AzPolicyAdvertizer

last sync: 2025-Aug-26 17:22:56 UTC

Deploy default Microsoft IaaSAntimalware extension for Windows Server

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy default Microsoft IaaSAntimalware extension for Windows Server
Id 2835b622-407b-4114-9198-6f7064cbe0dc
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Compute
Microsoft Learn
Description This policy deploys a Microsoft IaaSAntimalware extension with a default configuration when a VM is not configured with the antimalware extension.
Cloud environments AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown
Available in AzUSGov Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Fixed
deployIfNotExists
RBAC role(s)
Role Name Role Id
Virtual Machine Contributor 9980e02c-c2be-4d73-94e8-173b1dc7cf3c
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id		 True
True
True

False
False
False
Microsoft.Compute/imageSKU Microsoft.Compute
Microsoft.Compute
Microsoft.Compute		 virtualMachines
virtualMachineScaleSets
disks		 properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id		 True
True
True

False
False
False
THEN-ExistenceCondition (2)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/publisher Microsoft.Compute virtualMachines/extensions properties.publisher True False
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type True False
Rule resource types IF (1)
THEN-Deployment (1)
Compliance
The following 10 compliance controls are associated with this Policy definition 'Deploy default Microsoft IaaSAntimalware extension for Windows Server' (2835b622-407b-4114-9198-6f7064cbe0dc)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CMMC_L2_v1.9.0 SI.L1_3.14.2 CMMC_L2_v1.9.0_SI.L1_3.14.2 Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 SI.L1 3.14.2 System and Information Integrity Malicious Code Protection Shared Provide protection from malicious code at appropriate locations within organizational information systems. To the integrity, confidentiality, and availability of information assets. 19
CMMC_L2_v1.9.0 SI.L1_3.14.4 CMMC_L2_v1.9.0_SI.L1_3.14.4 Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 SI.L1 3.14.4 System and Information Integrity Update Malicious Code Protection Shared Update malicious code protection mechanisms when new releases are available. To effectively defend against new and evolving malware threats, minimize the risk of infections, and maintain the security of their information systems and data. 19
CMMC_L2_v1.9.0 SI.L1_3.14.5 CMMC_L2_v1.9.0_SI.L1_3.14.5 Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 SI.L1 3.14.5 System and Information Integrity System & File Scanning Shared Perform periodic scans of the information system and real time scans of files from external sources as files are downloaded, opened, or executed. To identify and mitigate security risks, prevent malware infections and minimise the impact of security breaches. 19
hipaa 0201.09j1Organizational.124-09.j hipaa-0201.09j1Organizational.124-09.j 0201.09j1Organizational.124-09.j 02 Endpoint Protection 0201.09j1Organizational.124-09.j 09.04 Protection Against Malicious and Mobile Code Shared n/a Anti-virus and anti-spyware are installed, operating and updated on all end-user devices to conduct periodic scans of the systems to identify and remove unauthorized software. Server environments for which the server software developer specifically recommends not installing host-based anti-virus and anti-spyware software are addressed via a network-based malware detection (NBMD) solution. 14
PCI_DSS_v4.0.1 5.2.1 PCI_DSS_v4.0.1_5.2.1 PCI DSS v4.0.1 5.2.1 Protect All Systems and Networks from Malicious Software An anti-malware solution(s) is deployed on all system components, except for those system components identified in periodic evaluations per Requirement 5.2.3 that concludes the system components are not at risk from malware Shared n/a Examine system components to verify that an anti-malware solution(s) is deployed on all system components, except for those determined to not be at risk from malware based on periodic evaluations per Requirement 5.2.3. For any system components without an anti-malware solution, examine the periodic evaluations to verify the component was evaluated and the evaluation concludes that the component is not at risk from malware 19
PCI_DSS_v4.0.1 5.2.2 PCI_DSS_v4.0.1_5.2.2 PCI DSS v4.0.1 5.2.2 Protect All Systems and Networks from Malicious Software The deployed anti-malware solution(s) detects all known types of malware and removes, blocks, or contains all known types of malware Shared n/a Examine vendor documentation and configurations of the anti-malware solution(s) to verify that the solution detects all known types of malware and removes, blocks, or contains all known types of malware 19
PCI_DSS_v4.0.1 5.2.3 PCI_DSS_v4.0.1_5.2.3 PCI DSS v4.0.1 5.2.3 Protect All Systems and Networks from Malicious Software Any system components that are not at risk for malware are evaluated periodically to include the following: a documented list of all system components not at risk for malware, identification and evaluation of evolving malware threats for those system components, confirmation whether such system components continue to not require anti-malware protection Shared n/a Examine documented policies and procedures to verify that a process is defined for periodic evaluations of any system components that are not at risk for malware that includes all elements specified in this requirement. Interview personnel to verify that the evaluations include all elements specified in this requirement. Examine the list of system components identified as not at risk of malware and compare to the system components without an anti-malware solution deployed per Requirement 5.2.1 to verify that the system components match for both requirements 19
PCI_DSS_v4.0.1 5.3.1 PCI_DSS_v4.0.1_5.3.1 PCI DSS v4.0.1 5.3.1 Protect All Systems and Networks from Malicious Software The anti-malware solution(s) is kept current via automatic updates Shared n/a Examine anti-malware solution(s) configurations, including any master installation of the software, to verify the solution is configured to perform automatic updates. Examine system components and logs, to verify that the anti-malware solution(s) and definitions are current and have been promptly deployed 19
PCI_DSS_v4.0.1 5.3.2 PCI_DSS_v4.0.1_5.3.2 PCI DSS v4.0.1 5.3.2 Protect All Systems and Networks from Malicious Software The anti-malware solution(s) performs periodic scans and active or real-time scans, or performs continuous behavioral analysis of systems or processes Shared n/a Examine anti-malware solution(s) configurations, including any master installation of the software, to verify the solution(s) is configured to perform at least one of the elements specified in this requirement. Examine system components, including all operating system types identified as at risk for malware, to verify the solution(s) is enabled in accordance with at least one of the elements specified in this requirement. Examine logs and scan results to verify that the solution(s) is enabled in accordance with at least one of the elements specified in this requirement 19
PCI_DSS_v4.0.1 5.3.3 PCI_DSS_v4.0.1_5.3.3 PCI DSS v4.0.1 5.3.3 Protect All Systems and Networks from Malicious Software For removable electronic media, the anti-malware solution(s) performs automatic scans of when the media is inserted, connected, or logically mounted, or performs continuous behavioral analysis of systems or processes when the media is inserted, connected, or logically mounted Shared n/a Examine anti-malware solution(s) configurations to verify that, for removable electronic media, the solution is configured to perform at least one of the elements specified in this requirement. Examine system components with removable electronic media connected to verify that the solution(s) is enabled in accordance with at least one of the elements as specified in this requirement. Examine logs and scan results to verify that the solution(s) is enabled in accordance with at least one of the elements specified in this requirement 19
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: Motion Picture Association of America (MPAA) 92646f03-e39d-47a9-9e24-58d60ef49af8 Regulatory Compliance Preview BuiltIn unknown
Cybersecurity Maturity Model Certification (CMMC) Level 2 v1.9.0 a4087154-2edb-4329-b56a-1cc986807f3c Regulatory Compliance GA BuiltIn unknown
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn unknown
PCI DSS v4.0.1 a06d5deb-24aa-4991-9d58-fa7563154e31 Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-05-27 20:20:35 change Minor (1.0.0 > 1.1.0)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC