search

MicrosoftDocs / azure-docs

Open source documentation of Microsoft Azure
https://docs.microsoft.com/azure
Creative Commons Attribution 4.0 International
10.28k stars 21.45k forks source link

Protection by MDC #95304

Closed DeanGross closed 2 years ago

DeanGross commented 2 years ago

The Network control section has the following statements which seem to contradict each other, please resolve this apparent discrepancy or add some clarification language

Protect your Azure VMware Solution VMs with Microsoft Defender for Cloud integration

Microsoft Defender for Cloud monitoring: None

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

kobulloc-MSFT commented 2 years ago

@DeanGross Thank you for your feedback! We are reviewing the protection options for VMware Solution VMs and will get back to you shortly.

kobulloc-MSFT commented 2 years ago

@DeanGross Going through the documentation in Azure VMware Solution, Azure Virtual Desktop, and Azure Web Application Firewall, the only instance of Microsoft Defender for Cloud monitoring I could find was a single instance for Deny communications with known-malicious IP addresses out of 134 entries.

There are, however, several instances where Microsoft Defender for Cloud is recommended for other features that it offers, or even active rather than passive monitoring.

From the Integrate Microsoft Defender for Cloud with Azure VMware Solution documentation: https://docs.microsoft.com/en-us/azure/azure-vmware/azure-security-integration

Microsoft Defender for Cloud offers many features, including:

  • File integrity monitoring
  • Fileless attack detection
  • Operating system patch assessment
  • Security misconfigurations assessment
  • Endpoint protection assessment
kobulloc-MSFT commented 2 years ago

@DeanGross Thank you again for bringing this to our attention. There is a new format which has been introduced in the V3 benchmark which no longer includes the Microsoft Defender for Cloud monitoring: None” sections which have been causing confusion and instead discuss monitoring in sections like Disable Public Network Access and Key Management in Azure Key Vault.

Based on your feedback, the older sections of the documentation will be reviewed to help address this point of confusion. Thank you again for your feedback!

We are going to close this thread as resolved but if there are any further questions regarding the documentation, please tag me in your reply and we will be happy to continue the conversation.