π Azure Virtual Machine Endpoint Protection is not installed π’
- Contextual name: π Endpoint Protection is not installed π’
- ID:
/ce/ca/azure/virtual-machine/endpoint-protection - Located in: π Azure Virtual Machines
Flagsβ
- π’ Impossible policy
- π’ Policy with categories
- π’ Policy with type
Our Metadataβ
- Policy Type:
COMPLIANCE_POLICY - Policy Category:
SECURITY
Similar Policiesβ
- Cloud Conformity
Descriptionβ
Descriptionβ
Install endpoint protection for all virtual machines.
Rationaleβ
Installing endpoint protection systems (like anti-malware for Azure) provides for real-time protection capability that helps identify and remove viruses, spyware, and other malicious software. These also offer configurable alerts when known-malicious or unwanted software attempts to install itself or run on Azure systems.
Impactβ
Endpoint protection will incur an additional cost to you.
Auditβ
From Azure Portalβ
- Go to
Security Center.- Click the
Recommendationsblade.- Ensure that there are no recommendations for
Endpoint Protection not installed on Azure VMs.From Azure CLIβ
az vm show -g <MyResourceGroup> -n <MyVm> -d --query "resources[?type=='Microsoft.Compute/virtualMachines/extensions'].{ExtensionName:name}" -o tableIf extensions are installed, it will list the installed extensions:
EndpointSecurity || TrendMicroDSA* || Antimalware || EndpointProtection || SCWPAgent || PortalProtectExtension* || FileSecurity*
... [see more](description.md)
Remediationβ
Remediationβ
Follow Microsoft Azure documentation to install endpoint protection from the security center. Alternatively, you can employ your own endpoint protection tool for your OS.
policy.yamlβ
Linked Framework Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ CIS Azure v2.1.0 β πΌ 7.6 Ensure that Endpoint Protection for all Virtual Machines is installed - Level 2 (Manual) | 1 | |||
| πΌ CIS Azure v3.0.0 β πΌ 8.8 Ensure that Endpoint Protection for all Virtual Machines is installed (Manual) | 1 | |||
| πΌ Cloudaware Framework β πΌ Threat Protection | 25 |