Azure IaaS Lab – Security Center – Endpoint Protection

This post is part of a series, for the series contents see:
https://irankon.wordpress.com/post-lists/azure-iaas-lab-project/

Another quick post as I rattle through the various suggestions Security Center is chucking at me.

Next up is a recommendation to get endpoint protection on my VMs, the nice thing is that you can resolve this from within Security Centre itself without ever logging into any of the VMs.

For me the recommendation looked like this:

Endpoint Protection Recommendation

You’ll note the convenient “Install on 2 VMs” option at the top of the screen, clicking on that takes you through to a choice of endpoint protection providers.  “Choice” might be stretching it a little here as for now there are only two options:

Endpoint Protection Choices

Forever being thrifty, I went with the Microsoft option as I assume the TrendMicro one is likely to cost me!  Having done that, the final screen I was presented with was to choose a few basic settings for the product and then I was done.

Endpoint Protection Options

The Problems?

For the stuff that Security Center has picked up it has been nice and easy to resolve by getting some endpoint protection on there, but it doesn’t seem to have picked up everything:

  1. My aadconnect-vm doesn’t have any endpoint protection installed but that doesn’t seem to be being flagged.
  2. Neither are any of my Linux VMs (firewall-vm & web-vm).  I assume that’s because there’s not a suitable product yet, but still it’s not ideal that it hasn’t even flagged it.  I’m definitely not a believer of the Apple inspired *nix systems don’t get viruses rubbish.

Overall, what that means is that I can’t really rely on Security Center, at this stage, to pick up the things I’ve missed.  I still need to put in my own checks and balances to make sure that I’ve got a good defence in depth posture.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: