| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1680 - Malicious Code Protection | Central Management | ||
| Id | 399cd6ee-0e18-41db-9dea-cde3bd712f38 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy 399cd6ee-0e18-41db-9dea-cde3bd712f38 |
||
| Additional metadata |
Name/Id: ACF1680 / Microsoft Managed Control 1680 Category: System and Information Integrity Title: Malicious Code Protection | Central Management Ownership: Customer, Microsoft Description: The organization centrally manages malicious code protection mechanisms. Requirements: Servers: Approved anti-malware tools such as System Center Endpoint Protection (SCEP), Microsoft Endpoint Protection (MEP), Microsoft Defender for Endpoint (MDE), and ClamAV are installed on all servers as a part of the centralized build process. The following functions are centrally managed by the appropriate anti-malware tool: * Automatic download and application of signature updates at least daily from the vendor's virus definition site * Periodic scans of the environment * Automatic scans of the environment * Alerting, cleaning, quarantine, and mitigation of detected malware * Centralized management of the anti-malware environment Network Devices Network devices do not natively support anti-malware software, but are protected through a combination of the server-based anti-malware software and the secure coding practices required by the Security Development Lifecycle (SDL), configuration management and control, supply chain processes, and in-depth logging and monitoring. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|