Azure Malware Protection
Understand the types of malware protection in Azure.
January 22, 2015
Q: Does Azure run malware protection?
A: Microsoft doesn't disclose specifics regarding the protection the company uses as part of the various Azure services. Publishing details would help attackers who are trying to bypass the protection. However, the fact that Azure has an attestation of PCI-DSS compliance means that virus scanning and malware detection systems are deployed on the platform, which would include the hypervisors and other systems. Remember that for IaaS workloads it's important to deploy your own malware protecion within the virtual machines (e.g., Microsoft Endpoint Protection, which is free, or any other protection). Always think "defense in depth"; key points for using Azure IaaS include the following:
Run malware protection
Ensure the firewall is enabled within the virtual machine
Minimize endpoints enabled for virtual machines and only have endpoints that are absolutely necessary
Patch the OS and applications
Deploy policies to help lock down the environment
Monitor the services
About the Author
You May Also Like