You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/plan-multicloud-security-determine-multicloud-dependencies.md
+9-8Lines changed: 9 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,15 +37,16 @@ In Defender for Cloud, you enable specific plans to get Cloud Workload Platform
37
37
-[Defender for Containers](./defender-for-containers-introduction.md): Help secure your Kubernetes clusters with security recommendations and hardening, vulnerability assessments, and runtime protection.
38
38
-[Defender for SQL](./defender-for-sql-usage.md): Protect SQL databases running in AWS and GCP.
39
39
40
-
### What agent do I need?
40
+
### What extension do I need?
41
41
42
-
The following table summarizes agent requirements for CWPP.
42
+
The following table summarizes extension requirements for CWPP.
43
43
44
-
|Agent|Defender for Servers|Defender for Containers|Defender fo SQL on Machines|
44
+
|Extension|Defender for Servers|Defender for Containers|Defender for SQL on Machines|
45
45
|:---:|:---:|:---:|:---:|
46
46
|Azure Arc Agent | ✔ | ✔ | ✔ |
47
-
|Microsoft Defender for Endpoint extension |✔|
48
-
|Vulnerability assessment| ✔||
47
+
|Microsoft Defender for Endpoint extension |✔|||
48
+
|Vulnerability assessment| ✔|||
49
+
|Agentless Disk Scanning| ✔ | ✔ ||
49
50
|Log Analytics or Azure Monitor Agent (preview) extension|✔||✔|
50
51
|Defender agent|| ✔||
51
52
|Azure Policy for Kubernetes || ✔||
@@ -78,14 +79,14 @@ The following components and requirements are needed to receive full protection
78
79
79
80
-**Azure Arc agent**: AWS and GCP machines connect to Azure using Azure Arc. The Azure Arc agent connects them.
80
81
- The Azure Arc agent is needed to read security information on the host level and allow Defender for Cloud to deploy the agents/extensions required for complete protection.
81
-
To auto-provision the Azure Arc agent, the OS configuration agent on [GCP VM instances](./quickstart-onboard-gcp.md?pivots=env-settings) and the AWS Systems Manager (SSM) agent for [AWS EC2 instances](./quickstart-onboard-aws.md?pivots=env-settings) must be configured. [Learn more](../azure-arc/servers/agent-overview.md) about the agent.
82
+
To autoprovision the Azure Arc agent, the OS configuration agent on [GCP VM instances](./quickstart-onboard-gcp.md?pivots=env-settings) and the AWS Systems Manager (SSM) agent for [AWS EC2 instances](./quickstart-onboard-aws.md?pivots=env-settings) must be configured. [Learn more](../azure-arc/servers/agent-overview.md) about the agent.
82
83
-**Defender for Endpoint capabilities**: The [Microsoft Defender for Endpoint](./integration-defender-for-endpoint.md?tabs=linux) agent provides comprehensive endpoint detection and response (EDR) capabilities.
83
84
-**Vulnerability assessment**: Using either the integrated [Qualys vulnerability scanner](./deploy-vulnerability-assessment-vm.md), or the [Microsoft Defender Vulnerability Management](/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management) solution.
84
85
-**Log Analytics agent/[Azure Monitor Agent](../azure-monitor/agents/agents-overview.md) (AMA) (in preview)**: Collects security-related configuration information and event logs from machines.
85
86
86
87
#### Check networking requirements
87
88
88
-
Machines must meet [network requirements](../azure-arc/servers/network-requirements.md?tabs=azure-cloud) before onboarding the agents. Auto-provisioning is enabled by default.
89
+
Machines must meet [network requirements](../azure-arc/servers/network-requirements.md?tabs=azure-cloud) before onboarding the agents. Autoprovisioning is enabled by default.
89
90
90
91
### Defender for Containers
91
92
@@ -119,7 +120,7 @@ To receive the full benefits of Defender for SQL on your multicloud workload, yo
119
120
120
121
-**Azure Arc agent**: AWS and GCP machines connect to Azure using Azure Arc. The Azure Arc agent connects them.
121
122
- The Azure Arc agent is needed to read security information on the host level and allow Defender for Cloud to deploy the agents/extensions required for complete protection.
122
-
- To auto-provision the Azure Arc agent, the OS configuration agent on [GCP VM instances](./quickstart-onboard-gcp.md?pivots=env-settings) and the AWS Systems Manager (SSM) agent for [AWS EC2 instances](./quickstart-onboard-aws.md?pivots=env-settings) must be configured. [Learn more](../azure-arc/servers/agent-overview.md) about the agent.
123
+
- To autoprovision the Azure Arc agent, the OS configuration agent on [GCP VM instances](./quickstart-onboard-gcp.md?pivots=env-settings) and the AWS Systems Manager (SSM) agent for [AWS EC2 instances](./quickstart-onboard-aws.md?pivots=env-settings) must be configured. [Learn more](../azure-arc/servers/agent-overview.md) about the agent.
123
124
-**Log Analytics agent/[Azure Monitor Agent](../azure-monitor/agents/agents-overview.md) (AMA) (in preview)**: Collects security-related configuration information and event logs from machines
124
125
-**Automatic SQL server discovery and registration**: Supports automatic discovery and registration of SQL servers
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments