Merge pull request #106128 from memildin/asc-melvyn-vmva

ktoliver · web-flow · commit 5b94e6df614d · 2020-03-01T16:22:45.000-07:00
Logical reorg of the overview topics
diff --git a/articles/security-center/TOC.yml b/articles/security-center/TOC.yml
@@ -6,8 +6,16 @@
     href: security-center-intro.md
   - name: Supported platforms
     href: security-center-os-coverage.md
-  - name: Supported features
-    href: security-center-services.md
+  - name: Security Center features
+    items:
+    - name: Feature coverage for VMs
+      href: security-center-services.md
+    - name: Feature coverage for Azure PaaS resources
+      href: features-paas.md
+  - name: Security recommendations
+    href: recommendations-reference.md
+  - name: Security alerts and the intent kill chain
+    href: alerts-reference.md    
 
 - name: Quickstarts
   expanded: true
diff --git a/articles/security-center/features-paas.md b/articles/security-center/features-paas.md
@@ -0,0 +1,53 @@
+---
+title: Azure Security Center features for supported Azure PaaS resources.
+description: This page shows the availability of Azure Security Center features for the supported Azure PaaS resources.
+services: security-center
+documentationcenter: na
+author: memildin
+manager: rkarlin
+ms.assetid: be2ab6d5-72a8-411f-878e-98dac21bc5cb
+ms.service: security-center
+ms.devlang: na
+ms.topic: conceptual
+ms.tgt_pltfrm: na
+ms.workload: na
+ms.date: 03/01/2020
+ms.author: memildin
+
+---
+# Feature coverage for Azure PaaS services <a name="paas-services"></a>
+
+The table below shows the availability of Azure Security Center features for the supported Azure PaaS resources.
+
+|Service|Recommendations (Free)|Security alerts (Standard)|Vulnerability assessment (Standard)|
+|:----|:----:|:----:|:----:|
+|Azure App Service|✔|✔|-|
+|Azure Automation account|✔|-|-|
+|Azure Batch account|✔|-|-|
+|Azure Blob Storage|✔|✔|-|
+|Azure Cache for Redis|✔|-|-|
+|Azure Cloud Services|✔|-|-|
+|Azure Cognitive Search|✔|-|-|
+|Azure Container Registry|-|-|✔|
+|Azure Cosmos DB*|-|✔|-|
+|Azure Data Lake Analytics|✔|-|-|
+|Azure Data Lake Storage|✔|-|-|
+|Azure Database for MySQL*|✔|✔|-|
+|Azure Database for PostgreSQL*|✔|✔|-|
+|Azure Event Hubs namespace|✔|-|-|
+|Azure Functions app|✔|-|-|
+|Azure Key Vault|✔|✔ *|-|
+|Azure Kubernetes Service|✔|✔|-|
+|Azure Load Balancer|✔|-|-|
+|Azure Logic Apps|✔|-|-|
+|Azure SQL Databases|✔|✔|✔|
+|Azure Service Bus namespace|✔|-|-|
+|Azure Service Fabric account|✔|-|-|
+|Azure Storage accounts|✔|-|-|
+|Azure Stream Analytics|✔|-|-|
+|Azure Subscription|✔ **|✔|-|
+|Azure Virtual Network</br> (incl. subnets, NICs, and network security groups)|✔|-|-|
+
+\* These features are currently supported in preview.
+
+\*\* Azure Active Directory (Azure AD) recommendations are available only for Standard subscriptions.
diff --git a/articles/security-center/security-center-endpoint-protection.md b/articles/security-center/security-center-endpoint-protection.md
@@ -18,7 +18,7 @@ ms.author: memildin
 
 # Endpoint protection assessment and recommendations in Azure Security Center
 
-Azure Security Center provides health assessments of [supported](security-center-services.md#supported-endpoint-protection-solutions-) versions of Endpoint protection solutions. This article explains the scenarios that lead Security Center to generate the following two recommendations:
+Azure Security Center provides health assessments of [supported](security-center-services.md#endpoint-supported) versions of Endpoint protection solutions. This article explains the scenarios that lead Security Center to generate the following two recommendations:
 
 * **Install endpoint protection solutions on your virtual machine**
 * **Resolve endpoint protection health issues on your machines**
diff --git a/articles/security-center/security-center-os-coverage.md b/articles/security-center/security-center-os-coverage.md
@@ -30,7 +30,6 @@ For an Azure environment activated on an Azure subscription, Azure Security Cent
 > [!NOTE]
 > To receive the full set of security features, you must have the [Log Analytics Agent](../azure-monitor/platform/agents-overview.md#log-analytics-agent), which is used by Azure Security Center, installed and [properly configured to send data to Azure Security Center](security-center-enable-data-collection.md#manual-agent).
 
-
 The following sections list the supported server operating systems on which the [Log Analytics Agent](../azure-monitor/platform/agents-overview.md#log-analytics-agent), which is used by Azure Security Center, can run.
 
 ### Windows server operating systems <a name="os-windows"></a>
@@ -80,38 +79,6 @@ Virtual machines are also created in a customer subscription as part of some Azu
 
 Virtual machines that run in a cloud service are also supported. Only cloud services web and worker roles that run in production slots are monitored. To learn more about cloud services, see [Overview of Azure Cloud Services](../cloud-services/cloud-services-choose-me.md).
 
-## PaaS Services <a name="paas-services"></a>
-
-The following Azure PaaS resources are supported by Azure Security Center:
-
-* SQL
-* PostGreSQL
-* MySQL
-* CosmosDB
-* Storage account
-* App service
-* Function
-* Cloud Service
-* VNet
-* Subnet
-* NIC
-* NSG
-* Batch account
-* Service fabric account
-* Automation account
-* Load balancer
-* Search
-* Service bus namespace
-* Stream analytics
-* Event hub namespace
-* Logic apps
-* Redis
-* Data Lake Analytics
-* Data Lake Store
-* Key vault
-
-To learn more about the supported features for the above list of PaaS resources, see [PaaS services supported features](security-center-services.md#paas-services).
-
 Protection for Virtual Machines residing in Azure Stack is also supported. For more information about Security Center’s integration with Azure Stack, see [Onboard your Azure Stack virtual machines to Security Center](https://docs.microsoft.com/azure/security-center/quick-onboard-azure-stack).
 
 ## Next steps
@@ -120,4 +87,4 @@ Protection for Virtual Machines residing in Azure Stack is also supported. For m
 - Learn how [Security Center manages and safeguards data](security-center-data-security.md).
 - Learn how to [plan and understand the design considerations to adopt Azure Security Center](security-center-planning-and-operations-guide.md).
 - Learn about [features available for the different cloud environments](security-center-services.md).
-- Learn more about [threat protection for Windows and Linux machines in Azure Security Center](threat-protection.md#windows-machines).
+- Learn more about [threat protection for Windows and Linux machines in Azure Security Center](threat-protection.md#windows-machines).
diff --git a/articles/security-center/security-center-services.md b/articles/security-center/security-center-services.md
@@ -11,27 +11,21 @@ ms.devlang: na
 ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: na
-ms.date: 01/05/2020
+ms.date: 03/01/2020
 ms.author: memildin
 ---
-# Supported features available in Azure Security Center
 
-> [!NOTE]
->Some features are only available with the Standard tier. If you have not already signed up for Security Center's Standard tier, a free trial period is available. For more information, see the [Security Center pricing page](https://azure.microsoft.com/pricing/details/security-center/).
-
-The following sections show Security Center features that are available for their [supported platforms](security-center-os-coverage.md).
+# Feature coverage for machines
 
-* [Virtual machines / servers](#vm-server-features)
-* [PaaS services](#paas-services)
+The tables below show Azure Security Center features that are available for virtual machines and servers.
 
