How can we improve Microsoft Azure Security Center?

Support other Antivirus products in Malware Assessment

I added the Malware Assessment Intelligence Pack today, and it seems to be listing all of my servers as not having any real time AV protection. The servers in question are running Symantec Endpoint Protection. I looked in the description of the intelligence pack to see what AV products it works with, but didn't find that info.

[Edited during forum migration: comments/responses in the old forum included Symantec and Sophos]

264 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Steve Whitcher shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    37 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Allena Domnus commented  ·   ·  Flag as inappropriate

        I've been using Kaspersky Total Security on my primary systems for several years now and have found it to be one of the best I have ever run. Being a tech, I'm fortunate to have several systems running at any time, so I am able to run different security products on a couple of my lab systems for comparison. In that regard, I have found Kaspersky currently to offer the best protection, with the least problems otherwise. Get the latest updates regarding features here https://www.criticthoughts.com/security/kaspersky-total-security-review/

      • Johannes F. Maritz commented  ·   ·  Flag as inappropriate

        Hi Microsoft. When is the anticipated date for using information from the Windows Security Center to collect status from non-Microsoft antimalware products.

      • Anthony commented  ·   ·  Flag as inappropriate

        Has there been further work on adding in support for other AV clients? I would still like to see support for F-Secure added in...

      • Anonymous commented  ·   ·  Flag as inappropriate

        We have seen tons of false positive for a lack of malware detection software when TrendMicro is installed.

      • Abdelmoniem commented  ·   ·  Flag as inappropriate

        Appreciate if OMS can support Trend Mirco, as this will be very beneficial and valuable for us.

      • Air.Boss commented  ·   ·  Flag as inappropriate

        So I recently started using Microsoft Operations Management Suite. I have no on-prem MOM. I have AVG on 3 of my servers and all 3 are presenting the event. And I'm getting:
        ProtectionStatus : No real time protection

        The full event looks like this:

        5/4/2016 12:44:55.233 AM | ProtectionStatus

        TimeGenerated:5/4/2016 12:44:55.233 AM

        DetectionId:00d0a366-9b7c-4edc-a0da-a7366d269c68

        ThreatStatusRank:150

        ThreatStatus:No threats detected

        ProtectionStatusRank:270

        ProtectionStatus:No real time protection

        ProtectionStatusDetails:No infection found

        SignatureVersion:1.213.7173.0

        ScanDate:5/3/2016 8:00:00.000 PM

        Computer:..........local

        TypeofProtection:Malicious Software Removal Tool

        SourceSystem:OpsManager

        SourceHealthServiceId:8ac09f19-dd82-4d38-901f-b1beb6317b83

        DeviceName:............local

        ManagementGroupName:AOI-eb8cb764-4f3d-4c5a-9be6-258086cfb087

        Can AVG be added as there is real time protection?

      • Anonymous commented  ·   ·  Flag as inappropriate

        Hi same issue with me, multiple servers and multiple customers.. all have MSAV client extension installed with realtime protection ON. Also multiple OMS dashboards. However OMS always reports no realtime protection. This does not look when we show customers we have set up OMS and MS AV extension on their servers. Is there a fix in progress for this one please ?

      • Anonymous commented  ·   ·  Flag as inappropriate

        Antivirus False Positive - OMS engine does not detect Microsoft Security Essentials running on Windows Server 2008 R2 Standard x64 Edition

      • Benoit commented  ·   ·  Flag as inappropriate

        Wrong configuration is returned on OMS for ForeFront Endpoint protection
        OMS says all my servers do not have real time protection while ForeFront Endpoint Protection is well configured for real time protection

      ← Previous 1

      Feedback and Knowledge Base