You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: azure-local/manage/manage-security-with-defender-for-cloud.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: This article describes how to use Microsoft Defender for Cloud to s
4
4
author: alkohli
5
5
ms.author: alkohli
6
6
ms.topic: how-to
7
-
ms.date: 04/22/2025
7
+
ms.date: 04/23/2025
8
8
ms.service: azure-local
9
9
---
10
10
@@ -110,14 +110,14 @@ You can ignore the Windows Defender for Cloud recommendations below for storage
110
110
| Storage account | Storage accounts should prevent shared key access. | Azure Local supports accessing storage accounts exclusively through shared keys. |
111
111
| Storage account | Storage account should use a private link connection. | Azure Local doesn't currently support private link connections. |
112
112
| Azure Key Vault | Azure Key Vaults should use a private link. | Azure Local doesn't currently support private link connections. |
113
-
| Azure Arc-enabled server | Windows Defender Exploit Guard should be enabled on Azure Arc-enabled servers. | Windows Defender Exploit Guard isn't applicable to server-core SKUs without a GUI such as the Azure Local OS. |
114
-
| Azure Arc-enabled server | Azure Arc-enabled servers should be configured to periodically check for missing system updates. | Azure Local machines shouldn't be updated individually. Use the Azure Local section in Azure Update Manager to update multiple systems or the Updates page on the Azure Local resource view whenever an update is available for the Azure Local instance. Updating individual machines could result in a mixed-mode state, which isn't supported. |
115
-
| Azure Arc-enabled server | System updates should be installed on your Azure Arc-enabled servers using Azure Update Manager. | Azure Local machines shouldn't be updated individually. Utilize the Azure Local section in Azure Update Manager to update multiple systems or the Updates page on the Azure Local resource view whenever an update is available for the Azure Local instance. Updating individual machines could result in a mixed-mode state, which isn't supported. |
116
-
| Azure Arc-enabled server | Machines should have a vulnerability assessment solution. | Microsoft Defender Vulnerability Management (MDVM) doesn't currently support Azure Local. |
113
+
|Machine – Azure Arc| Windows Defender Exploit Guard should be enabled on Azure Local machines. | Windows Defender Exploit Guard isn't applicable to server-core SKUs without a GUI such as the Azure Local OS. |
114
+
|Machine – Azure Arc| Azure Local machines should be configured to periodically check for missing system updates. | Azure Local machines shouldn't be updated individually. Use the Azure Local section in Azure Update Manager to update multiple systems or the Updates page on the Azure Local resource view whenever an update is available for the Azure Local instance. Updating individual machines could result in a mixed-mode state, which isn't supported. |
115
+
|Machine – Azure Arc| System updates should be installed on your Azure Local machines using Azure Update Manager. | Azure Local machines shouldn't be updated individually. Utilize the Azure Local section in Azure Update Manager to update multiple systems or the Updates page on the Azure Local resource view whenever an update is available for the Azure Local instance. Updating individual machines could result in a mixed-mode state, which isn't supported. |
116
+
|Machine – Azure Arc| Azure Local machines should have a vulnerability assessment solution. | Microsoft Defender Vulnerability Management doesn't currently support Azure Local. |
117
117
118
-
## Monitor servers and Azure Local VMs
118
+
## Monitor Azure Local machines and Azure Local VMs
119
119
120
-
Go to the Microsoft Defender for Cloud portal to monitor alerts for individual servers and Azure Local VMs running on Azure Local. You can utilize the regulatory compliance and attack path analysis features, among other enhanced security features.
120
+
Go to the Microsoft Defender for Cloud portal to monitor alerts for individual Azure Local machines and Azure Local VMs.
121
121
122
122
Follow these steps to access the Microsoft Defender for Cloud portal's pages to monitor individual servers and Azure Local VMs:
0 commit comments