Quickly I found out that the format for this XML file was different than the templates SCEP uses. Initially I thought I’d just take the XML files from a System Center Endpoint Protection implementation and be done with it. The Set-AzureVMMicrosoftAntimalwareExtension cmdlet has a parameter called AntimalwareConfigFile that accepts both an XML or JSON file. The easiest way to configure those exclusion setting is through PowerShell. Second I went ahead and looked in the registry: I took a look at the software installed on an Azure VM and I noticed it was called System Center Endpoint Protection. You have to go through various articles and compose your list. From past experiences I know that getting exclusions for a given application is a pretty tedious work. For certain workloads (like SQL) this is pretty important. However, the new portal allows you to specify additional parameters:Īs you can see you can also specify the exclusions. You push it out to each machine and that’s it.īoth the old and new portals allow to specify this during the machine creation: One of the drawbacks is that there’s no central management. The latter comes as an extension which you can add when creating a virtual machine. Some customers opt to use their on-premise solution, other opt to use the free Microsoft Antimalware solution. I think it’s a best practice to have some form of malware protection installed. In some cases they like to have a Domain Controller from their corporate domain on Azure. I’m getting more and more involved with customers using Azure to host some VM’s in an IAAS scenario.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |