Vault as secrets||You can either create your own keys or store them in a key vault APIs to generate keys.||SEC 4.1|
|Logging||Collect platform logs and operation logs.||Logs must be stored in Gas Power Cyber approved logging destination: central analytics workspace in 328-gp-azr-ops||SEC 3.11|
|UAI tag||All speech services must be tagged with a valid UAI||
- Example: Key: uai
- Value: uai1234567
- Use lower case name and value
|Env tag||All speech services must be tagged with a tag corresponding to the application environment||
- Example: Key : env, Value: prd
- For Valid envs see item 5.2 in cloud controls document
- Use lower case name and value
|Appname tag||Must tagged with application short name where applicable||
- Example: Key: appname
- Value: ABC123
Resource Standards and Policies
|Naming convention||Resource follows standard naming convention||
Apply naming standards based on the following guidelines
Naming & Tagging Standards
Ready to experience the full power of cloud technology?
Our cloud experts will speed up cloud deployment, and make your business more efficient.
|Standard network Configuration||Standard vnet, subnet, NSG configuration applied||See network baseline config for more information.|
|Private endpoints||Deny public internet access||Ensure that key vault is accessible only over Stakeholder private network|
Identity and Access Management
|Config Name||Description||Solution||Mandated/Optional||IAM Policy||CF Template|
|IAM RBAC Configuration||Standard RBAC roles defined for speech service and assigned to users||See Stakeholder’s approved baseline configuration for more information||Mandated|
|API Key rotation||Keys should be rotated periodically.||Generate Keys regularly and store keys in Key Vaults|
|Backup and Recovery||Ensure Regular automated Backups||Follow standards to backup|
ISmile Technologies brings its managed cloud security services to your defence. We help you reimagine cloud security by building it into the foundation of your company. In this way it can meet your business’s evolving needs cost-effectively as a fully managed, consumption-based, as-a-service model, ensuring advanced security. Schedule a free assessment today.
I’m working as Cloud DevOps Engineer. Expertise in technologies of Kubernetes, cloud services and cloud-native services, and DevOps technologies in various clouds.