Events
May 19, 6 PM - May 23, 12 AM
Calling all developers, creators, and AI innovators to join us in Seattle @Microsoft Build May 19-22.
Register todayConnect your non-Azure machines to Microsoft Defender for Cloud
Microsoft Defender for Cloud monitors the security posture of non-Azure machines, but first you need to connect them to Azure.
Connect non-Azure computers in any of the following ways:
- Onboarding with Azure Arc:
- By using Azure Arc-enabled servers (recommended)
- By using the Azure portal
- Onboarding directly with Microsoft Defender for Endpoint
This article describes the methods for onboarding with Azure Arc.
If you're connecting machines from other cloud providers, see Connect your AWS account or Connect your GCP project. The multicloud connectors for Amazon Web Services (AWS) and Google Cloud Platform (GCP) in Defender for Cloud handle the Azure Arc deployment for you.
Note
The instructions on this page focus on connecting on-premises machines to Microsoft Defender for Cloud. The same guidance applies to machines in Azure VMware Solution (AVS). Learn more about integrating Azure VMware Solution machines with Microsoft Defender for Cloud.
To complete the procedures in this article, you need:
A Microsoft Azure subscription. If you don't have an Azure subscription, you can sign up for a free one.
Microsoft Defender for Cloud set up on your Azure subscription.
Access to an on-premises machine.
A machine with Azure Arc-enabled servers becomes an Azure resource. Once connected to an Azure subscription with Defender for Servers enabled, it appears in Defender for Cloud, like your other Azure resources.
Azure Arc-enabled servers provide enhanced capabilities, such as enabling guest configuration policies on the machine and simplifying deployment with other Azure services. For an overview of the benefits of Azure Arc-enabled servers, see Supported cloud operations.
To deploy Azure Arc on one machine, follow the instructions in Quickstart: Connect hybrid machines with Azure Arc-enabled servers.
To deploy Azure Arc on multiple machines at scale, follow the instructions in Connect hybrid machines to Azure at scale.
Defender for Servers uses an integration with Microsoft Defender for Endpoint to provide real-time threat detection, automated response capabilities, vulnerability assessments, software inventory, and more. To ensure servers are secure and receive all the security benefits of Defender for Servers, verify that the Defender for Endpoint integration is enabled on your subscriptions.
Your Azure and on-premises machines are available to view in one location.
To verify that your machines are connected:
Sign in to the Azure portal.
Search for and select Microsoft Defender for Cloud.
On the Defender for Cloud menu, select Inventory to show the asset inventory.
Filter the page to view the relevant resource types. These icons distinguish the types:
Non-Azure machine
Azure VM
Azure Arc-enabled server
When you enable Defender for Cloud, Defender for Cloud's alerts are automatically integrated into the Microsoft Defender Portal.
The integration between Microsoft Defender for Cloud and Microsoft Defender XDR brings cloud environments into Microsoft Defender XDR. With Defender for Cloud's alerts and cloud correlations integrated into Microsoft Defender XDR, SOC teams can now access all security information from a single interface.
Learn more about Defender for Cloud's alerts in Microsoft Defender XDR.
There's no need to clean up any resources for this article.
- Protect all of your resources with Defender for Cloud.
- Set up your AWS account and GCP projects.
Additional resources
Training
Module
Connect non-Azure resources to Microsoft Defender for Cloud - Training
Connect non-Azure resources to Microsoft Defender for Cloud
Certification
Microsoft Certified: Security Operations Analyst Associate - Certifications
Investigate, search for, and mitigate threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender.