Anti Malware

Owned by Chris Eakin (Unlicensed)
Jun 08, 2018

AntiMalware The modern threat landscape for cloud environments is extremely dynamic, increasing the pressure on business IT cloud subscribers to maintain effective protection in order to meet compliance and security requirements. Microsoft Antimalware for Azure is free real-time protection capability that helps identify and remove viruses, spyware, and other malicious software, with configurable alerts when known malicious or unwanted software attempts to install itself or run on your Azure systems.

The solution is built on the same antimalware platform as Microsoft Security Essentials [MSE], Microsoft Forefront Endpoint Protection, Microsoft System Center Endpoint Protection, Windows Intune, and Windows Defender for Windows 8.0 and higher. Microsoft Antimalware for Azure is a single-agent solution for applications and tenant environments, designed to run in the background without human intervention. You can deploy protection based on the needs of your application workloads, with either basic secure-by-default or advanced custom configuration, including antimalware monitoring.

When you deploy and enable Microsoft Antimalware for Azure for your applications, the following core features are available:

  • Real-time protection- monitors activity in Cloud Services and on Virtual Machines to detect and block malware execution.
  • Scheduled scanning- periodically performs targeted scanning to detect malware, including actively running programs.
  • Malware remediation- automatically takes action on detected malware, such as deleting or quarantining malicious files and cleaning up malicious registry entries.
  • Signature updates- automatically installs the latest protection signatures (virus definitions) to ensure protection is up-to-date on a pre-determined frequency.
  • Antimalware Engine updates– automatically updates the Microsoft Antimalware engine.
  • Antimalware Platform updates– automatically updates the Microsoft Antimalware platform.
  • Active protection- reports telemetry metadata about detected threats and suspicious resources to Microsoft Azure to ensure rapid response to the evolving threat landscape, as well as enabling real-time synchronous signature delivery through the Microsoft Active Protection System (MAPS).
  • Samples reporting- provides and reports samples to the Microsoft Antimalware service to help refine the service and enable troubleshooting.
  • Exclusions– allows application and service administrators to configure certain files, processes, and drives to exclude them from protection and scanning for performance and/or other reasons.
  • Antimalware event collection- records the antimalware service health, suspicious activities, and remediation actions taken in the operating system event log and collects them into the customer’s Azure Storage account.