WEBVTT 0:00:02.880000 --> 0:00:07.060000 When you are working with virtual machines, when you're setting up infrastructure 0:00:07.060000 --> 0:00:11.840000 as a service, you of course want to have all of the security capabilities 0:00:11.840000 --> 0:00:14.720000 that are available at your fingertips. 0:00:14.720000 --> 0:00:17.040000 And that's really what this video is about. 0:00:17.040000 --> 0:00:21.540000 We're going to look at some of the security features that are in Azure 0:00:21.540000 --> 0:00:24.600000 specifically for maintaining virtual machine security. 0:00:24.600000 --> 0:00:31.020000 The topics that we're going to cover in this video include VM hardening 0:00:31.020000 --> 0:00:35.120000 in general. We're going to take a look at security center and we're going 0:00:35.120000 --> 0:00:37.740000 to talk about endpoint management in particular. 0:00:37.740000 --> 0:00:40.840000 Then I'm going to demonstrate security center, including showing you some 0:00:40.840000 --> 0:00:44.300000 things like how to activate endpoint management and other capabilities 0:00:44.300000 --> 0:00:50.260000 that are really in this comprehensive centralized tool for security. 0:00:50.260000 --> 0:00:52.120000 And then I'll talk about system updates. 0:00:52.120000 --> 0:00:57.760000 Another important aspect of maintaining a highly secure virtual machine 0:00:57.760000 --> 0:01:01.380000 environment. So let's go ahead and let's take a look at this. 0:01:01.380000 --> 0:01:04.000000 Let's move into this just a little bit. 0:01:04.000000 --> 0:01:07.680000 I'm going to start talking about VM hardening. 0:01:07.680000 --> 0:01:11.300000 And when we talk about VM hardening, there's certain things both within 0:01:11.300000 --> 0:01:15.280000 the Azure environment as well as within the virtual machine itself. 0:01:15.280000 --> 0:01:19.000000 So for example, from the Azure standpoint, you want to make sure that 0:01:19.000000 --> 0:01:23.260000 you are using least rights concepts, right? 0:01:23.260000 --> 0:01:26.060000 Least required rights, least privilege, whatever you want to call it, 0:01:26.060000 --> 0:01:28.460000 manage access to the VM resource, right? 0:01:28.460000 --> 0:01:31.140000 Because if I can get to the VM resource, for example, I can change the 0:01:31.140000 --> 0:01:38.080000 password. Speaking of which, use complex randomized passwords for administrative 0:01:38.080000 --> 0:01:43.880000 accounts. Definitely something that's kind of a standard concept. 0:01:43.880000 --> 0:01:48.080000 Also, deploy VMs based on hardened images. 0:01:48.080000 --> 0:01:53.900000 There are actually a number of images in the marketplace that are already 0:01:53.900000 --> 0:01:55.420000 hardened, right? 0:01:55.420000 --> 0:01:59.760000 So they've already gone through and both for Windows and for Linux really 0:01:59.760000 --> 0:02:01.660000 lock those machines down. 0:02:01.660000 --> 0:02:04.200000 Another thing you always want to do, and we'll talk about this right at 0:02:04.200000 --> 0:02:07.920000 the end of the video, is make sure that you're managing updates, security 0:02:07.920000 --> 0:02:13.280000 patches. If you're in IT, you know that security patches are critical 0:02:13.280000 --> 0:02:16.980000 for dealing with new threats all the time. 0:02:16.980000 --> 0:02:20.160000 Also sometimes people don't think about hardening, but implement that 0:02:20.160000 --> 0:02:22.280000 backup solution, right? 0:02:22.280000 --> 0:02:25.540000 You should have everything in place so that on your servers, you're not 0:02:25.540000 --> 0:02:28.480000 going to get ransom ware, right? 0:02:28.480000 --> 0:02:31.360000 But you know, in case something like that happens, having a good solid 0:02:31.360000 --> 0:02:36.460000 backup is a good remedial step for any kind of attack. 0:02:36.460000 --> 0:02:40.460000 And of course you want to monitor your virtual machines. 0:02:40.460000 --> 0:02:41.760000 You want to set up alerting. 0:02:41.760000 --> 0:02:46.900000 You want to have every possible way of knowing as soon as or ideally before 0:02:46.900000 --> 0:02:54.340000 issues happen. And also make sure your disks are encrypted, use user supplied 0:02:54.340000 --> 0:03:01.940000 encryption, and ideally, if at all possible, use the key encryption key 0:03:01.940000 --> 0:03:03.400000 or key encrypting key, right? 0:03:03.400000 --> 0:03:08.300000 That just gives you another layer of security, more things to get in the 0:03:08.300000 --> 0:03:13.880000 way of somebody actually physically obtaining and compromising your virtual 0:03:13.880000 --> 0:03:18.280000 hard drives. Speaking of multiple levels, you want to think about where 0:03:18.280000 --> 0:03:21.460000 you're applying your firewalls and how you're applying your firewalls, 0:03:21.460000 --> 0:03:26.000000 right? You're going to apply at a minimum NSG is possibly a firewall appliance 0:03:26.000000 --> 0:03:30.900000 or possibly Azure firewall, or maybe your application gateway, whatever 0:03:30.900000 --> 0:03:32.600000 your firewall solution is. 0:03:32.600000 --> 0:03:37.400000 But also consider the firewalling capabilities on the virtual machines. 0:03:37.400000 --> 0:03:42.000000 For example, Windows Server has built -in firewalling and you want that 0:03:42.000000 --> 0:03:43.520000 defense and depth concept. 0:03:43.520000 --> 0:03:48.660000 So you want to make sure that you are really implementing as much of the 0:03:48.660000 --> 0:03:55.500000 security and as much of the firewalling as makes sense for your environment. 0:03:55.500000 --> 0:04:06.480000 Okay. Now, a tool for this, a tool for handling all of this is I get it 0:04:06.480000 --> 0:04:07.580000 to move it, there we go. 0:04:07.580000 --> 0:04:09.180000 Security center, right? 0:04:09.180000 --> 0:04:14.120000 Now, security center is part of the Azure portal. 0:04:14.120000 --> 0:04:19.520000 Simple as that. It's something that you've got. 0:04:19.520000 --> 0:04:22.140000 It's there. There is a free tier. 0:04:22.140000 --> 0:04:26.100000 I will tell you the free tier has just about nothing. 0:04:26.100000 --> 0:04:28.900000 It has a little bit little basic some policy. 0:04:28.900000 --> 0:04:30.140000 You get a security score. 0:04:30.140000 --> 0:04:33.720000 Mine is terrible always, but mine's terrible always because these are 0:04:33.720000 --> 0:04:39.260000 all machines. I just spin up and break down and I don't, you know, I don't 0:04:39.260000 --> 0:04:42.020000 do as I say. So please do as I say, not as I do. 0:04:42.020000 --> 0:04:44.720000 Anyways, what are some of the things you can do with security center? 0:04:44.720000 --> 0:04:46.320000 You've got vulnerability scanning. 0:04:46.320000 --> 0:04:48.320000 You can install vulnerability scanning. 0:04:48.320000 --> 0:04:54.720000 So you've got your background, artificial intelligence looking for any 0:04:54.720000 --> 0:04:56.420000 vulnerabilities. 0:04:56.420000 --> 0:04:58.700000 Workload specific whitelisting. 0:04:58.700000 --> 0:05:02.320000 So you're the ability to say, okay, you know, here's my workload. 0:05:02.320000 --> 0:05:04.200000 These are the things that should be allowed. 