Windows 2012 R2 and SQL 2014 SP2 Security Baseline & Compliance Automation

%3CLINGO-SUB%20id%3D%22lingo-sub-2051057%22%20slang%3D%22en-US%22%3EWindows%202012%20R2%20and%20SQL%202014%20SP2%20Security%20Baseline%20%26amp%3B%20Compliance%20Automation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2051057%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Guys%20-%20Looking%20for%20a%20most%20feasible%20option%20to%20fetch%2Fpull%2C%20collect%20Security%20Related%20configuration%20and%20settings%20from%20Microsoft%20Windows%202012%20R2%20and%20SQL%20Server%202014%20SP2%20using%20an%20automated%20mechanism.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOur%20solution%20needs%20to%20connect%20to%20one%20or%20multiple%20windows%20servers%20using%20a%20local%20agent%20(micro%20services%20based%20docker)%20installed%20on%20a%20VM%20on-prem%2C%20collect%20the%20data%20using%20API%2FSSH%20then%20upload%20that%20data%20to%20our%20cloud%20controller%20for%20analysis%2FML%20models%20and%20display%20the%20output%20on%20a%20dashboard%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThese%20are%20the%20three%20options%20that%20we%20have%20identified%20so%20far%20for%20evaluation%20and%20looking%20for%20some%20guidance%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E1)%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3Fid%3D55319%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3Fid%3D55319%3C%2FA%3E%26nbsp%3B%20-%20This%20runs%20on%20local%20machine%20only%20(no%20API%20available%3F)%3C%2FP%3E%3CP%3E2)%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fsecurity-concept-overview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fsecurity-concept-overview%3C%2FA%3E%3C%2FP%3E%3CP%3E3)%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fmanagement-apis%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fmanagemen...%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20someone%20here%20help%20with%20pointers%20which%20one%20is%20most%20suitable%20to%20accomplish%20the%20task%20as%20outlined%20above%20OR%20suggest%20a%20better%20option.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance!%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi Guys - Looking for a most feasible option to fetch/pull, collect Security Related configuration and settings from Microsoft Windows 2012 R2 and SQL Server 2014 SP2 using an automated mechanism.

 

Our solution needs to connect to one or multiple windows servers using a local agent (micro services based docker) installed on a VM on-prem, collect the data using API/SSH then upload that data to our cloud controller for analysis/ML models and display the output on a dashboard

 

These are the three options that we have identified so far for evaluation and looking for some guidance:

 

1) https://www.microsoft.com/en-us/download/details.aspx?id=55319  - This runs on local machine only (no API available?)

2) https://docs.microsoft.com/en-us/graph/security-concept-overview

3) https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/managemen...

 

Can someone here help with pointers which one is most suitable to accomplish the task as outlined above OR suggest a better option.

 

Thanks in advance!

0 Replies