You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/upcoming-changes.md
+18Lines changed: 18 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,6 +25,7 @@ If you're looking for the latest release notes, you can find them in the [What's
25
25
26
26
| Planned change | Announcement date | Estimated date for change |
27
27
|--|--|--|
28
+
|[Four new recommendations for Azure Stack HCI resource type](#four-new-recommendations-for-azure-stack-hci-resource-type)| January 9, 2024 | January 2024 |
28
29
|[New version of Defender Agent for Defender for Containers](#new-version-of-defender-agent-for-defender-for-containers)| January 4, 2024 | February 2024 |
29
30
|[Upcoming change for the Defender for Cloud’s multicloud network requirements](#upcoming-change-for-the-defender-for-clouds-multicloud-network-requirements)| January 3, 2024 | May 2024 |
30
31
|[Deprecation and severity changes to security alerts](#deprecation-and-severity-changes-to-security-alerts)| December 27, 2023 | January 2024 |
@@ -38,6 +39,23 @@ If you're looking for the latest release notes, you can find them in the [What's
38
39
|[Deprecating two security incidents](#deprecating-two-security-incidents)|| November 2023 |
39
40
|[Defender for Cloud plan and strategy for the Log Analytics agent deprecation](#defender-for-cloud-plan-and-strategy-for-the-log-analytics-agent-deprecation)|| August 2024 |
40
41
42
+
## Four new recommendations for Azure Stack HCI resource type
43
+
44
+
**Announcement date: January 9, 2024**
45
+
46
+
**Estimated date for change: January 2024**
47
+
48
+
Azure Stack HCI is set to be a new resource type that can be managed through Microsoft Defender for Cloud. We're adding 4 recommendations that are specific to the HCI resource type:
49
+
50
+
| Recommendation | Description | Severity |
51
+
|----------|----------|----------|
52
+
| Azure Stack HCI servers should meet Secured-core requirements | Ensure that all Azure Stack HCI servers meet the Secured-core requirements. (Related policy: [Guest Configuration extension should be installed on machines - Microsoft Azure](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/6c99f570-2ce7-46bc-8175-cde013df43bc)) | Low |
53
+
| Enforce consistent application control policies on Azure Stack HCI servers | At a minimum, apply the Microsoft WDAC base policy in enforced mode on all Azure Stack HCI servers. Applied Windows Defender Application Control (WDAC) application control policies must be consistent across servers in the same cluster. | High |
54
+
| Encrypt volumes on Azure Stack HCI systems | Use BitLocker to encrypt the OS and data volumes on Azure Stack HCI systems | High |
55
+
| Protect host and VM networking on Azure Stack HCI systems | Protect data on the Azure Stack HCI host’s network and on virtual machine network connections. | Low |
56
+
57
+
Learn more about how to use [Defender for App Service to protect your Azure App Service web apps and APIs](defender-for-app-service-introduction.md).
58
+
41
59
## New version of Defender Agent for Defender for Containers
0 commit comments