Differences

This shows you the differences between two versions of the page.

--- azure:az-500:security_operations_management [2022/06/28 15:37] – [Defender for Servers] mmuze
+++ azure:az-500:security_operations_management [2022/07/23 00:37] (current) – [Microsoft Defender for Cloud] mmuze
@@ Line 66: / Line 66: @@
   * The free tier does not include monitoring non-Azure resources; this requires the Enhance tier of the service.
   * **Example:** Defender would not detect if there is a new version of an OS, but it would detect of there are critical security updates that are missing.
+  * **Azure Policy** provides most of the data Defender for Cloud uses
+  * A **Log Analytics Workspace** is used just for data coming from virtual machines
 ===== Defender for Servers =====
 > Microsoft Defender for Servers is one of the enhanced security features of Microsoft Defender for Cloud. Use it to add threat detection and advanced defenses to your Windows and Linux machines whether they're running in Azure, AWS, GCP, and on-premises environment.
@@ Line 72: / Line 73: @@
   * [[https://docs.microsoft.com/en-us/azure/defender-for-cloud/defender-for-servers-introduction]]
   * Alerts and vulnerability data from Microsoft Defender for Endpoint is shown in Microsoft Defender for Cloud
+  * There are two tiers Plan 1 and Plan 2.
+  * Defender for Servers also has features for just-in-time VM access, file integrity monitoring, ...
+  * For just-in-time VM access, JIT does not support VMs protected by Azure Firewalls controlled by Azure Firewall Manager. The Azure Firewall must be configured with Rules (Classic) and cannot use Firewall policies.
 ====== Security Center ======