Microsoft Antimalware for Azure Needs a GUI for Monitoring and Management
I have been researching the Microsoft Antimalware for Azure which is currently in preview. I think that the idea behind this product is fantastic. There was a real gap in the market for customers who want to run VMs on Microsoft Azure. So I am glad to see that Microsoft is offering a service which addresses the need to protect Azure VMs from viruses.
Unfortunately, the current release of Microsoft Antimalware for Azure is extremely difficult to deploy, configure, and manage. The main reason for this is the lack of any UI for the administrator or end user. To do any type of meaningful administration of the service requires the use of Powershell. I do not believe it is an exaggeration to say that Microsoft Antimalware for Azure is the most difficult to use product on the market today. I realize that the product is in preview and that it will mature over time.
I am frankly surprised that Microsoft has taken the approach of building an entirely new service to provide antimalware to Microsoft Azure VMs. This seems like an enormous engineering effort for an organization that already have four different antimalware solutions (Microsoft Security Essentials, Windows Defender, System Center Endpoint Protection, and Windows Intune). Instead of creating a 5th service to protect against antimalware, it would seem far more logical to take one of the existing services and adapt it to protect Azure VMs. I would have thought that extending Windows Intune Endpoint Protection (WIEP) to run on Azure VMs was the most sensible approach. One of the nice benefits of WIEP is that it has a very simple UI which is ideal for businesses that lack the technical expertise to run System Center Endpoint Protection. But Microsoft chose to build an entirely new antimalware product instead which make System Center Endpoint Protection look simple by comparison.
I sincerely hope that Microsoft will take this feedback in the spirit in which it is intended. The concept behind Microsoft Antimalware for Azure is terrific. It is a fantastic idea whose time has come. But Microsoft needs to prioritize their investment in a user interface so that the major of administrators can deploy and use the product successfully. Otherwise, it offers no real benefit to customers.
Good feedback!! We are working on it…
Yuri Diogenes commented
Great feedback and thanks for sharing. Please see if the workaround provided in this article can help you: https://blogs.msdn.microsoft.com/azuresecurity/2016/03/09/enabling-microsoft-antimalware-user-interface-post-deployment/
Any update on this ?
Peter Selch Dahl commented
You can get access to the SCEP (Azure Antimalware) GUI by making the following hack in the registry.
Navigate to the following key in the registry:
1.Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Antimalware\UX Configuration
2.Create or modify a DWORD called "UILockDown" to have the value "0"
3. Open Start and Search for System Center Endpoint Protection
4. Done :)
I don't think Microsoft support the method mentioned and recommend you use PowerShell for these changes.
Corey will hopefully get the guys in Redmond to make a centralized management tool for AV in Azure for us at a later time - They are currently reviewing my request :)
Peter Selch Dahl - Azure Advisor