Folders that may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint

Folders that may have to be excluded from antivirus scanning in SharePoint

Note In the following sections, the placeholder Drive represents the letter of the drive on which you have your SharePoint application installed. Typically, this drive letter is C.

SharePoint Server 2016

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:

• Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions
  
  If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following folders: 
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16/Logs
• Drive:\Program Files\Microsoft Office Servers\16.0\Data\Office Server\Applications
• Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files
• Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config
• Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir
  
  Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
• Drive:\ProgramData\Microsoft\SharePoint
• Drive:\Users\account that the search service is running as\AppData\Local\Temp
  
  Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically must write.
• Drive:\WINDOWS\System32\LogFiles
• Drive:\Windows\Syswow64\LogFiles
  
  Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
  • Drive:\Users\ServiceAccount\AppData\Local\Temp
  • Drive:\Users\Default\AppData\Local\Temp

You should also exclude all the virtual directory folders under Drive:\inetpub\wwwroot\wss\VirtualDirectories and all the folders under Drive:\inetpub\temp\IIS Temporary Compressed Files.

SharePoint Server 2013

You may have to configure the antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2013. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:

• Drive:\Program Files\Microsoft Office Servers\15.0\Data
  
  (This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
• Drive:\Program Files\Microsoft Office Servers\15.0\Logs
• Drive:\Program Files\Microsoft Office Servers\15.0\Bin
• Drive:\Program Files\Microsoft Office Servers\15.0\Synchronization Service
• Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache).

Note If you have SharePoint Server 2013, these folders should be excluded in addition to the folders that are listed in the "SharePoint Foundation 2013" section.

SharePoint Foundation 2013

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:

• Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions
  
  If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\Logs
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\Data\Applications
    
    Note The Applications folder must be excluded only if the computer is running the SharePoint Foundation Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
• Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files
• Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config
• Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir
  
  Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
• Drive:\ProgramData\Microsoft\SharePoint
• Drive:\Users\account that the search service is running as\AppData\Local\Temp
  
  Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
• Drive:\WINDOWS\System32\LogFiles
• Drive:\Windows\Syswow64\LogFiles
  
  Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
  • Drive:\Users\ServiceAccount\AppData\Local\Temp
  • Drive:\Users\Default\AppData\Local\Temp
  
  You should also exclude all the virtual directory folders under Drive:\inetpub\wwwroot\wss\VirtualDirectories\ and all the folders under Drive:\inetpub\temp\IIS Temporary Compressed Files\.

SharePoint Foundation 2010

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:

• Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions
  
  If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Logs
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Data\Applications
    
    Note The Applications folder must be excluded only if the computer is running the SharePoint Foundation Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
• Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
• Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Config
• Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir
  
  Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
• Drive:\ProgramData\Microsoft\SharePoint
• Drive:\Users\account that the search service is running as\AppData\Local\Temp
  
  Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
• Drive:\WINDOWS\system32\LogFiles
• Drive:\Windows\Syswow64\LogFiles
  
  Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
  • Drive:\Users\ServiceAccount\AppData\Local\Temp
  • Drive:\Users\Default\AppData\Local\Temp
  
  You should also exclude all the virtual directory folders under Drive:\inetpub\wwwroot\wss\VirtualDirectories\ and all the folders under Drive:\inetpub\temp\IIS Temporary Compressed Files\.
  

SharePoint Server 2010

You may have to configure your antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2010. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:

• Drive:\Program Files\Microsoft Office Servers\14.0\Data
  
  (This folder is used for the indexing process. If the Index files are configured to be located in a different folder, you also have to exclude that location.)
• Drive:\Program Files\Microsoft Office Servers\14.0\Logs
• Drive:\Program Files\Microsoft Office Servers\14.0\Bin
• Drive:\Program Files\Microsoft Office Servers\14.0\Synchronization Service
• Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache)
  
  For more information about the binary large object cache, go to the following Microsoft website:
  Disk-based BLOB caching

Note If you have SharePoint Server 2010, these folders should be excluded in addition to the folders that are listed in the "SharePoint Foundation 2010" section.

Windows SharePoint Services 3.0

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:

• Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions
  
  If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Logs
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications
    
    Note The Applications folder must be excluded only if the computer is running the Windows SharePoint Services Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
• Drive:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files
• Drive:\Windows\Microsoft.NET\Framework\v2.0.50727\Config
  
  Note If you are running a 64-bit version of Windows, you should also include the following directory:
  • Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
  • Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Config
• Windows Server 2003: Drive:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config
  Windows Server 2008 and later versions: Drive:\ProgramData\Microsoft\SharePoint\Config
• Drive:\Windows\Temp\WebTempDir
  
  Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
• Drive:\Documents and Settings\account that the search service is running as\Local Settings\Temp\
• Drive:\Users\the account the search service is running as\Local\Temp\
  
  Note The search account creates a folder in the "gthrsvc Temp" folder to which it periodically has to write.
• Drive:\WINDOWS\system32\LogFiles
• Drive:\Windows\Syswow64\LogFiles
  
  Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
  • Drive:\Documents and Settings\ServiceAccount\Local Settings\Application Data
  • Drive:\Users\ServiceAccount\Local
  • Drive:\Documents and Settings\ServiceAccount\Local Settings\Temp
  • Drive:\Users\ServiceAccount\Local\Temp
• Drive:\Documents and Settings\Default User\Local Settings\Temp
• Drive:\Users\Default\AppData\Local\Temp

SharePoint Server 2007

You may have to configure your antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2007. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:

• Drive:\Program Files\Microsoft Office Servers\12.0\Data.
  
  (This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
• Drive:\Program Files\Microsoft Office Servers\12.0\Logs
• Drive:\Program Files\Microsoft Office Servers\12.0\Bin
• Any location in which you decide to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache)
  
  For more information about the binary large object cache, go to the following Microsoft website:
  Configure disk-based cache settings

Note If you have SharePoint Server 2007, these folders should be excluded in addition to the folders that are listed in the "Windows SharePoint Services 3.0" section.

Note When you install SharePoint Server 2007 or apply a hotfix to an existing installation of SharePoint Server 2007, you may have to disable the real-time option of the antivirus software. Or, you may have to exclude the Drive:\Windows\Temp folder from antivirus scanning if this is required.

For more information about error messages that may occur when antivirus software scans occur in SharePoint Portal Server 2001 and in SharePoint Portal Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:

320111 Random errors may occur when antivirus software scans Microsoft Web Storage System in SharePoint Portal Server 2001 and in SharePoint Portal Server 2003

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

910449 Troubleshooting common permissions and security-related issues in ASP.NET

813833 PRB: "Access Denied" error messages when you do not put strong-named assemblies in the global assembly cache

Convert Visual Studio Sharepoint 2010 project to Sharepoint 2013 project

Are you working on migration of the several sites from Sharepoint 2010 to Sharepoint 2013, having several standard Sharepoint 2010 Visual Studio projects (wsps) in solution which contain customizations. As we didn't find standard way of changing target platform in Visual Studio from Sharepoint 2010 to 2013,normally developers create new empty Sharepoint 2013 project in Visual Studio 2012 and manually copied all files there. Also we changed references to Microsoft.SharePoint.dll and all other Sharepoint assemblies from 14 to 15 (Sharepoint 2013 is built on top of .Net 4.5, so its assemblies are located in different GAC: C:\Windows\Microsoft.NET\assembly\, not in C:\Windows\assembly\ as it was before. Here is the good forum thread about why MS put .Net 4 to the new GAC: .NET 4.0 has a new GAC, why?). After that we packaged wsp and compare content with comparison tool.

The above described way worked, but it took some time to move all files from old project and verify that we didn't miss anything.

There are a better way to do it quickly and to ensure nothing left behind.

In order to change target platform to Sharepoint 2013 you need to do the following. Edit your .csproj file in the notepad and replace value for TargetFrameworkVersion tag from v3.5 to v4.5. Then add TargetOfficeVersion tag right after it:

<TargetOfficeVersion>15.0</TargetOfficeVersion>

So it should look like this after the changes:

Then go to Package subfolder in your project folder and edit Package.package file: add attribute sharePointProductVersion="15.0" after existing resetWebServer attribute.

After that just reload your .csproj in Visual Studio 2012 (it will automatic upgrade of .csproj), change references to the 15 API, recompile it and package wsp.

Ref: http://sadomovalex.blogspot.co.uk/2013/02/convert-visual-studio-sharepoint-2010.html

https://threewill.com/how-to-migrate-a-sharepoint-2010-solution-to-2013/

Wondering which cloud platform is right for you | Microsoft Azure vs. Amazon Web Services (AWS)

As the leading public cloud platforms, Microsoft Azure and Amazon Web Services (AWS) each offer businesses a broad and deep set of capabilities with global coverage. Yet many organizations choose to use both platforms together for greater choice and flexibility, as well as to spread their risk and dependencies with a multi-cloud approach. Consulting companies and software vendors may also want to build on and use both Azure and AWS as this combination represents the majority of the cloud market demand.

To help decide which platform is right for your needs, we've created a reference chart below to show each IT capability along with its corresponding service or feature in both Azure and AWS. In some cases, you'll see multiple services listed because these fall into the same category but the depth and breadth of the capabilities provided will vary.

Azure's integrated tools, unified services, and proven solutions help you build enterprise, mobile, web, and Internet of Things (IoT) apps faster, for virtually any platform or device. Any developer can be productive on Azure, not just those with DevOps skills or Windows expertise, because Azure supports the broadest selection of devices, operating systems, databases, languages, frameworks, and tools. Don't want to manage virtual infrastructure? You don't have to on Azure. By contrast, AWS puts the burden of integrating different services on you.

REF :https://azure.microsoft.com/en-us/campaigns/azure-vs-aws/mapping/

----

Compute

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Virtual servers	EC2	Virtual Machines	Virtual servers allow users deploy, manage, and maintain OS and server software. Instance types provide combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.
Auto scale	Auto Scaling	VM Scale Sets App Service AutoScaling	Lets you automatically change the number of instances providing a particular compute workload. You set defined metric and thresholds that determine if the platform adds or removes instances.
Virtual server disk infrastructure	Elastic Block Store (EBS)	Page Blobs Premium Storage	Provides persistent, durable storage volumes for use with virtual machines, and offers the option to select different underlying physical storage types and performance characteristics.
Container management	EC2 Container Service	Container Service	A container management service that supports Docker containers and allows users to run applications on managed instance clusters. It eliminates the need to operate cluster management software or design fault-tolerant cluster architectures.
Backend process logic	Lambda	Functions Web Jobs Logic Apps	Used to integrate systems and run backend processes in response to events or schedules without provisioning or managing servers.
Job-based applications		Batch	Orchestration of the tasks and interactions between compute resources that are needed when you require processing across hundreds or thousands of compute nodes.
Microservice-based applications		Service Fabric	A compute service that orchestrates and manages the execution, lifetime, and resilience of complex, inter-related code components that can be either stateless or stateful.
Web applications	Elastic Beanstalk	Web Apps Cloud Services	A fully managed web infrastructure that provides the underlying web server instances and surrounding security, management, resilience, and shared storage capabilities.
API-based application runtime		API Apps	Build, manage, and host APIs enabling a variety of languages and SDKs with built-in authentication and analytics.
Disaster recovery		Site Recovery	Automates protection and replication of virtual machines. Offers health monitoring, recovery plans, and recovery plan testing.
Predefined templates	AWS Quick Start	Azure Quickstart templates	Community-led templates for creating and deploying virtual machine-based solutions.
Marketplace	AWS Marketplace	Azure Marketplace	Easy-to-deploy and automatically configured third-party applications, including single virtual machine or multiple virtual machine solutions.

Storage and content delivery

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Object storage	S3	Blob Storage	Object storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.
Shared file storage	Elastic File System (Preview)	File Storage	Provides a simple interface to create and configure file systems quickly, and share common files. It's shared file storage without the need for a supporting virtual machine, and can be used with traditional protocols that access files over a network.
Archiving and backup	N/A (software) Glacier and S3 (storage)	Backup (software) Blob Storage (storage)	Backup and archival solutions allow files and folders to be backed up and recovered from the cloud, and provides off-site protection against data loss. There are two components of backup—the software service that orchestrates backup/retrieval and the underlying backup storage infrastructure.
Hybrid storage	Storage Gateway	StorSimple	Integrates on-premises IT environments with cloud storage. Automates data management and storage, plus supports in disaster recovery.
Data transport	Import/Export Snowball	Import/Export	A data transport solution that uses secure disks and appliances to transfer large amounts of data. Also offers data protection during transit.
Content delivery	CloudFront	Content Delivery Network	A global content delivery network that delivers audio, video, applications, images, and other files.

Networking

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Networking	Virtual Private Cloud	Virtual Network	Provides an isolated, private environment in the cloud. Users have control over their virtual networking environment, including selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways.
Domain name system (DNS)	Route 53	DNS (Preview) Traffic Manager	A service that hosts domain names, plus routes users to Internet applications, connects user requests to datacenters, manages traffic to apps, and improves app availability with automatic failover.
Dedicated network	Direct Connect	ExpressRoute	Establishes a dedicated, private network connection from a location to the cloud provider (not over the Internet).
Load balancing	Elastic Load Balancing	Load Balancer Application Gateway	Automatically distributes incoming application traffic to add scale, handle failover, and route to a collection of resources.

Database

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Relational database	RDS	SQL Database	Relational database-as-a-service (DBaaS) where the database resilience, scale, and maintenance are primarily handled by the platform.
NoSQL database	DynamoDB	DocumentDB	A NoSQL document database service that automatically indexes JSON data for applications that require rich query and multi-document transactions.
Data warehouse	Redshift	SQL Data Warehouse (Preview)	A fully managed data warehouse that analyzes data using business intelligence tools. It can transact SQL queries across relational and non-relational data.
Table storage	DynamoDB SimpleDB	Table Storage	A non-relational data store for semi-structured data. Developers store and query data items via web services requests.
Caching	ElastiCache	Azure Redis Cache	An in-memory based, distributed caching service that provides a high-performance store typically used to offload non-transactional work from a database.
Database migration	Database Migration Service	SQL Database Migration Wizard	Typically is focused on the migration of database schema and data from one database format to a specific database technology in the cloud.

Analytics and big data

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Big data processing	Elastic MapReduce (EMR)	HDInsight	Supports technologies that break up large data processing tasks into multiple jobs, and then combine the results together to enable massive parallelism.
Data orchestration	Data Pipeline	Data Factory	Processes and moves data between different compute and storage services, as well as on-premises data sources at specified intervals. Users can create, schedule, orchestrate, and manage data pipelines.
Analytics	Kinesis Analytics (Preview)	Stream Analytics Data Lake Analytics (Preview) Data Lake Store (Preview)	Storage and analysis platforms that creates insights from large quantities of data, or data that originates from many sources.
Visualization	QuickSight (Preview)	Power BI	Business intelligence tools that build visualizations, perform ad-hoc analysis, and develop business insights from data.
Machine learning	Machine Learning	Machine Learning	Produces an end-to-end workflow to create, process, refine, and publish predictive models that can be used to understand what might happen from complex data sets.
Search	Elasticsearch Service	Search	Delivers full-text search and related search analytics and capabilities.
Data discovery		Data Catalog (Preview)	Provides the ability to better register, enrich, discover, understand, and consume data sources.

Internet of Things

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Streaming data	Kinesis Firehose Kinesis Streams	Event Hubs	Services that allow the mass ingestion of small data inputs, typically from devices and sensors, to process and route the data.
Internet of Things	IoT (Preview)	IoT Hub	Lets connected devices to interact with cloud applications and other devices to captures and analyze real-time data.

