Ensure that all your Microsoft Azure virtual machines (VMs) have endpoint protection installed in order to help you identify and remove viruses, spyware and other malicious software. The Azure Security Center service monitors the status of anti-malware protection for Azure virtual machines (VMs) and highlights if there is insufficient protection, marking the virtual machines without endpoint protection as vulnerable to malware threats.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
When endpoint protection software such as Microsoft Antimalware is installed on your Azure virtual machines (VMs), it provides real-time protection capability that helps you identify and eliminate viruses, malware and other malicious software. This type of endpoint protection is also used to generate alerts when known malicious or unwanted software tries to install itself or run on your Azure VMs.
Audit
To determine if endpoint protection is installed on your Azure virtual machines, perform the following actions:
Remediation / Resolution
To install endpoint protection for your Microsoft Azure virtual machines using Azure Security Center and Azure API/CLI, perform the following actions:
Note: As an example, this section demonstrates how to install Microsoft Antimalware software extension as endpoint protection for Azure virtual machines (VMs). Alternatively, you can deploy your own endpoint protection software for your Azure VMs.References
- Azure Official Documentation
- Microsoft Antimalware for Azure Cloud Services and Virtual Machines
- Manage endpoint protection issues with Azure Security Center
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- az vm
- az vm list
- az vm extension
- az vm extension list
- az vm extension set