Platforms and features supported by Azure Security Center

Security state monitoring and recommendations are available for virtual machines (VMs), created by using both the classic and Resource Manager deployment models, and computers.

Note

Learn more about the classic and Resource Manager deployment models for Azure resources.

Platforms that support the data collection agent

This section lists the platforms on which the Azure Security Center agent can run and from which it can gather data.

Supported platforms for Windows computers and VMs

The following Windows operating systems are supported:

  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Server 2008 R2
  • Windows Server 2008

Note

Integration with Windows Defender ATP supports only Windows Server 2012 R2 and Windows Server 2016.

Supported platforms for Linux computers and VMs

The following Linux operating systems are supported:

Note

Since the list of supported Linux operating systems is constantly changing, if you prefer, click here to view the most up-to-date list of supported versions, in case there have been changes since this topic was last published.

64-bit

  • CentOS 6 and 7
  • Amazon Linux 2017.09
  • Oracle Linux 6 and 7
  • Red Hat Enterprise Linux Server 6 and 7
  • Debian GNU/Linux 8 and 9
  • Ubuntu Linux 14.04 LTS, 16.04 LTS, and 18.04 LTS
  • SUSE Linux Enterprise Server 12

32-bit

  • CentOS 6
  • Oracle Linux 6
  • Red Hat Enterprise Linux Server 6
  • Debian GNU/Linux 8 and 9
  • Ubuntu Linux 14.04 LTS, and 16.04 LTS

VMs and Cloud Services

VMs that run in a cloud service are also supported. Only cloud services web and worker roles that run in production slots are monitored. To learn more about cloud services, see Overview of Azure Cloud Services.

Supported IaaS features

Server Windows Linux Pricing
Environment Azure Non-Azure Azure Non-Azure
Virtual Machine Virtual Machine Scale Set Virtual Machine Virtual Machine Scale Set
VMBA threat detection alerts ✔ (on supported versions) ✔ (on supported versions) Recommendations (Free) Threat Detection (Standard)
Network-based threat detection alerts X X Standard
Windows Defender ATP integration ✔ (on supported versions) ✔ (on supported versions) X X X Standard
Missing patches Free
Security configurations Free
Endpoint protection assessment X X X Free
JIT VM access X X X X Standard
Adaptive application controls X X Standard
FIM Standard
Disk encryption assessment X X Free
Third-party deployment X X X X Free
NSG assessment X X Free
Fileless threat detection X X X Standard
Network map X X Standard
Adaptive network controls X X Standard
Regulatory Compliance dashboard & reports Standard
Recommendations and threat detection on Docker-hosted IaaS containers X X X Standard

Supported endpoint protection solutions

The following table provides a matrix of:

  • Whether you can use Azure Security Center to install each solution for you.
  • Which endpoint protection solutions Security Center can discover. If one of these endpoint protection solutions is discovered, Security Center will not recommend installing one.

For information about when recommendations are generated for each of these protections, see Endpoint Protection Assessment and Recommendations.

Endpoint Protection Platforms Security Center Installation Security Center Discovery
Windows Defender (Microsoft Antimalware) Windows Server 2016 No, Built in to OS Yes
System Center Endpoint Protection (Microsoft Antimalware) Windows Server 2012 R2, 2012, 2008 R2 (see note below) Via Extension Yes
Trend Micro – All version Windows Server Family No Yes
Symantec v12.1.1100+ Windows Server Family No Yes
McAfee v10+ Windows Server Family No Yes
Kaspersky Windows Server Family No No
Sophos Windows Server Family No No

Note

  • Detection of System Center Endpoint Protection (SCEP) on a Windows Server 2008 R2 virtual machine requires SCEP to be installed after PowerShell 3.0 (or an upper version).

Supported PaaS features

Service Recommendations (Free) Threat detection (Standard)
SQL
PostGreSQL*
MySQL*
Azure Blob storage accounts
App services
Cloud Services X
VNets NA
Subnets NA
NICs NA
NSGs NA
Subscription ✔ **
Batch NA
Service fabric NA
Automation account NA
Load balancer NA
Search NA
Service bus NA
Stream analytics NA
Event hub NA
Logic apps NA
Storage account NA
Redis NA
Data lake analytics NA
Key vault NA

* These features are currently supported in public preview.

** AAD recommendations are only available for Standard subscriptions

Next steps