Mobile services

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Pro app development	Mobile Hub (Beta) Cognito	Mobile Apps	Backend mobile services for rapid development of mobile solutions, plus provide identity management, data synchronization, and storage and notifications across devices.
High-level app development		PowerApps	Model-driven application development for business applications with SaaS integration.
Analytics	Mobile Analytics	Mobile Engagement	Provides real-time analytics from mobile apps data, highlights app users' behavior, measures app usage, and tracks key trends.
Notification	Simple Notification Service	Notification Hubs	A push notification service that delivers messages instantly to applications or users. Messages can be sent to individual devices or can be broadcasted.

Application services

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Email	Simple Email Service		Lets users send transactional email, marketing messages, or any other type of content to customers.
Messaging	Simple Queue Service	Queue Storage Service Bus queues Service Bus topics Service Bus relay	Stores large numbers of messages that can be accessed from anywhere through authenticated calls using HTTP or HTTPS. A queue can contain millions of messages, up to the total capacity limit of a storage account, and may also support more complex topologies such as publish/subscribe.
Workflow	Simple Workflow Service	Logic Apps	A state tracker and task coordinator service that allows developers to build, run, and scale background activities using a visual processes flow creation.
App testing	Device Farm (Front End)	Xamarin Test Cloud (Front End) Azure DevTest Labs (Back End)	A range of services geared toward the orchestration of dev/test backend server and service application infrastructure, as well as front end client device and software testing and simulation.
API management	API Gateway	API Management	Allows developers to create, publish, maintain, monitor, and secure APIs. Handles processing concurrent API calls, including traffic management, authorization, access control, monitoring, and API version management.
Application streaming	AppStream	RemoteApp	Streams and delivers existing applications from the cloud to reach more users on more devices—without any code modifications.
Search	CloudSearch	Search	Sets up, manages, and scales a search solution for websites and applications.
Media transcoding	Elastic Transcoder	Encoding	A media transcoding service in the cloud that transcodes media files from their source format into versions that will playback on devices such as smartphones, tablets, and PCs.
Streaming		Live and on-demand streaming	Delivers content to virtually any device. Offers scalable streaming.
Others		Media Player Media Indexer Content Protection	Additional services related to the playing, protection, and analysis of the content within the media service.

Management and monitoring

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Deployment orchestration	OpsWorks CloudFormation	Resource Manager Automation VM extensions	Configures and operates applications of all shapes and sizes, and provides templates to create and manage a collection of resources.
Management and monitoring	CloudWatch CloudTrail	Log Analytics Azure portal Application Insights	Management and monitoring services for cloud resources and applications to collect, track, store, analyze, and deliver metrics and log files.
Optimization	Trusted Advisor		Provides analysis of cloud resource configuration and security so subscribers can ensure they're making use of best practices and optimum configurations.
Job scheduling		Scheduler	Runs jobs on simple or complex recurring schedules—now, later, or recurring.
Catalog service	Service Catalog		Creates and manages catalogs of approved IT services so users can quickly find and deploy them.
Administration	Config	Azure portal (audit logs)	Provides resource inventory, configuration history, and configuration change notifications for security and governance.
Programmatic access	Command Line Interface	Azure Command Line Interface (CLI) Azure PowerShell	Built on top of the native REST API across all cloud services, various programming language-specific wrappers provide easier ways to create solutions.

Security and identity

SUBCATEGORY	AWS SERVICE	AZURE SERVICE	DESCRIPTION
Authentication and authorization	Identity and Access Management Multi-Factor Authentication	Azure AD/Role-based access control Multi-Factor Authentication	Lets users securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.
Encryption	Key Management Service CloudHSM	Key Vault	Creates, controls, and protects the encryption keys used to encrypt data. HSM provides hardware-based key storage.
Firewall	Web Application Firewall		A firewall that protects web applications from common web exploits. Users can define customizable web security rules.
Security	Inspector (Preview)	Security Center (Preview)	An automated security assessment service that improves the security and compliance of applications. Automatically assess applications for vulnerabilities or deviations from best practices.
Directory	Directory Service	Azure Active Directory Azure Active Directory B2C Azure Active Directory Domain Services	Typically provides user/group properties that can be queried and used in applications. Also can provide capabilities to integrate to on-premises Active Directory services for single sign-on scenarios and SaaS management.