Forum Discussion
How to onboard an Azure VM manually to Microsoft Defender for Cloud ?
Hi, I know that when turn on the MDC to the subscription, all the new resouces belong to the subscription would be onboarded automatically. But is there any manually way to onboard it ? The ...
Hi Mulan2022
1. Manually onboarding an Azure VM to Microsoft Defender for Cloud:
To manually onboard a single VM to Microsoft Defender for Cloud, you can follow these steps:
a. Sign in to the Azure portal (https://portal.azure.com/).
b. Navigate to the virtual machine you want to onboard.
c. In the left-hand menu, click on "Security" or "Azure Defender."
d. Enable the Microsoft Defender plan for the VM, and then click "Save."
After completing these steps, the VM should be onboarded to Microsoft Defender for Cloud.
2. Onboarding a VM not belonging to a subscription with MDC enabled:
If the VM is not part of a subscription with Microsoft Defender for Cloud enabled, you will need to enable MDC for that specific subscription first. Once enabled, you can follow the steps mentioned above to onboard the VM manually.
3. Resource type for a Windows 11 VM:
A VM running Windows 11 is considered an Infrastructure-as-a-Service (IaaS) workload. MDC provides protection for various types of workloads, including IaaS VMs, containers, and PaaS services.
In the context of MDC, a Windows 11 VM would be considered an IaaS VM workload. It falls under the scope of MDC's protection, which includes vulnerability management, threat detection, and other security features designed to protect VMs and their underlying infrastructure.
MDC's Workload Protection refers to the broader set of security features and services that help protect various types of workloads, including IaaS VMs, containers, and PaaS services. In this case, your Windows 11 VM is part of the IaaS VM workloads that MDC is designed to protect.
1. Manually onboarding an Azure VM to Microsoft Defender for Cloud:
To manually onboard a single VM to Microsoft Defender for Cloud, you can follow these steps:
a. Sign in to the Azure portal (https://portal.azure.com/).
b. Navigate to the virtual machine you want to onboard.
c. In the left-hand menu, click on "Security" or "Azure Defender."
d. Enable the Microsoft Defender plan for the VM, and then click "Save."
After completing these steps, the VM should be onboarded to Microsoft Defender for Cloud.
2. Onboarding a VM not belonging to a subscription with MDC enabled:
If the VM is not part of a subscription with Microsoft Defender for Cloud enabled, you will need to enable MDC for that specific subscription first. Once enabled, you can follow the steps mentioned above to onboard the VM manually.
3. Resource type for a Windows 11 VM:
A VM running Windows 11 is considered an Infrastructure-as-a-Service (IaaS) workload. MDC provides protection for various types of workloads, including IaaS VMs, containers, and PaaS services.
In the context of MDC, a Windows 11 VM would be considered an IaaS VM workload. It falls under the scope of MDC's protection, which includes vulnerability management, threat detection, and other security features designed to protect VMs and their underlying infrastructure.
MDC's Workload Protection refers to the broader set of security features and services that help protect various types of workloads, including IaaS VMs, containers, and PaaS services. In this case, your Windows 11 VM is part of the IaaS VM workloads that MDC is designed to protect.
