Microsoft’s Azure Security Center collects metadata from a variety of virtual machines, using that information to find and address security issues. The service now supports Windows Server 2008 R2 and higher, including Windows Server 2016.
Azure Security Center monitors Azure VMs, virtual networks, its SQL service, and partner solutions. Any detections appear as security alerts in the dashboard. The latest addition brings the total number of Windows VMs to four, including 2008 R2, 2012, 2012 R2, and 2016.
They will all feed into Microsoft’s existing information, resulting in a more secure experience. “Security Center leverages this metadata to identify security issues, such as missing system updates and vulnerable OS configurations, and applies behavioral analysis to detect malicious activity, such as an attacker executing code or attempts to persist on a compromised VM.“ said Sarah Fender, principal program manager, Azure Cybersecurity.
Linux Virtual Machines
Microsoft also supports the six most popular Linux VMs.Here’s a list of all the versions in full:
- “Ubuntu versions 12.04, 14.04, 16.04, 16.10
- Debian versions 7, 8
- CentOS versions 6.*, 7.*
- Red Hat Enterprise Linux (RHEL) versions 6.*, 7.*
- SUSE Linux Enterprise Server (SLES) versions 11.*, 12.*
- Oracle Linux versions 6.*, 7.*”
Fender also provided a short guide for enabling these protections in Azure via a ninety-day free trial:
- “Launch Security Center from the Azure portal
- Turn on data collection (if you have not done so already) to automatically provision the Monitoring Agent on all supported VMs
- Start the 90-Day free trial to enable behavioral analysis and other advanced threat detections.”