AzPolicyAdvertizer

last sync: 2025-Jul-18 17:23:11 UTC

[Deprecated]: Monitor missing Endpoint Protection in Azure Security Center

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: Monitor missing Endpoint Protection in Azure Security Center
Id af6cd1bd-1635-48cb-bde7-5b15693900b9
Version 3.1.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 2
3.1.0 (3.1.0-deprecated)
3.0.0
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Servers without an installed Endpoint Protection agent will be monitored by Azure Security Center as recommendations
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '3.2.0-deprecated'
Repository: Azure-Policy af6cd1bd-1635-48cb-bde7-5b15693900b9
Mode All
Type BuiltIn
Preview False
Deprecated True
Effect Default
Disabled
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/assessments/status.code Microsoft.Security assessments properties.status.code True False
Rule resource types IF (2)
Compliance
The following 2 compliance controls are associated with this Policy definition '[Deprecated]: Monitor missing Endpoint Protection in Azure Security Center' (af6cd1bd-1635-48cb-bde7-5b15693900b9)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
Azure_Security_Benchmark_v2.0 ES-2 Azure_Security_Benchmark_v2.0_ES-2 Azure Security Benchmark ES-2 Endpoint Security Use centrally managed modern anti-malware software Customer Use a centrally managed endpoint anti-malware solution capable of real time and periodic scanning Azure Security Center can automatically identify the use of a number of popular anti-malware solutions for your virtual machines and report the endpoint protection running status and make recommendations. Microsoft Antimalware for Azure Cloud Services is the default anti-malware for Windows virtual machines (VMs). For Linux VMs, use third-party antimalware solution. Also, you can use Azure Security Center's Threat detection for data services to detect malware uploaded to Azure Storage accounts. How to configure Microsoft Antimalware for Cloud Services and Virtual Machines: https://docs.microsoft.com/azure/security/fundamentals/antimalware Supported endpoint protection solutions: https://docs.microsoft.com/azure/security-center/security-center-services?tabs=features-windows#supported-endpoint-protection-solutions- n/a link 3
Azure_Security_Benchmark_v2.0 ES-3 Azure_Security_Benchmark_v2.0_ES-3 Azure Security Benchmark ES-3 Endpoint Security Ensure anti-malware software and signatures are updated Customer Ensure anti-malware signatures are updated rapidly and consistently. Follow recommendations in Azure Security Center: "Compute & Apps" to ensure all endpoints are up to date with the latest signatures. Microsoft Antimalware will automatically install the latest signatures and engine updates by default. For Linux, use third-party antimalware solution. How to deploy Microsoft Antimalware for Azure Cloud Services and Virtual Machines: https://docs.microsoft.com/azure/security/fundamentals/antimalware Endpoint protection assessment and recommendations in Azure Security Center:https://docs.microsoft.com/azure/security-center/security-center-endpoint-protection n/a link 2
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Deprecated]: Azure Security Benchmark v2 bb522ac1-bc39-4957-b194-429bcd3bcb0b Regulatory Compliance Deprecated BuiltIn true
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-10-31 18:50:28 change Minor, new suffix: deprecated (3.0.0 > 3.1.0-deprecated)
2021-01-05 16:06:49 change Major (2.0.0 > 3.0.0)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC