none
Install Microsoft Antimalware RRS feed

  • Question

  • Hi,

    Our Azure VMs currently do not has any antivirus software. We are looking at installing Microsoft Antimalware (because it is free).

    1. To install Microsoft Antimalware on existing Azure VM [WS 2012 R2] > Is it as simple as Adding the Microsoft Antimalware extension from Azure portal?

    2. Are there any pre-requisite prior installing this product?
    3. To uninstall, do we simply remove the Microsoft Antimalware extension via portal too?

    4. Are there any identified/known exclusions for SharePoint & SQL servers?

    Thank you


    • Edited by Chomet Wednesday, January 16, 2019 7:33 AM
    Tuesday, January 15, 2019 6:32 AM

Answers

  • No, I am not aware of any pre-defined exclusion lists for SQL and SharePoint/AD Servers. Also, you cannot modify the exclusion list after the installation from Azure Portal however you can add additional exclusions from the VM itself. Example - Here are the steps you need to follow for Windows Server 2016

    1. Log in to the VM and go to "Windows Defender Settings".
    2. Click on "Add an Exclusion" and add File and Folders/File Types/ Processes exclusions to existing list. (see screenshots below)

    Please let me know if you find above reply useful. If yes, do click on 'Mark as answer' link in above reply. This will help other community members facing similar query to refer to this solution. Thanks.

    Wednesday, January 16, 2019 8:04 PM
    Moderator

All replies

  • 1.  Installing Microsoft Antimalware extension on existing VMs can be doe using various options and one of them is using the Azure portal to add the Antimalware as an extension.  Others are listed below - 

    1. Virtual Machines – Using the Visual Studio virtual machines configuration in Server Explorer
    2. Virtual Machines and Cloud Services – Using the Antimalware classic deployment model
    3. Virtual Machines and Cloud Services – Using Antimalware PowerShell cmdlets

    Please refer to Microsoft antimalware workflow for details on the same.

    2. AFAIK no prerequisites are required, however, Microsoft Antimalware is supported on Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 operating system families. It is not supported on the Windows Server 2008 operating system, and also is not supported in Linux.

    3. To completely uninstall the program and remove it from Azure you will need PowerShell. Refer to Remove antimalware.

    4. You can exclude the File locations, SQL server mdf, ndf, backup files or processes SQLServr.exe while adding the Antimalware extension.

    Tuesday, January 15, 2019 8:07 PM
    Moderator
  • Thanks.

    RE > 4. You can exclude the File locations, SQL server mdf, ndf, backup files or processes SQLServr.exe while adding the Antimalware extension.

    Is there a pre-defined exclusion lists from Microsoft for SQL & SharePoint / AD servers?

    thank you


    • Edited by Chomet Thursday, January 17, 2019 3:39 AM
    Wednesday, January 16, 2019 6:59 AM
  • No, I am not aware of any pre-defined exclusion lists for SQL and SharePoint/AD Servers. Also, you cannot modify the exclusion list after the installation from Azure Portal however you can add additional exclusions from the VM itself. Example - Here are the steps you need to follow for Windows Server 2016

    1. Log in to the VM and go to "Windows Defender Settings".
    2. Click on "Add an Exclusion" and add File and Folders/File Types/ Processes exclusions to existing list. (see screenshots below)

    Please let me know if you find above reply useful. If yes, do click on 'Mark as answer' link in above reply. This will help other community members facing similar query to refer to this solution. Thanks.

    Wednesday, January 16, 2019 8:04 PM
    Moderator
  • Thanks!

    I am assuming we can delete exclusion via Windows defender settings too?

    Thursday, January 17, 2019 3:39 AM
  • Yes, that is correct. 

    Please let me know if you find above reply useful. If yes, do click on 'Mark as answer' link in above reply. This will help other community members facing similar query to refer to this solution. Thanks.

    Thursday, January 17, 2019 5:55 AM
    Moderator
  • Hi,

    Our Azure VMs are running Windows Server 2012 R2. Do we still manage add/delete exclusion files via Windows Defender? 

    Thank you

    Friday, January 25, 2019 6:19 AM
  • For Windows server 2012 r2 you it will be "System Center EndPoint Protection" which protects your system and when you add the exclusions while deploying the antimalware extension from the portal it will be added to this application and you can modify the exclusions by opening the application from the VM.  Please find screenshot for the same - 

    Saturday, January 26, 2019 12:56 AM
    Moderator