Virtual Machine Security Ramped up for Microsoft Azure
"Real-time protection" against malware is promised for the cloud platform.
Virtual Machines (VMs) are often more difficult to secure than typical servers, given their transient nature. And fewer tools exist to do secure them, as well.
That situation was eased a bit when Microsoft released a new antimalware solution for its various Azure services, including VMs, this week.
The single-agent solution, which protects Microsoft's cloud-based services from viruses and malware, is based on Microsoft Security Essentials, System Center Endpoint Protection and Forefront Endpoint Protection, among other technologies. This "general availability" release, described here, arrived with a bunch of Microsoft cloud announcements this week as part of Microsoft's TechEd Europe event.
There's also a white paper (PDF) available that describes configuration and installation details. The service, called "Microsoft Antimalware for Azure Cloud Services and Virtual Machines," can be set up though the Azure Preview Portal, Visual Studio or via PowerShell commands.
Microsoft promises that the service offers "real-time protection" against malware, including automatic deletion and quarantine of suspected files. It's also possible to set exclusion paths to certain files that organizations don't want scanned. The service automatically updates its platform, antimalware engine and virus definitions.
The service comes at no cost to organizations with active Microsoft Azure accounts. It optionally allows IT pros to collect event information regarding the antimalware service's activities, which can be aggregated for later analysis using Azure Diagnostics. Using this antimalware event collection process requires having an Azure Storage account, which likely would entail an added cost, but it's an optional feature. The data even can be sent for further analysis to Microsoft's HDInsight "Big Data" service or to an event management system.
Microsoft Antimalware for Azure Cloud Services and Virtual Machines has some software requirements. It's currently supported on "Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2," according to Microsoft's announcement. It's not supported on Windows Server 2008, or on the Windows Server technical preview beta, although Microsoft does plan to support it with its next Windows Server release.
Microsoft does not turn on the service automatically; it must be enabled through configuration settings. The bits are there by default to be enabled for Azure services, but IT pros have to install the bits for the Microsoft Antimalware Client and Service to use the service on Azure Virtual Machines.
Microsoft offers a default configuration of the service that's optimized for its Azure cloud. It's also possible for admins to customize the configuration for Azure services or for Azure Virtual Machines.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.