Azure_SecurityCenter_5

Ensure ASC Default policy setting Monitor Endpoint Protection is not Disabled

Description

Enable Endpoint protection recommendations for virtual machines.

Remediation

Perform the following in the Azure Console:

  1. Navigate to Azure Policy
  2. On Policy Overview blade, Click on Policy ASC Default (Subscription:Subscription_ID)
  3. On ASC Default blade, Click on Edit Assignments
  4. In section PARAMETERS , Set Monitor Endpoint Protection to AuditIfNotExists or any other available value than Disabled
  5. Click Save

References:

  1. https://docs.microsoft.com/en-us/azure/security-center/security-center-policies 
  2. https://msdn.microsoft.com/en-us/library/mt704062.aspx
  3. https://msdn.microsoft.com/en-us/library/mt704063.aspx
  4. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/get
  5. https://docs.microsoft.com/en-us/rest/api/resources/policyassignments/create
  6. https://docs.microsoft.com/en-us/azure/security-center/security-center-install-endpoint-protection
     


Service

Security Center

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!