MicrosoftDocs
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/1-introduction.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/1-introduction.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/2-protect-non-azure-resources.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/2-protect-non-azure-resources.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/3-connect-non-azure-machines.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/3-connect-non-azure-machines.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/4-connect-aws-accounts.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/4-connect-aws-accounts.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/5-connect-gcp-accounts.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/5-connect-gcp-accounts.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/7-summary-resources.yml
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/7-summary-resources.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/1-introduction.md
Lines changed: 2 additions & 3 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/1-introduction.md
Lines changed: 2 additions & 3 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/2-protect-non-azure-resources.md
Lines changed: 2 additions & 2 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/2-protect-non-azure-resources.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/3-connect-non-azure-machines.md
Lines changed: 44 additions & 75 deletions b/‎learn-pr/wwl-sci/connect-non-azure-machines-to-azure-defender/includes/3-connect-non-azure-machines.md
Lines changed: 44 additions & 75 deletions
@@ -4,9 +4,9 @@ title: Introduction
 metadata:
   title: Introduction
   description: "Introduction"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/13/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -4,9 +4,9 @@ title: Protect non-Azure resources
 metadata:
   title: Protect non-Azure resources
   description: "Protect non-Azure resources"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/20/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -4,9 +4,9 @@ title: Connect non-Azure machines
 metadata:
   title: Connect non-Azure machines
   description: "Connect non-Azure machines"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/20/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -4,9 +4,9 @@ title: Connect your AWS accounts
 metadata:
   title: Connect your AWS accounts
   description: "Connect your AWS accounts"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/20/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -4,9 +4,9 @@ title: Connect your GCP accounts
 metadata:
   title: Connect your GCP accounts
   description: "Connect your GCP accounts"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/20/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -4,9 +4,9 @@ title: Summary and resources
 metadata:
   title: Summary and resources
   description: "Summary and resources"
-  ms.date: 02/22/2023
-  author: wwlpublish
-  ms.author: bneeb
+  ms.date: 05/20/2025
+  author: KenMAG
+  ms.author: kelawson
   ms.topic: unit
 azureSandbox: false
 labModal: false
 
@@ -1,6 +1,5 @@
-Microsoft Defender for Cloud can protect hybrid workloads, including on-premise, Amazon Web Services (AWS), and Google Cloud Platform (GCP).
+Microsoft Defender for Cloud can protect hybrid workloads, including on-premises, Amazon Web Services (AWS), and Google Cloud Platform (GCP).
 
-You're a Security Operations Analyst working at a company that is in the process of implementing cloud workload protection with Microsoft Defender for Cloud. You're responsible for protecting resources located on-premise, Amazon Web Services (AWS), and Google Cloud Platform (GCP). You decide to Azure Arc enable the servers to provide easier management of the non-Azure machines. Next, you protect the virtual machines with Defender for Cloud.
+You're a Cloud Security Engineer working at a company that is in the process of implementing cloud workload protection with Microsoft Defender for Cloud. You're responsible for protecting resources located on-premises, Amazon Web Services (AWS), and Google Cloud Platform (GCP). You decide to deploy Azure Arc on the servers to provide easier management of the non-Azure machines. Next, you protect the virtual machines with Microsoft Defender for Cloud.
 
 Learn how you can add Defender for Cloud capabilities to your hybrid environment.
-
@@ -2,15 +2,15 @@ Today, companies struggle to control and govern increasingly complex environment
 
 In parallel, new DevOps and ITOps operational models are hard to implement, as existing tools fail to provide support for new cloud native patterns.
 
-Azure Arc simplifies governance and management by delivering a consistent multi-cloud and on-premises management platform. Azure Arc enables you to:
+Azure Arc simplifies governance and management by delivering a consistent multicloud and on-premises management platform. Azure Arc enables you to:
 
 - Manage your entire environment, with a single pane of glass, by projecting your existing non-Azure, on-premises, or other-cloud resources into Azure Resource Manager.
 - Manage virtual machines, Kubernetes clusters, and databases as if they're running in Azure.
 - Use familiar Azure services and management capabilities, regardless of where they live.
 - Continue using traditional ITOps, while introducing DevOps practices to support new cloud native patterns in your environment.
 - Configure Custom Locations as an abstraction layer on top of Azure Arc-enabled Kubernetes cluster, cluster connect, and cluster extensions.
 
-:::image type="content" source="../media/azure-arc-control-plane.png" alt-text="Diagram of the Azure ARC Control Plane for resources.":::
+:::image type="content" source="../media/azure-arc-control-plane.png" alt-text="Diagram of the Azure ARC Control Plane for resources." lightbox="../media/azure-arc-control-plane.png":::
 
 Today, Azure Arc allows you to manage the following resource types hosted outside of Azure:
 
 
@@ -1,98 +1,67 @@
 Microsoft Defender for Cloud can monitor the security posture of your non-Azure computers, but first, you need to connect them to Azure.
 
-You can connect your non-Azure computers in any of the following ways:
+There are several different ways you can connect your existing Windows and Linux machines to Azure Arc:
 
 - Using Azure Arc enabled servers (recommended)
-
-- From Defender for Cloud's pages in the Azure portal (Getting started and Inventory)
+- Azure Arc-enabled VMware vSphere
+- Azure Arc-enabled System Center Virtual Machine Manager (SCVMM)
+- Azure Local
 
 ## Add non-Azure machines with Azure Arc
 
-Azure Arc enabled servers is the preferred way of adding your non-Azure machines to Defender for Cloud.  A machine with Azure Arc enabled servers becomes an Azure resource and appears in Defender for Cloud with recommendations like your other Azure resources.  In addition, Azure Arc enabled servers provides enhanced capabilities such as the option to enable guest configuration policies on the machine, deploy the Log Analytics agent as an extension, simplify deployment with other Azure services, and more.
+Azure Arc enabled servers is the preferred way of adding your non-Azure machines to Defender for Cloud. A machine with Azure Arc enabled servers becomes an Azure resource and appears in Defender for Cloud with recommendations like your other Azure resources. In addition, Azure Arc enabled servers provides enhanced capabilities such as the option to enable guest configuration policies on the machine, deploy the Azure Monitor agent as an extension, simplify deployment with other Azure services, and more.
 
 ### What is Azure Arc enabled servers?
 
-Azure Arc enabled servers allows you to manage your Windows and Linux machines hosted outside of Azure, on your corporate network, or other cloud providers, just like you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Each connected machine has a Resource ID, is included in a resource group, and benefits from standard Azure constructs such as Azure Policy and applying tags. Service providers who manage a customer's on-premises infrastructure can manage their hybrid machines, just like they do today with native Azure resources, across multiple customer environments, using Azure Lighthouse with Azure Arc.
-
-To deliver this experience with your hybrid machines hosted outside of Azure, the Azure Connected Machine agent needs to be installed on each machine that you plan on connecting to Azure. **This agent does not deliver any other functionality, and it doesn't replace the Azure Log Analytics agent**. The Log Analytics agent for Windows and Linux is required when you want to proactively monitor the OS and workloads running on the machine. You can then manage the machines using Automation runbooks, solutions like Update Management, or use other Azure services like Defender for Cloud.
-
-## Add non-Azure machines from the Azure portal
-
-You can start the process of adding a non-Azure server from two different locations in Defender for Cloud:
-
-1. From Defender for Cloud's menu, open the **Getting started** page.
-1. Select the **Get started** tab.
-1. Below Add non-Azure servers, select **Configure**.
-1. From Defender for Cloud's menu, open the Inventory page. 
-1. Select the **+ Add non-Azure servers** button.
-
-A list of your Log Analytics workspaces is shown. The list includes, if applicable, the default workspace created for you by Defender for Cloud when automatic provisioning was enabled. Select this workspace or another workspace you want to use.
-
-You can add computers to an existing workspace or create a new workspace.  Optionally, to create a new workspace, select **Create new workspace**.
-
-From the list of workspaces, select **Add Servers** for the relevant workspace. The Agents management page appears.
-
-From here, choose the relevant procedure below depending on the type of machines you're onboarding:
-
-- Onboard your Azure Stack VMs
-
-- Onboard your Linux machines
-
-- Onboard your Windows machines
-
-### Onboard your Azure Stack VMs
-
-To add Azure Stack VMs, you need the information on the Agents management page and to configure the Azure Monitor, Update and Configuration Management virtual machine extension on the virtual machines running on your Azure Stack.
-
-1. From the Agents management page, copy the Workspace ID and Primary Key into Notepad.
-
-1. Log into your Azure Stack portal and open the Virtual machines page.
-
-1. Select the virtual machine that you want to protect with Defender for Cloud.
-
-1. Select Extensions. The list of virtual machine extensions installed on this virtual machine is shown.
-
-1. Select the **Add** tab. The New Resource menu shows the list of available virtual machine extensions.
-
-1. Select the Azure Monitor, Update and Configuration Management extension and select **Create**. The Install extension configuration page opens.
-
-1. On the Install extension configuration page, paste the Workspace ID and Workspace Key (Primary Key) that you copied into Notepad in the previous step.
-
-1. When you complete the configuration, select **OK**. The extension's status will show as *Provisioning Succeeded*. It might take up to one hour for the virtual machine to appear in Defender for Cloud.
-
-### Onboard your Linux machines
-
-To add Linux machines, you need the WGET command from the Agents management page.
-
-1. From the Agents management page, copy the WGET command into Notepad. Save this file to a location that is accessible from your Linux computer.
-
-1. On your Linux computer, open the file with the WGET command. Select the entire content and copy and paste it into a terminal console.
-
-1. When the installation completes, you can validate that the *omsagent* is installed by running the [pgrep] command. The command will return the omsagent PID. The logs for the Agent can be found at: /var/opt/microsoft/omsagent/workspace id/log/ It might take up to 30 minutes for the new Linux machine to appear in Defender for Cloud.
-
-### Onboard your Windows machines
+Azure Arc enabled servers allows you to manage your Windows and Linux machines hosted outside of Azure, on your corporate network, or other cloud providers, just like you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Each connected machine has a Resource ID, is included in a resource group, and benefits from standard Azure constructs such as Azure Policy and applying tags. Service providers who manage a customer's on-premises infrastructure can manage their hybrid machines just like they do today with native Azure resources, across multiple customer environments, using Azure Lighthouse with Azure Arc.
 
-To add Windows machines, you need to read the information on the Agents management page and to download the appropriate agent file (32/64-bit).
+To deliver this experience with your hybrid machines hosted outside of Azure, the *Azure Connected Machine agent* needs to be installed on each machine that you plan on connecting to Azure. **This agent doesn't replace the Azure Monitor Agent**. The Azure Monitor Agent for Windows and Linux is required when you want to proactively monitor the OS and workloads running on the machine. You can then manage the machines using Automation runbooks, solutions like Update Management, or use other Azure services like Defender for Cloud.
 
-1. Select the Download Windows Agent link applicable to your computer processor type to download the setup file.
+## Onboard non-Azure machines with the Azure Connected Machine agent
 
-1. From the Agents management page, copy the Workspace ID and Primary Key into Notepad.
+Connecting machines in your hybrid environment directly with Azure can be accomplished using different methods, depending on your requirements and the tools you prefer to use.
 
-1. Copy the downloaded setup file to the target computer and run it.
+### Onboarding methods
 
-1. Follow the installation wizard (Next, I Agree, Next, Next).
+The following table highlights each method so you can determine which works best for your deployment. For detailed information, follow the links to view the steps for each article.
 
-1. On the Azure Log Analytics page, paste the Workspace ID and Workspace Key (Primary Key) that you copied into Notepad.
+| Method | Description |
+|--------|-------------|
+| Interactively | Manually install the agent on a single or small number of machines by [connecting machines using a deployment script](/azure/azure-arc/servers/onboard-portal). From the Azure portal, you can generate a script and execute it on the machine to automate the install and configuration steps of the agent.|
+| Interactively | [Connect machines from Windows Admin Center](/azure/azure-arc/servers/onboard-windows-admin-center) |
+| Interactively | [Connect Windows Servers machines to Azure through Azure Arc Setup](/azure/azure-arc/servers/onboard-windows-server) |
+| Interactively or at scale | [Connect machines using PowerShell](/azure/azure-arc/servers/onboard-powershell) |
+| At scale | [Connect machines using a service principal](/azure/azure-arc/servers/onboard-service-principal) to install the agent at scale non-interactively.|
+| At scale | [Connect machines by running PowerShell scripts with Configuration Manager](/azure/azure-arc/servers/onboard-configuration-manager-powershell) |
+| At scale | [Connect machines with a Configuration Manager custom task sequence](/azure/azure-arc/servers/onboard-configuration-manager-custom-task) |
+| At scale | [Connect Windows machines using Group Policy](/azure/azure-arc/servers/onboard-group-policy-powershell) |
+| At scale | [Connect machines from Automation Update Management](/azure/azure-arc/servers/onboard-update-management-machines) to create a service principal that installs and configures the agent for multiple machines managed with Azure Automation Update Management to connect machines non-interactively. |
+| At scale | [Install the Arc agent on VMware VMs at scale using Arc enabled VMware vSphere](/azure/azure-arc/vmware-vsphere/enable-guest-management-at-scale). Arc enabled VMware vSphere allows you to [connect your VMware vCenter server to Azure](/azure/azure-arc/vmware-vsphere/quick-start-connect-vcenter-to-arc-using-script), automatically discover your VMware VMs, and install the Arc agent on them. Requires VMware tools on VMs.|
+| At scale | [Install the Arc agent on SCVMM VMs at scale using Arc-enabled System Center Virtual Machine Manager](/azure/azure-arc/system-center-virtual-machine-manager/enable-guest-management-at-scale). Arc-enabled System Center Virtual Machine Manager allows you to [connect your SCVMM management server to Azure](/azure/azure-arc/system-center-virtual-machine-manager/quickstart-connect-system-center-virtual-machine-manager-to-arc), automatically discover your SCVMM VMs, and install the Arc agent on them. |
+| At scale | [Connect your AWS cloud through the multicloud connector enabled by Azure Arc](/azure/azure-arc/multicloud-connector/connect-to-aws) and [enable the **Arc onboarding** solution](/azure/azure-arc/multicloud-connector/onboard-multicloud-vms-arc) to autodiscover and onboard EC2 VMs. |
 
