Azure Sentinel Migration Fundamentals
This white paper is designed to give you an overview of best practices and considerations for transitioning your security operations to Microsoft Azure Sentinel. We’ll look at processes for a direct migration, as well as how to run Azure Sentinel in a side- by-side configuration with your legacy security information and event management (SIEM) solution. This paper also provides guidance on migrating completely away from your legacy solution, enabling you to enjoy the benefits of lower infrastructure costs, real-time threat analysis, and the easy scalability that comes with operating a cloud-native SIEM.
The information in this white paper is derived from experience we’ve gained in assisting numerous Microsoft customer migrations, as well as the experience of Microsoft’s own security operations center (SOC) in protecting our IT infrastructure.
This whitepaper will cover:
- Planning your migration to Azure Sentinel
- Starting your migration to the cloud
- Operating side by side with a legacy SIEM
- Finishing the migration away from a legacy SIEM
- Next steps and additional resources