Verify that Endpoint Protection on VM's are reporting.

%3CLINGO-SUB%20id%3D%22lingo-sub-1612802%22%20slang%3D%22en-US%22%3EVerify%20that%20Endpoint%20Protection%20on%20VM's%20are%20reporting.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1612802%22%20slang%3D%22en-US%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20it%20possible%20to%20verify%20that%20all%20VM's%20Endpoint%20protection%20are%20reporting%20as%20expected%20%3F%3C%2FP%3E%3CP%3ELooks%20like%20some%20are%20missing%20when%20looking%20in%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fsecuritycenter.windows.com%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsecuritycenter.windows.com%2F%3C%2FA%3E%26nbsp%3Bbut%20the%20recommendation%20for%20installing%20Endpoint%20Protection%20is%20green%20on%20all%20VM's.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1643213%22%20slang%3D%22en-US%22%3ERe%3A%20Verify%20that%20Endpoint%20Protection%20on%20VM's%20are%20reporting.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1643213%22%20slang%3D%22en-US%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F577472%22%20target%3D%22_blank%22%3E%40PatrikHansson%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CP%3EAzure%20Security%20Center%20will%20scan%20your%20VMs%20for%20an%20existing%20Endpoint%20Protection%20Solution%20and%20will%20also%20inform%20you%20in%20case%20there%20are%20health%20issues%20with%20the%20solution.%20We%20have%20explained%20the%20respective%20Security%20Control%20with%20all%20recommendations%20in%20one%20of%20our%20%3CA%20title%3D%22ASC%20-%20Enable%20Endpoint%20Protection%22%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-security-center%2Fsecurity-controls-in-azure-security-center-enable-endpoint%2Fba-p%2F1624653%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Elatest%20articles%3C%2FA%3E.%20The%20link%20you've%20mentioned%20refers%20to%20the%20Microsoft%20Defender%20Security%20Center.%20If%20you%20have%20enabled%20ASC%2FMDATP%20integration%2C%20all%20VMs%20that%20are%20monitored%20in%20ASC%20are%20automatically%20onboarded%20to%20MDATP%20(only%20for%20supported%20operating%20systems%20as%20defined%20in%20%3CA%20title%3D%22ASC%2FMDATP%20integration%20-%20platform%20support%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsecurity-center%2Fsecurity-center-wdatp%23platform-support%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eour%20documentation%3C%2FA%3E).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBest%20regards%2C%3C%2FP%3E%0A%3CP%3ETom%20Janetscheck%3C%2FP%3E%0A%3CP%3ESenior%20Program%20Manager%3C%2FP%3E%0A%3CP%3E%3CSPAN%3ECxE%20%7C%20Azure%20Security%20Center%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hi

 

Is it possible to verify that all VM's Endpoint protection are reporting as expected ?

Looks like some are missing when looking in https://securitycenter.windows.com/ but the recommendation for installing Endpoint Protection is green on all VM's. 

1 Reply

Hi @PatrikHansson ,

Azure Security Center will scan your VMs for an existing Endpoint Protection Solution and will also inform you in case there are health issues with the solution. We have explained the respective Security Control with all recommendations in one of our latest articles. The link you've mentioned refers to the Microsoft Defender Security Center. If you have enabled ASC/MDATP integration, all VMs that are monitored in ASC are automatically onboarded to MDATP (only for supported operating systems as defined in our documentation).

 

Best regards,

Tom Janetscheck

Senior Program Manager

CxE | Azure Security Center