-1. If the computer should report to a Log Analytics workspace in Azure Government cloud, select **Azure US Government** from the Azure Cloud dropdown list.
+> [!NOTE]
+> The Azure Arc Setup feature only applies to Windows Server 2022 and later. It was released in the [Cumulative Update of 10/10/2023](https://support.microsoft.com/topic/october-10-2023-kb5031364-os-build-20348-2031-7f1d69e7-c468-4566-887a-1902af791bbc).
 
-1. If the computer needs to communicate through a proxy server to the Log Analytics service, select **Advanced** and provide the proxy server's URL and port number.
+## Supported cloud operations
 
-1. When you've entered all of the configuration settings, select **Next**.
+With Azure Arc-enabled servers, you can perform many operational functions, just as you would with native Azure virtual machines. Below are some of the key supported actions for connected machines.
 
-1. From the Ready to Install page, review the settings to be applied and select **Install**.
+* **Govern**:
+  * Assign [Azure machine configurations](/azure/governance/machine-configuration/overview) to audit settings inside the machine. To understand the cost of using Azure Machine Configuration policies with Arc-enabled servers, see Azure Policy [pricing guide](https://azure.microsoft.com/pricing/details/azure-policy/).
+* **Protect**:
+  * Protect non-Azure servers with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint), included through [Microsoft Defender for Cloud](/azure/security-center/defender-for-servers-introduction), for threat detection, for vulnerability management, and to proactively monitor for potential security threats. Microsoft Defender for Cloud presents the alerts and remediation suggestions from the threats detected.
+  * Use [Microsoft Sentinel](scenario-onboard-azure-sentinel.md) to collect security-related events and correlate them with other data sources.
+* **Configure**:
+  * Use [Azure Automation](/azure/automation/extension-based-hybrid-runbook-worker-install?tabs=windows) for frequent and time-consuming management tasks using PowerShell and Python [runbooks](/azure/automation/automation-runbook-execution). Assess configuration changes for installed software, Microsoft services, Windows registry and files, and Linux daemons using the Azure Monitor agent for [change tracking and inventory](/azure/automation/change-tracking/overview-monitoring-agent?tabs=win-az-vm).
+  * Use [Azure Update Manager](/azure/update-manager/overview) to manage operating system updates for your Windows and Linux servers. Automate onboarding and configuration of a set of Azure services when you use [Azure Automanage](/azure/automanage/automanage-arc).
+  * Perform post-deployment configuration and automation tasks using supported [Arc-enabled servers VM extensions](manage-vm-extensions.md) for your non-Azure Windows or Linux machine.
+* **Monitor**:
+  * Monitor operating system performance and discover application components to monitor processes and dependencies with other resources using [VM insights](/azure/azure-monitor/vm/vminsights-overview).
+  * Collect other log data, such as performance data and events, from the operating system or workloads running on the machine with the [Azure Monitor Agent](/azure/azure-monitor/agents/azure-monitor-agent-overview). This data is stored in a [Log Analytics workspace](/azure/azure-monitor/logs/log-analytics-workspace-overview).
 
-1. On the Configuration completed successfully page, select **Finish**.
+Log data collected and stored in a Log Analytics workspace from the hybrid machine contains properties specific to the machine, such as a Resource ID, to support [resource-context](/azure/azure-monitor/logs/manage-access#access-mode) log access.
 
-When complete, the Microsoft Monitoring agent appears in Control Panel. You can review your configuration there and verify that the agent is connected.
+Watch this video to learn more about Azure monitoring, security, and update services across hybrid and multicloud environments.
 
+> [!VIDEO https://www.youtube.com/embed/mJnmXBrU1ao]