More Info:

Enable Microsoft Defender for Cloud for SQL Server Virtual Machines

Risk Level

High

Address

Security, Operational Maturity

Compliance Standards

CISAZURE, CBP, HITRUST

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the misconfiguration of enabling Microsoft Defender for Cloud for SQL Server Virtual Machines in Azure using the Azure console:

  1. Log in to the Azure portal (https://portal.azure.com/).
  2. Navigate to the virtual machine that hosts the SQL Server instance that you want to protect with Microsoft Defender for Cloud.
  3. Click on the “Networking” option in the left-hand menu.
  4. Select the “Network Security Group” associated with the virtual machine.
  5. Click on the “Inbound security rules” option.
  6. Click on the “Add” button to create a new inbound security rule.
  7. In the “Add inbound security rule” pane, enter the following details:
    • Name: Enter a name for the rule (e.g., “Microsoft Defender for Cloud - SQL Server VM”).
    • Priority: Enter a priority for the rule (e.g., “100”).
    • Source: Select “Any” to allow traffic from any source IP address.
    • Source port ranges: Leave this field blank.
    • Destination: Select “VirtualNetwork” to allow traffic to the virtual network that contains the SQL Server VM.
    • Destination port ranges: Enter “1433” to allow traffic to the default SQL Server port.
    • Protocol: Select “TCP” as the protocol.
    • Action: Select “Allow” to allow traffic through the rule.
    • Priority: Enter a priority for the rule (e.g., “100”).
  8. Click on the “Review + create” button to review the details of the new rule.
  9. Click on the “Create” button to create the new rule.
  10. Navigate to the “Security Center” option in the left-hand menu.
  11. Click on the “Recommendations” option.
  12. Locate the recommendation to enable Microsoft Defender for Cloud for SQL Server Virtual Machines.
  13. Click on the “Remediate” button to enable Microsoft Defender for Cloud for the SQL Server VM.
  14. Wait for the remediation process to complete.

That’s it! You have successfully remediated the misconfiguration of enabling Microsoft Defender for Cloud for SQL Server Virtual Machines in Azure using the Azure console.