Is the SQL Server and SQL Database on the test machine being protected by Microsoft Defender for Cloud?

Question

Is the SQL Server and SQL Database on the test machine being protected by Microsoft Defender for Cloud?

mara7 166

I have had 1 on-premise SQL Servers connected via Azure Arc.

To be exact, this server is in azure, not on-prem, and Azure communication is blocked by restricting the service tag IMDS in the outbound rule, so Azure connected machine agnet installation is completed and onboarding to Arc is normal

<Arc>

The sql server was on-boarded to arc, and both computer arc machine and sql server appear in the Arc resource list
Security tab on sql Server (arc) indicates that it is protected by defender for cloud

User's image

The installation of Microsoft Defender for SQL Extensions appears to be completed in Machine-Azure Arc Extensions.

Is the SQL Server and SQL Database on the test machine being protected by Microsoft Defender for Cloud?

1 answer

Your answer

Answer 1

Silvia Wibowo 6,041 Microsoft Employee Volunteer Moderator

Hi @mara7 , I understand that you have enabled SQL server on machines from Defender for Cloud. That is the first step, which is enabling MDC (Microsoft Defender for Cloud) plan for SQL Server machines. The second part is to enable the plan from the SQL Server machines.

To enable the plan on a SQL VM/Arc-enabled SQL Server:

Sign in to the Azure portal.
Navigate to your SQL VM/Arc-enabled SQL Server.
In the SQL VM/Arc-enabled SQL Server menu, under Security, select Microsoft Defender for Cloud.
In the Microsoft Defender for SQL server on machines section, select Enable.

Reference: How to enable Microsoft Defender for SQL servers on machines

Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

mara7 166 Reputation points

2023-12-26T00:02:48.62+00:00

I did.

But I couldn't find SQL VM/Arc-enabled SQL Server resource at Microsoft defender for cloud inventory
Silvia Wibowo 6,041 Reputation points Microsoft Employee Volunteer Moderator

2023-12-26T21:10:47.51+00:00

Hi @mara7 , isn't this (Resource name = test, Resource type = Machines - Azure Arc) the resource you're referring to?
mara7 166 Reputation points

2023-12-26T22:59:17.62+00:00

Hello

yes! But I think there is Azure Arc, SQL-Arc Server(2 resources) in Microsoft defender for cloud portal resource list

Like that.

Is it correct that only one arc server is displayed?

I think There is 2 resources like below

![Arc 지원 SQL Server 컴퓨터용 Cloud용 Microsoft Defender 활성화라는 제목의 블로그 게시물의 축소판 이미지 10

](/api/attachments/18796806-2167-44c0-8dd2-e9702a289bab?platform=QnA)

(https://techcommunity.microsoft.com/t5/azure-arc-blog/enabling-microsoft-defender-for-cloud-for-arc-enabled-sql-server/ba-p/3864340)

If it is right, How do I troubleshotting?

Plus 1 more question.

I turned on microsoft defender for cloud, but I can't see any protected instances.
Silvia Wibowo 6,041 Reputation points Microsoft Employee Volunteer Moderator

2023-12-27T04:51:52.02+00:00

Hi @mara7, I think your machine has been Arc-enabled but Azure extension for SQL Server has not been installed. Please proceed with these steps: Connect SQL Server on a server already enabled by Azure Arc.
mara7 166 Reputation points

2023-12-27T04:58:33.47+00:00

@Silvia Wibowo

Hello,

I have been installed follow Connect SQL Server on a server already enabled by Azure Arc, so I got SQL server on the Arc SQL Server instances list..

also, my Arc server's extension.

I don't know what is wrong with my Arc Server.
Silvia Wibowo 6,041 Reputation points Microsoft Employee Volunteer Moderator

2023-12-27T05:22:44.7533333+00:00

Hi @mara7, last screenshot says "This server is not connected to Azure". Note that you need Azure extension for SQL Server, and it's not in your extension list.

Try other alternative method to deploy Azure extension for SQL Server: Alternate deployment options - SQL Server enabled by Azure Arc and verify that Azure extension for SQL Server "Provisioning Status = Succeeded".
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
mara7 166 Reputation points

2023-12-27T06:07:55.73+00:00

@Silvia Wibowo

I fixed(I started machine) , But I couldn't get SQL-Arc Server in inventory list(I just get Azure Arc machine) at Microsoft defender for cloud Portal.
Silvia Wibowo 6,041 Reputation points Microsoft Employee Volunteer Moderator

2024-01-03T03:29:03.8333333+00:00

Hi @mara7, please check from your Defender Plans page, does it show any protected instances in Databases? Your previous screenshot shows 0/0 instances, what does it show now?
mara7 166 Reputation points

2024-01-03T07:27:29.5866667+00:00

It still looks like 0 instance.
Silvia Wibowo 6,041 Reputation points Microsoft Employee Volunteer Moderator

2024-01-04T01:24:07.36+00:00

Hi @mara7 , please create a support request in Azure if you have any technical support plan. The support engineer will be better equipped to help you. Thank you.

Share via

Is the SQL Server and SQL Database on the test machine being protected by Microsoft Defender for Cloud?

1 answer

Your answer