Microsoft Releases Azure Security Solution with VM Scanning

Microsoft recently announced the general availability of a new single-agent, anti-malware solution for various Azure services, including Virtual Machines.

Microsoft described the solution, which protects Microsoft's cloud-based services from viruses and malware, in a blog post last Thursday. There's also a white paper (PDF) available that describes configuration and installation details.

The release coincides with several other Microsoft cloud announcements from the recent Microsoft TechEd Europe event. The service, called "Microsoft Antimalware for Azure Cloud Services and Virtual Machines," is based on Microsoft Security Essentials, System Center Endpoint Protection and Forefront Endpoint Protection, among other technologies. It can be set up though the Azure Preview Portal, Visual Studio or via PowerShell commands.

Microsoft promises that the service offers "real-time protection" against malware, including automatic deletion and quarantine of suspected files. It's also possible for IT pros to set exclusion paths to certain files that organizations don't want scanned. The service automatically updates its platform, anti-malware engine and virus definitions.

The service comes at no cost to organizations with active Azure accounts. It optionally allows IT pros to collect event information regarding the anti-malware service's activities, which can be aggregated for later analysis using Azure Diagnostics. Using this anti-malware event collection process requires having an Azure Storage account, which likely would entail an added cost, but it's an optional feature to use. The data even can be sent for further analysis to Microsoft's HDInsight "Big Data" service or to an event management system.

Microsoft Antimalware for Azure Cloud Services and Virtual Machines has some software requirements. It currently is supported on "Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2," according to Microsoft's announcement. It's not supported on Windows Server 2008, or on the Windows Server technical preview beta, although Microsoft does plan to support it with its next Windows Server release.

Microsoft does not turn on the service automatically. IT pros have to enable it through configuration settings. The bits are there by default to be enabled for Azure services, but IT pros have to install the bits for the Microsoft Antimalware Client and Service to use the service on Azure Virtual Machines.

Microsoft offers a default configuration of the service that's optimized for its Azure cloud. It's also possible for IT pros to customize the configuration for Azure services or for Azure Virtual Machines.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • 2022 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Datto Goes Private as Its Acquisition by Kaseya Is Finalized

    Kaseya's $6.2 billion acquisition of Datto, in the works for two years, is now complete, taking Datto from a publicly traded company to a private one.

  • Nebula

    Microsoft Expands on AI Face Standardization Rules and Guidelines

    Microsoft on Tuesday announced Version 2 of Microsoft's "Responsible AI Standard" document, which includes a disclosed a use-case approval process for its Azure Face API, Computer Vision, and Video Indexer customers, was released this week.

  • Road with Ocean Image

    Metaverse Standards Forum Created in the Spirit of Cooperation

    More than 30 tech organizations have come together to form the Metaverse Standards Forum, which will work towards standardizing requirements for future metaverse tech.