Configure Microsoft Defender for Servers to the Standard tier and P2#
Security · Microsoft Defender for Cloud · Rule · 2022_09 · Critical
Enable Microsoft Defender for Servers.
Description#
Microsoft Defender for Servers automatically deploys an agent into your Windows and Linux machines to protect them.
With the unified integration of Microsoft Defender for Endpoint (MDE) you benefit from features like:
- Threat and vulnerability management : to discover vulnerabilities and misconfigurations in real time
- Security Policy and Regulatory Compliance integration
- Qualys integration for real time identification of vulnerabilities without any license needed
- Threat detection at OS level, network layer and control plane
- Just-in-time (JIT) access : to reduce your machine's surface attack
- And more.
Recommendation#
Consider using Microsoft Defender for Servers P2 to protect your virtual machines.
Examples#
Configure with Azure template#
To enable Defender for Servers:
- Set the
Standard
pricing tier for Microsoft Defender for Servers and set theP2
sub plan.
For example:
Azure Template snippet
{
"type": "Microsoft.Security/pricings",
"apiVersion": "2022-03-01",
"name": "VirtualMachines",
"properties": {
"pricingTier": "Standard",
"subPlan": "P2"
}
}
Configure with Bicep#
To enable Defender for Servers:
- Set the
Standard
pricing tier for Microsoft Defender for Servers and set theP2
sub plan.
For example:
Azure Bicep snippet
resource defenderForServers 'Microsoft.Security/pricings@2022-03-01' = {
name: 'VirtualMachines'
properties: {
pricingTier: 'Standard',
subPlan: 'P2'
}
}
Configure with Azure CLI#
Configure with Azure PowerShell#
Notes#
This rule applies when analyzing resources deployed (in-flight) to Azure.
Links#
- Monitor Azure resources in Microsoft Defender for Cloud
- Introduction to Microsoft Defender for Containers
- Azure Monitor agent auto-provisioning