MS Antimalware Extension for Azure Vs Windows Defender Antivirus

%3CLINGO-SUB%20id%3D%22lingo-sub-825946%22%20slang%3D%22en-US%22%3EMS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-825946%22%20slang%3D%22en-US%22%3E%3CDIV%20class%3D%22_2FCtq-QzlfuN-SwVMUZMM3%20_2v9pwVh0VUYrmhoMv1tHPm%20t3_cwf5p2%22%3E%3CDIV%20class%3D%22y8HYJ-y_lTUHkQIc1mdCq%20_2INHSNB8V5eaWp4P0rY_mE%22%3E%3CDIV%20class%3D%22_2SdHzo12ISmrC8H86TgSCp%20_29WrubtjAcKqzJSPdQqQ4h%20%22%3E%3CH1%20id%3D%22toc-hId-2014874337%22%20id%3D%22toc-hId-2014874339%22%20id%3D%22toc-hId-2014874339%22%20id%3D%22toc-hId-2014874339%22%20id%3D%22toc-hId-2014874339%22%20id%3D%22toc-hId-2014874339%22%20id%3D%22toc-hId-2014874339%22%3E%3CSPAN%3Efolks%2C%3C%2FSPAN%3E%3C%2FH1%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22_3xX726aBn29LDbsDtzr_6E%20_1Ap4F5maDtT1E1YuCiaO0r%20D3IL3FD0RFy_mkKLPwL4%22%3E%3CDIV%20class%3D%22_292iotee39Lmt0MkQZ2hPV%20RichTextJSON-root%22%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EBased%20on%20my%20research%20-%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Fantimalware%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity%2Ffundamentals%2Fantimalware%3C%2FA%3E%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EIt%20seems%20Antimalware%20and%20Defender%20use%20the%20same%20MS%20Security%20Essential%20Framework.%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EIf%20yes%2C%20is%20it%20required%20to%20install%20Antimalware%20on%20Windows%2010%20VM%20running%20in%20Azure%20as%20Win%2010%20OS%20has%20Defender%20pre-installed%3F%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EAny%20key%20differentiation%20that%20make%20sense%20to%20allow%20both%20on%20Windows%20based%20VM%20hosted%20in%20Azure%3F%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F238489%22%20target%3D%22_blank%22%3E%40Vasil%20Vasilev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%20class%3D%22_1qeIAgB0cPwnLhDF9XSiJM%22%3EThanks%20in%20advance%20for%20your%20time.%3C%2FP%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-825946%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eantiwalmare%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EDefender%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-825970%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-825970%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F180469%22%20target%3D%22_blank%22%3E%40Admin%20O365%3C%2FA%3EThey%20are%20literally%20the%20same%20agent.%20Also%20it%20is%20never%20good%20idea%20to%20have%20two%20antivirus%2Fantimalware%20agents%20working%20side%20by%20side.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-828439%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-828439%22%20slang%3D%22en-US%22%3E%3CP%3Eso%20which%20one%20to%20install%20at%20an%20enterprise%20level%20for%20all%20windows%20VM%20(Server%20or%20Client)%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-828655%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-828655%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F180469%22%20target%3D%22_blank%22%3E%40Admin%20O365%3C%2FA%3EI%20think%20if%20you%20have%20SCCM%20you%20can%20use%20it%20to%20manage%20Defender%20centrally.%20On%20Windows%20Server%202016%20and%20above%20if%20I%20remember%20Defender%20is%20present%20by%20default%20so%20there%20is%20no%20need%20for%20installation%20just%20managing%20its%20configuration.%20If%20you%20do%20not%20have%20SCCM%20I%20think%20by%20applying%20the%20extension%20on%20WS%202016%20and%20above%20you%20are%20just%20setting%20the%20configuration.%20In%20any%20case%20the%20choice%20lies%20on%20how%20you%20want%20to%20manage%20the%20agent%20via%20SCCM%20if%20you%20have%20that%2C%20manually%20or%20by%20some%20other%20system%20(for%20example%20Chef)%20or%20by%20applying%20the%20extension.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-837897%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-837897%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F9172%22%20target%3D%22_blank%22%3E%40Stanislav%20Zhelyazkov%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPlan%20to%20have%20Win%202012%20onwards%20on%20server%20side%20and%20Win7%20onwards%20on%20Client%20side.%3C%2FP%3E%3CP%3ESo%20I%20guess%20Defender%20will%20not%20applicable%20for%20Win%202012%20%26amp%3B%20in%26nbsp%3B%20Win%207%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20yes%2C%20then%20antimalware%20will%20be%20the%20appropriate%20option.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-838025%22%20slang%3D%22en-US%22%3ERe%3A%20MS%20Antimalware%20Extension%20for%20Azure%20Vs%20Windows%20Defender%20Antivirus%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-838025%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F180469%22%20target%3D%22_blank%22%3E%40Admin%20O365%3C%2FA%3EYes%2C%20but%20overall%20it%20is%20just%20the%20same%20agent%20just%20different%20name%20and%20how%20it%20is%20deployed.%20I%20know%20it%20is%20confusing%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Frequent Contributor

folks,

Based on my research -

https://docs.microsoft.com/en-us/azure/security/fundamentals/antimalware

It seems Antimalware and Defender use the same MS Security Essential Framework.

If yes, is it required to install Antimalware on Windows 10 VM running in Azure as Win 10 OS has Defender pre-installed?

Any key differentiation that make sense to allow both on Windows based VM hosted in Azure?

@Vasil Vasilev 

Thanks in advance for your time.

5 Replies
Highlighted

@Admin O365 They are literally the same agent. Also it is never good idea to have two antivirus/antimalware agents working side by side.

Highlighted

so which one to install at an enterprise level for all windows VM (Server or Client)?

 

 

Highlighted

@Admin O365 I think if you have SCCM you can use it to manage Defender centrally. On Windows Server 2016 and above if I remember Defender is present by default so there is no need for installation just managing its configuration. If you do not have SCCM I think by applying the extension on WS 2016 and above you are just setting the configuration. In any case the choice lies on how you want to manage the agent via SCCM if you have that, manually or by some other system (for example Chef) or by applying the extension.

Highlighted

@Stanislav Zhelyazkov 

 

Plan to have Win 2012 onwards on server side and Win7 onwards on Client side.

So I guess Defender will not applicable for Win 2012 & in  Win 7?

 

If yes, then antimalware will be the appropriate option.

Highlighted

@Admin O365 Yes, but overall it is just the same agent just different name and how it is deployed. I know it is confusing :)