This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Don_Paterson
Advisor
‎2023-06-22 12:49 AM

Azure marketplace images security assurance

How can customers check the image before and after deployment and what has been put in place to guarentee that a market place image has not been injected with malicious code?

A downloadable iso file normally has a hash. What about the marketplace templates/images?

 

0 Kudos
6 Replies
G_W_Albrecht
Legend
Legend
‎2023-06-22 03:27 AM

Microsoft has a lot of web pages with Azure Security information covering every aspect, so i would start here: https://azure.microsoft.com/en-us/explore/security/

CCSE CCTE CCSM SMB Specialist
0 Kudos
Don_Paterson
Advisor
‎2023-06-22 05:09 AM
In response to G_W_Albrecht

Will that provide an answer to my questions specifically?

0 Kudos
G_W_Albrecht
Legend
Legend
‎2023-06-22 07:20 AM
In response to Don_Paterson

Why should that not do this ? Microsoft is responsible for the safety of Azure marketplace images, or have you proof that this is regulated differently ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
Don_Paterson
Advisor
‎2023-06-23 04:03 AM
In response to G_W_Albrecht

That Azure security page is more about marketing and might make one wonder why any other security solution might be required if Azure has so much resource behind cyber security...

My question is about security checks before and immediately after a deployment of a Check Point VM from the marketplace. It is a valid question that a customer can (and did) ask.

It is a technical question and specifically about the technical options that a Check Point customer may or may not have to validate an image/marketplace template deployment, in the same way as we check downloaded files integrity with a SHA1 or SHA256 checksum.

 

0 Kudos
PhoneBoy
Admin
Admin
‎2023-06-23 08:31 AM
In response to Don_Paterson

I understand the "trust but verify" mindset behind this question 🙂
Unfortunately, this is a question that can only truly be answered by the cloud vendor (Microsoft in this case).

0 Kudos
PhoneBoy
Admin
Admin
‎2023-06-22 11:08 AM

At least in Amazon, AMIs are created from a known good disk image prepared by the vendor. 
Once they're published, they cannot be updated without publishing a new AMI.
Unless the image included the malicious content "from the factory" the only way it could be infected would be post-deployment.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    Sort by:
    All CloudMates Events