+## Supported features for virtual machines and servers <a name="vm-server-features"></a>
 
-## Virtual machine / server supported features <a name="vm-server-features"></a>
-
-### [Windows](#tab/features-windows)
+### [Windows machines](#tab/features-windows)
 
 |||||||||
 |----|:----:|:----:|:----:|:----:|:----:|:----:|:----:|
-||**Azure Virtual Machines**|**Azure Virtual Machine Scale Sets**|**Non-Azure Machines**|**Pricing**
+|**Feature**|**Azure Virtual Machines**|**Azure Virtual Machine Scale Sets**|**Non-Azure Machines**|**Pricing**
 |[Microsoft Defender ATP integration](security-center-wdatp.md)|✔</br>(on supported versions)|✔</br>(on supported versions)|✔|Standard|
 |[Virtual Machine Behavioral Analytics (and security alerts)](threat-protection.md)|✔|✔|✔|Recommendations (Free) </br></br> Security alerts (Standard)|
 |[Fileless security alerts](alerts-reference.md#alerts-windows)|✔|✔|✔|Standard|
@@ -53,11 +47,11 @@ The following sections show Security Center features that are available for thei
 |[Network security assessment](security-center-network-recommendations.md)|✔|✔|-|Free|
 
 
-### [Linux](#tab/features-linux)
+### [Linux machines](#tab/features-linux)
 
 |||||||||
 |----|:----:|:----:|:----:|:----:|:----:|:----:|:----:|
-||**Azure Virtual Machines**|**Azure Virtual Machine Scale Sets**|**Non-Azure Machines**|**Pricing**
+|**Feature**|**Azure Virtual Machines**|**Azure Virtual Machine Scale Sets**|**Non-Azure Machines**|**Pricing**
 |[Microsoft Defender ATP integration](security-center-wdatp.md)|-|-|-|Standard|
 |[Virtual Machine Behavioral Analytics  (and security alerts)](security-center-alerts-iaas.md)|✔</br>(on supported versions)|✔</br>(on supported versions)|✔|Recommendations (Free) </br></br> Security alerts (Standard)|
 |[Fileless security alerts](alerts-reference.md#alerts-windows)|-|-|-|Standard|
@@ -80,6 +74,11 @@ The following sections show Security Center features that are available for thei
 
 --- 
 
+
+> [!TIP]
+>To experiment with features that are only available on the standard pricing tier, free tier users can enroll in a 30-day trial. For more information, see the [pricing page](https://azure.microsoft.com/pricing/details/security-center/).
+
+
 ## Supported endpoint protection solutions <a name="endpoint-supported"></a>
 
 The following table provides a matrix of:
@@ -106,46 +105,6 @@ For information about when recommendations are generated for each of these prote
 > - Detection of Trend Micro protection is supported for Deep Security agents.  OfficeScan agents are not supported.
 
 
-## PaaS services supported features <a name="paas-services"> </a>
-
-The following PaaS resources are supported by Azure Security Center:
-
-|Service|Recommendations (Free)|Security alerts (Standard)|Vulnerability assessment (Standard)|
-|----|:----:|:----:|:----:|
-|SQL Databases|✔|✔|✔|
-|Azure Container Registry|-|-|✔|
-|Azure Kubernetes Service|✔|✔|-|
-|Azure Database for PostgreSQL*|✔|✔|-|
-|Azure Database for MySQL*|✔|✔|-|
-|Azure CosmosDB*|-|✔|-|
-|Storage Accounts|✔|-|-|
-|Blob Storage|✔|✔|-|
-|App Service|✔|✔|-|
-|Function app|✔|-|-|
-|Cloud Services|✔|-|-|
-|Virtual Network|✔|-|-|
-|Subnet|✔|-|-|
-|NIC|✔|-|-|
-|Network Security Groups|✔|-|-|
-|Subscription|✔ **|✔|-|
-|Batch account|✔|-|-|
-|Service Fabric account|✔|-|-|
-|Automation account|✔|-|-|
-|Load Balancer|✔|-|-|
-|Cognitive Search|✔|-|-|
-|Service Bus namespace|✔|-|-|
-|Stream analytics|✔|-|-|
-|Event hub namespace|✔|-|-|
-|Logic apps|✔|-|-|
-|Cache for Redis|✔|-|-|
-|Data Lake Analytics|✔|-|-|
-|Azure Data Lake Storage|✔|-|-|
-|Key Vault|✔|✔ *|-|
-
-\* These features are currently supported in preview.
-
-\*\* Azure Active Directory (Azure AD) recommendations are available only for Standard subscriptions.
-
 ## Next steps
 
 - Learn how [Security Center collects data and the Log Analytics Agent](security-center-enable-data-collection.md).
