Edit

Share via

Verify SQL machine protection

Important

This article applies to commercial clouds. If you're using Government clouds, see the Verify SQL machine protection government article.

After enabling protection for SQL Servers installed on Virtual Machines (VM), on-premises machines, and multicloud resources with the Defender for SQL Servers on Machines plan, verify that your SQL servers are protected as expected.

Verify protection on an entire Azure subscription

Defender for Cloud presents The status of Microsoft SQL Servers on Machines should be protected recommendation. This recommendation allows you to review the protection status of Defender for SQL Servers on Machines. The recommendation identifies all SQL VMs and Azure Arc SQL Server instances within a specified Azure subscription, and presents the protection status of each SQL Server instance.

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Recommendations.

  3. Search for and select The status of Microsoft SQL Servers on Machines should be protected.

  4. Select View recommendation for all resources.

    Screenshot that shows were to locate the View recommendation for all resources button is located.

  5. Review the protection status and the unhealthy reason.

    Screenshot that shows where to locate the protection status and the reason for that status.

  6. Select the unhealthy resource.

  7. Follow the troubleshooting guide steps starting at Step 3: Identify and resolve protection misconfigurations at the SQL Server instance Level.

Defender for Cloud updates the status of the recommendation every 12 hours. Follow the troubleshooting guide to fix each unprotected SQL server instance.

Verify protection on a single SQL server VM

You can also verify the protection status of a single SQL server VM or Azure Arc SQL Server instance.

  1. Sign in to the Azure portal.

  2. Depending on the resources in your environment, search for and select either:

    • SQL virtual machines
      or
    • SQL Server - Azure Arc

  3. Locate and select the relevant resource.

  4. Under the Security tab, select Defender for Cloud.

  5. Check the Protection status. If the status is Protected, the deployment was successful.

    Screenshot showing protection status as protected.

  6. (Optional) Resolve the unprotected server instance status with the troubleshooting SQL Server on Machines guide.

Defender for Cloud updates the status of the recommendation every 12 hours. Follow the troubleshooting guide to fix each unprotected SQL server instance.

Next step

Troubleshoot SQL machines protection