0:05:04.200000 --> 0:05:06.780000 What you're going to be allowed to do, what's going to flag a problem 0:05:06.780000 --> 0:05:09.520000 is going to be different if you're running a file server as opposed to 0:05:09.520000 --> 0:05:13.460000 a web server. Just in time access. 0:05:13.460000 --> 0:05:15.180000 This is one of those things. 0:05:15.180000 --> 0:05:18.200000 Microsoft loves just in time access. 0:05:18.200000 --> 0:05:23.740000 I don't and I don't because I think there's better approaches to this. 0:05:23.740000 --> 0:05:27.680000 And I talk about this in another video, but I would rather have a situation 0:05:27.680000 --> 0:05:32.280000 where you either have to use the Bastion interface and go through the 0:05:32.280000 --> 0:05:37.640000 portal through HTTPS rather than going directly to an administrative portal 0:05:37.640000 --> 0:05:39.080000 on a virtual machine. 0:05:39.080000 --> 0:05:43.240000 Or ideally, you're going over a tunnel from your on-premises environment, 0:05:43.240000 --> 0:05:47.540000 whether it's a VPN tunnel or an express route gateway. 0:05:47.540000 --> 0:05:51.980000 And you're accessing it without ever really directly going to a public 0:05:51.980000 --> 0:05:53.580000 endpoint on your virtual machine. 0:05:53.580000 --> 0:05:57.140000 But if you do have public endpoints on your virtual machines and you are 0:05:57.140000 --> 0:06:01.900000 allowing administrative access over those, you absolutely should implement 0:06:01.900000 --> 0:06:03.760000 just in time access. 0:06:03.760000 --> 0:06:08.800000 So just something to keep in mind and also security alerts. 0:06:08.800000 --> 0:06:11.500000 You've got security alerts. 0:06:11.500000 --> 0:06:14.380000 Hopefully that's fairly self-evident. 0:06:14.380000 --> 0:06:17.220000 We're going to see all the different things that can flag security and 0:06:17.220000 --> 0:06:23.260000 then talk about the need to be, well, alerted to those. 0:06:23.260000 --> 0:06:26.600000 And the process of setting security alerts, if you understand alerts in 0:06:26.600000 --> 0:06:31.840000 Azure, is really pretty straightforward. 0:06:31.840000 --> 0:06:38.200000 Now, one of the features of security center is endpoint protection. 0:06:38.200000 --> 0:06:44.320000 Now, with endpoint protection, security center simply validates the presence 0:06:44.320000 --> 0:06:49.000000 of anti-malware software on your VMs. 0:06:49.000000 --> 0:06:51.540000 And so what this is going to do, it's going to monitor the efficacy of 0:06:51.540000 --> 0:06:52.600000 your endpoint protection. 0:06:52.600000 --> 0:07:00.320000 Now, endpoint protection does not in and of itself provide direct protection. 0:07:00.320000 --> 0:07:06.220000 Rather, endpoint protection, under very specific circumstances, can be 0:07:06.220000 --> 0:07:09.740000 installed via an extension. 0:07:09.740000 --> 0:07:13.040000 Now, I'm going to show you this in demonstration in just a moment. 0:07:13.040000 --> 0:07:17.240000 But it is important to understand that security center itself does not 0:07:17.240000 --> 0:07:19.020000 provide the endpoint protection. 0:07:19.020000 --> 0:07:21.980000 It simply monitors for it. 0:07:21.980000 --> 0:07:26.040000 And the currently monitored endpoint protection, if you have one of these 0:07:26.040000 --> 0:07:28.480000 installed on your machine, they're going to be picked up. 0:07:28.480000 --> 0:07:32.360000 And you can see the ones that we have, Windows Defender, System Center, 0:07:32.360000 --> 0:07:40.380000 Endpoint Protection, Trend Micro, Semantic, McAfee, and Sophos. 0:07:40.380000 --> 0:07:46.020000 And so it's going to look when your machines are being analyzed, when 0:07:46.020000 --> 0:07:49.140000 they're being monitored, it's going to look for those endpoint, really 0:07:49.140000 --> 0:07:53.800000 those anti-malware systems being installed, and let you know if a machine 0:07:53.800000 --> 0:07:56.800000 does not have one of those installed. 0:07:56.800000 --> 0:08:01.080000 All right, so those are just some big pictures. 0:08:01.080000 --> 0:08:05.920000 Now, what I want to do is really kind of just dive through security center, 0:08:05.920000 --> 0:08:12.240000 look at what it does for VMs, including taking a look at remediating a 0:08:12.240000 --> 0:08:16.540000 missing implementation of endpoint protection. 0:08:16.540000 --> 0:08:26.800000 So let's, without further ado, pop in to, if I can find it, security center. 0:08:26.800000 --> 0:08:30.020000 There we go. I had it on the wrong screen. 0:08:30.020000 --> 0:08:31.980000 There, all right, this is my security center. 0:08:31.980000 --> 0:08:34.840000 Please ignore the 28% score. 0:08:34.840000 --> 0:08:37.520000 I swear I do know how to do security. 0:08:37.520000 --> 0:08:40.780000 Again, this is all just these things kind of come and go. 0:08:40.780000 --> 0:08:45.200000 And again, makes it easy to give you lots of, lots of examples of where 0:08:45.200000 --> 0:08:48.340000 it could come in and help you out. 0:08:48.340000 --> 0:08:52.640000 All right, now what I want to do is I'm going to go to a couple places. 0:08:52.640000 --> 0:08:56.540000 The most obvious is going to be compute and apps. 0:08:56.540000 --> 0:09:04.000000 And right here, what we have is a list of all of the recommendations that 0:09:04.000000 --> 0:09:10.940000 are made, essentially, that have been found that I need to take care of. 0:09:10.940000 --> 0:09:14.800000 Kubernetes service should be upgraded to a non-vulnerable Kubernetes version. 0:09:14.800000 --> 0:09:16.160000 I just want to point that out. 0:09:16.160000 --> 0:09:18.040000 I am totally good with that. 0:09:18.040000 --> 0:09:21.640000 Of course, I don't have authorized IP ranges set up yet. 0:09:21.640000 --> 0:09:24.520000 That's going to come later in a different video. 0:09:24.520000 --> 0:09:27.140000 But, you know, hey, I got one of them right. 0:09:27.140000 --> 0:09:33.100000 All right, now I can go through here and things like you can see the vulnerability 0:09:33.100000 --> 0:09:37.780000 assessment. Do I need to take a look at that? 0:09:37.780000 --> 0:09:44.420000 And, you know, many other things here and here is install endpoint protection 0:09:44.420000 --> 0:09:47.220000 solution on virtual machines. 0:09:47.220000 --> 0:09:53.980000 If I go there, what I'll notice is that I have a virtual machine, my demo 0:09:53.980000 --> 0:09:58.640000 sec virtual machine, and it does not have endpoint protection. 0:09:58.640000 --> 0:10:03.780000 None of those available endpoint protection options were found. 0:10:03.780000 --> 0:10:05.920000 So what I can do is I can say, OK, fine. 0:10:05.920000 --> 0:10:09.740000 I actually have a remediation right here. 0:10:09.740000 --> 0:10:14.520000 And it's going to, because this is a Windows machine, I can go ahead and 0:10:14.520000 --> 0:10:17.800000 install the Microsoft anti-malware. 0:10:17.800000 --> 0:10:21.100000 I was about to say, wall -marrow, but malware. 0:10:21.100000 --> 0:10:23.520000 And it's literally as simple as this. 0:10:23.520000 --> 0:10:25.420000 Now, I'm being a little cavalier. 0:10:25.420000 --> 0:10:27.840000 Obviously, you've got a workload running. 0:10:27.840000 --> 0:10:35.440000 You want to make sure that you are properly accounting for that workload. 