This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 28.999999999999996%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Hi all,
I'm looking to secure our landing Zone in compliance with CIS standards.
This requires Cloud Defender for Servers Plan 2, for the feature - Security Policy and Regulatory Compliance.
I have a question though - If we were to move from Plan 2 to Plan 1 at some point:
What would happen to the Policies applied via that feature?
Would they be removed or would they just not be updated?
The Policies
https://learn.microsoft.com/en-us/azure/defender-for-cloud/policy-reference
Thanks, Perry.
Hi Perry,
Perhaps someone here will correct me, but I didn't think policies were affected by P1 vs P2, just workload protections and the non-default policies.
So as long as you're not dependant on the regulatory compliance policies I'd say you're fine.
Ref:
https://learn.microsoft.com/en-us/azure/defender-for-cloud/plan-defender-for-servers-select-plan
Hi again David,
Ok, after re-reading it, I may have miss-understood the nature of the feature.
So the policies are there and can be used under Plan 1, but the benefit of the Plan 2 feature is that, you can create custom policies, but more importantly for our usage, we would have the ability to Compare your resources against the CIS policies for compliance.
Is that your understanding?
Thanks, Perry.