Shields up: Microsoft adds antimalware protection for Azure VMs

Most people associate Microsoft antimalware with only Windows Defender on the desktop, but the company has long offered server- and infrastructure-level protection through its Forefront and System Center products.

Now Microsoft is making the same antimalware technology available for free on virtual machines (albeit only Windows VMs) hosted in Microsoft Azure.

In a blog post, Microsoft describes how the new security extension for Azure VMs “provides an additional layer of security by helping to identify, block and remove malicious software on virtual machines managed by Azure customers.”

Protection is provided in real time, so administrators don’t need to manually perform scans, and the service is provided at no additional charge for Azure customers. Analytics generated by Microsoft Antimalware can be exported and analyzed, and the product integrates with PowerShell for the sake of automation.

A Microsoft whitepaper for the product notes that only Windows Server 2008 R2 and Windows Server 2012 (original and R2) are supported, although support for the Windows Server Technical Preview is planned for the future. The Antimalware extension is installed by default, but not enabled, on supported OSes; for Azure Virtual Machines, Antimalware has to be added and enabled manually, but that’s easily done through Azure’s virtual machine configuration menu.

Microsoft has moved to bolster protection for Windows Server in Azure, as hackers are aggressively targeting Web servers to spread their malware, whether via Apache or IIS servers. That said, the Azure antimalware is strictly Windows-centric — it provides no protection for non-Microsoft OSes. Microsoft has historically not ported its ecosystem solutions to other platforms. Users running Linux on Azure will have to bring their own protection, it seems.

Another caveat mentioned in the whitepaper: Following some of Microsoft’s recommendations for using the service “may result in increased data, network, or compute resource usage resulting in additional license or subscription costs.” For instance, additional costs might accrue from automatically piping events recorded by Antimalware into Azure Storage, which is charged by gigabytes per month. Take that under advisement when proceeding with Microsoft’s “at no additional charge” antimalware offer.