0:10:35.440000 --> 0:10:40.900000 So, for example, even when I activate the Microsoft anti-malware, I have 0:10:40.900000 --> 0:10:45.680000 things like excluded files and locations, included files and extensions, 0:10:45.680000 --> 0:10:52.320000 processes that I don't want to be monitored, real-time protection. 0:10:52.320000 --> 0:10:53.320000 You can see the different options. 0:10:53.320000 --> 0:10:54.720000 There's many options here. 0:10:54.720000 --> 0:10:56.880000 I'm going to go ahead and just take the defaults. 0:10:56.880000 --> 0:11:01.780000 And that's it. That is actually going and installing the endpoint protection, 0:11:01.780000 --> 0:11:03.140000 the Microsoft endpoint protection. 0:11:03.140000 --> 0:11:05.460000 Now, you'll notice I've got two machines here. 0:11:05.460000 --> 0:11:09.360000 The other machine I had already resolved that problem. 0:11:09.360000 --> 0:11:14.160000 So, we're good. Now, again, really, this is kind of the idea. 0:11:14.160000 --> 0:11:15.880000 I've got this overview. 0:11:15.880000 --> 0:11:17.420000 I can go up here to the overview. 0:11:17.420000 --> 0:11:22.080000 And I've got this ability, by the way, I can go in and, you know, here's 0:11:22.080000 --> 0:11:24.420000 non-computing app resources. 0:11:24.420000 --> 0:11:26.320000 And I can drill down to the same thing there. 0:11:26.320000 --> 0:11:28.520000 And I can even get more specific. 0:11:28.520000 --> 0:11:29.720000 I've got a scale set. 0:11:29.720000 --> 0:11:33.300000 And I've got a whole bunch of things not right on the scale set. 0:11:33.300000 --> 0:11:35.640000 And that's fine for right now. 0:11:35.640000 --> 0:11:39.780000 But it just gives you an easy way to see, hopefully, in your case, how 0:11:39.780000 --> 0:11:43.860000 well you're doing, as far as following security best practices, in my 0:11:43.860000 --> 0:11:47.260000 case, all the fun ways that I can improve that. 0:11:47.260000 --> 0:11:52.380000 Now, all of these are generated based on security policy. 0:11:52.380000 --> 0:11:56.600000 And if I go and say, all right, let's see what we have here. 0:11:56.600000 --> 0:12:00.260000 Here's our new demonstrations. 0:12:00.260000 --> 0:12:02.880000 And here's what is being applied. 0:12:02.880000 --> 0:12:04.800000 And I can view effective policy. 0:12:04.800000 --> 0:12:09.160000 And this is showing me all of the actual policies that are being applied 0:12:09.160000 --> 0:12:12.220000 to my environment. 0:12:12.220000 --> 0:12:15.020000 Right? I believe this first one is compute and apps. 0:12:15.020000 --> 0:12:17.640000 All right. So that is security center. 0:12:17.640000 --> 0:12:20.120000 A couple of things to note about security center. 0:12:20.120000 --> 0:12:24.380000 Again, there are really two tiers of security center. 0:12:24.380000 --> 0:12:27.800000 There's the free tier, which doesn't do much. 0:12:27.800000 --> 0:12:31.180000 And pretty much all of the cool things I just showed you are for what's 0:12:31.180000 --> 0:12:35.560000 called standard tier, where you're going to pay a certain amount per month 0:12:35.560000 --> 0:12:42.580000 per server or other resource that is protected by security center. 0:12:42.580000 --> 0:12:44.780000 So just do be aware of that. 0:12:44.780000 --> 0:12:48.460000 There is a cost element that is associated with it. 0:12:48.460000 --> 0:12:53.800000 All right. Now, having said that, let's go ahead and let's go back to, 0:12:53.800000 --> 0:13:02.060000 our content. There's really just one more thing that I want to talk about. 0:13:02.060000 --> 0:13:05.360000 And that is system updates. 0:13:05.360000 --> 0:13:07.320000 And here's the idea. 0:13:07.320000 --> 0:13:14.120000 Okay. Let's say that you've got a virtual machine. 0:13:14.120000 --> 0:13:20.900000 Okay. And it is your responsibility to keep that virtual machine up to 0:13:20.900000 --> 0:13:23.100000 date. Okay. That's pretty simple. 0:13:23.100000 --> 0:13:24.880000 I've got my one VM. 0:13:24.880000 --> 0:13:28.840000 That's not going to be too much work. 0:13:28.840000 --> 0:13:31.400000 Got a VM. I'm just kind of popping there. 0:13:31.400000 --> 0:13:33.540000 Check it out. Everything's great. 0:13:33.540000 --> 0:13:38.160000 Right. But that works up until, of course, you're in an enterprise situation 0:13:38.160000 --> 0:13:44.820000 where you've got many virtual machines. 0:13:44.820000 --> 0:13:49.140000 Now, once you're in that situation, you know, connecting individually 0:13:49.140000 --> 0:13:51.760000 to each virtual machine isn't going to make a difference. 0:13:51.760000 --> 0:13:52.600000 There's a whole lot of sense. 0:13:52.600000 --> 0:13:54.100000 So we wouldn't want to do that. 0:13:54.100000 --> 0:13:59.060000 Okay. Instead, what we want is a system that will allow us to automate 0:13:59.060000 --> 0:14:04.720000 this, right? And automate this both for Windows and for Linux machines 0:14:04.720000 --> 0:14:08.120000 that are running in Azure and possibly also outside of Azure. 0:14:08.120000 --> 0:14:13.720000 Well, if we think about the automation process, there's really two parts 0:14:13.720000 --> 0:14:15.040000 of this that we need. 0:14:15.040000 --> 0:14:19.420000 One, we need to understand kind of what's going on in here. 0:14:19.420000 --> 0:14:30.720000 Right. So we need some way of logging that information, that status, right? 0:14:30.720000 --> 0:14:37.520000 We also need to be able to analyze that, analyze what updates are available, 0:14:37.520000 --> 0:14:46.380000 and have a process that could send those updates automatically to a virtual 0:14:46.380000 --> 0:14:52.900000 machine. Right. And then be able to do that across, of course, you get 0:14:52.900000 --> 0:15:04.520000 the idea. Multiple virtual machines that is, you know, really what you 0:15:04.520000 --> 0:15:08.600000 want. And there is a tool for this, a framework for this really built 0:15:08.600000 --> 0:15:16.760000 into Azure. Now, the framework that's built into Azure is not the only 0:15:16.760000 --> 0:15:18.980000 automation framework that you can find. 0:15:18.980000 --> 0:15:22.260000 In fact, it's not the only automation framework that Microsoft provides, 0:15:22.260000 --> 0:15:26.840000 right? If you are familiar with on -premises Windows Server, you know, 0:15:26.840000 --> 0:15:28.920000 that their systems have been around for quite a while. 0:15:28.920000 --> 0:15:34.060000 But in Azure, there is a solution that works. 0:15:34.060000 --> 0:15:37.080000 Now, it uses a number of different Azure components, right? 0:15:37.080000 --> 0:15:45.680000 And what it is at the heart, really, is that it is a log analytics solution. 0:15:45.680000 --> 0:15:49.920000 If you're familiar with log analytics, there are solutions that allow 0:15:49.920000 --> 0:15:54.760000 you to use it in sophisticated and very functional ways. 0:15:54.760000 --> 0:15:59.040000 If you're not familiar with log analytics at INE, there's lots of videos 0:15:59.040000 --> 0:16:01.940000 that go through various aspects of log analytics. 