Feature coverage for machines

The two tabs below show the features of Azure Security Center that are available for Windows and Linux virtual machines and servers.

Supported features for virtual machines and servers

Feature Azure Virtual Machines Azure Virtual Machine Scale Sets Non-Azure Machines Pricing
Microsoft Defender ATP integration
(on supported versions)

(on supported versions)
Virtual Machine Behavioral Analytics (and security alerts) Standard
Fileless security alerts Standard
Network-based security alerts - Standard
Just-In-Time VM access - - Standard
Native vulnerability assessment - - Standard
File Integrity Monitoring Standard
Adaptive application controls - Standard
Network map - Standard
Adaptive network hardening - - Standard
Regulatory Compliance dashboard & reports Standard
Recommendations and threat protection on Docker-hosted IaaS containers - - - Standard
Missing OS patches assessment Azure: Free

Non-Azure: Standard
Security misconfigurations assessment Azure: Free

Non-Azure: Standard
Endpoint protection assessment Azure: Free

Non-Azure: Standard
Disk encryption assessment - Free
Third-party vulnerability assessment - - Free
Network security assessment - Free


To experiment with features that are only available on the standard pricing tier, free tier users can enroll in a 30-day trial. For more information, see the pricing page.

Supported endpoint protection solutions

The following table provides a matrix of:

  • Whether you can use Azure Security Center to install each solution for you.
  • Which endpoint protection solutions Security Center can discover. If an endpoint protection solution from this list is discovered, Security Center won't recommend installing one.

For information about when recommendations are generated for each of these protections, see Endpoint Protection Assessment and Recommendations.

Endpoint Protection Platforms Security Center Installation Security Center Discovery
Windows Defender (Microsoft Antimalware) Windows Server 2016 No, Built in to OS Yes
System Center Endpoint Protection (Microsoft Antimalware) Windows Server 2012 R2, 2012, 2008 R2 (see note below) Via Extension Yes
Trend Micro – Deep Security Windows Server Family No Yes
Symantec v12.1.1100+ Windows Server Family No Yes
McAfee v10+ Windows Server Family No Yes
McAfee v10+ Linux Server Family No Yes *
Sophos V9+ Linux Server Family No Yes *

* The coverage state and supporting data is currently only available in the Log Analytics workspace associated to your protected subscriptions. It isn't reflected in the Azure Security Center portal.


Detection of System Center Endpoint Protection (SCEP) on a Windows Server 2008 R2 virtual machine requires SCEP to be installed after PowerShell (v3.0 or newer).

Next steps