0:16:01.940000 --> 0:16:03.360000 So you can always look that up. 0:16:03.360000 --> 0:16:07.260000 But in any case, your system updates, the end of the day, what this really 0:16:07.260000 --> 0:16:14.440000 is, is a log analytics solution that tracks and manages updates and patches 0:16:14.440000 --> 0:16:15.600000 for Windows and Linux. 0:16:15.600000 --> 0:16:22.460000 Simple as that. Now, this solution actually is made up of several Azure 0:16:22.460000 --> 0:16:27.200000 resources. First of all, you have to have log analytics. 0:16:27.200000 --> 0:16:29.900000 I don't have that listed there, but it's a log analytics solution, so 0:16:29.900000 --> 0:16:35.080000 that's assumed. The log analytics agent must be on Windows or Linux, and 0:16:35.080000 --> 0:16:40.140000 it must be reporting to the log analytics workspace that you have the 0:16:40.140000 --> 0:16:41.660000 solution installed on. 0:16:41.660000 --> 0:16:48.180000 You also need to have a utility on the virtual machines that are going 0:16:48.180000 --> 0:16:50.780000 to allow you to automate the update. 0:16:50.780000 --> 0:16:55.580000 On Linux, you need PowerShell DSC for Linux, which, by the way, you can 0:16:55.580000 --> 0:16:58.240000 install via an Azure extension. 0:16:58.240000 --> 0:17:03.320000 And for Windows machines, you either need Microsoft update, or you need 0:17:03.320000 --> 0:17:08.260000 the Windows Server Update Services, commonly known as WSUS. 0:17:08.260000 --> 0:17:12.140000 Now, if you think about that, that's part of it, but then you also need 0:17:12.140000 --> 0:17:13.900000 an automation component. 0:17:13.900000 --> 0:17:17.300000 And so we have an automation hybrid runbook worker. 0:17:17.300000 --> 0:17:21.740000 This is going to work both on premises as well as just standard automation 0:17:21.740000 --> 0:17:24.840000 account for your Azure environment. 0:17:24.840000 --> 0:17:30.820000 Now, the supported OS's that are available, and you can kind of see this. 0:17:30.820000 --> 0:17:34.380000 So Windows 2012 and above is going to have full support. 0:17:34.380000 --> 0:17:40.320000 Windows 2008 R2, you can do assessments, but you cannot actually run full 0:17:40.320000 --> 0:17:43.960000 support. Now, that's the kind of distinction, by the way, if you're going 0:17:43.960000 --> 0:17:46.700000 to take an exam, I'm not saying that would be on your exam. 0:17:46.700000 --> 0:17:50.400000 Honestly, I don't know if it was on my exam or not, but that is the kind 0:17:50.400000 --> 0:17:54.220000 of distinction that Microsoft loves to ask you about if you are not. 0:17:54.220000 --> 0:17:55.500000 So, I'm going to take an exam. 0:17:55.500000 --> 0:18:03.180000 Also notice that there are four official distros of Linux, sent OS 6 and 0:18:03.180000 --> 0:18:09.580000 7, red hat enterprise 6 and 7, SUS Linux, enterprise server 11 and 12, 0:18:09.580000 --> 0:18:13.320000 and Ubuntu 1404, 1604 and 1804. 0:18:13.320000 --> 0:18:17.280000 I realize that's more than four, but it's variations of the four basic 0:18:17.280000 --> 0:18:25.180000 distros. Okay, so that solution, that update solution allows you to implement 0:18:25.180000 --> 0:18:31.400000 an important component of your overall virtual machine protection and 0:18:31.400000 --> 0:18:33.220000 security. And that's really what we talked about here. 0:18:33.220000 --> 0:18:36.880000 We talked about the things you can do, the tools you can use like security 0:18:36.880000 --> 0:18:41.860000 center and how that makes really easy to go ahead and really automate 0:18:41.860000 --> 0:18:45.700000 the process of monitoring and alerting for your virtual machines. 0:18:45.700000 --> 0:18:49.420000 And then also that process of automating system updates.