Defender for Cloud - Defender for Servers P1 for VMSS

Question

Hello

On the subscription where VMSS of Uniform type are located, I enabled Defender for Cloud - Defender for Servers Plan 1. In the Settings | Defender plans console and the Resource quantity column next to the Servers plan, I see that the number of VMSS instances is listed. The VMSS using Linux instances.

AzureSecurityLinuxAgent has been instaled on the VMSS using the Azure Policy - Configure supported Linux virtual machine scale sets to automatically install the Azure Security agent.

The question is:

1. Whether VMSS with Uniform type is supported by Defender for Cloud - Defender for Servers P1?
2. Whether VMSS instances with Uniform type will be shown in the console https://security.microsoft.com, under the Devices tab?
3. Whether VMSS that are part of AKS, will be protected at the instance level and will be shown in the console https://security.microsoft.com, under the Devices tab?
4. Will I be billed for using Defender for Cloud - Defender for Servers P1 ($5/Server/Month) for each VMSS Uniform instance, including those working for AKS?

Regards

Answer 1

@Paweł Przydział

Thank you for posting your query on Microsoft Q&A, from above description I could:

• Whether VMSS with Uniform type is supported by Defender for Cloud - Defender for Servers P1? As per Supported operating systems it is supported with following requirement:

Defender for Cloud depends on the Azure Monitor Agent or the Log Analytics agent. Make sure that your machines are running one of the supported operating systems as described on the following pages:

• Azure Monitor Agent Azure Monitor Agent for Windows supported operating systems Azure Monitor Agent for Linux supported operating systems
• Log Analytics agent Log Analytics agent for Windows supported operating systems Log Analytics agent for Linux supported operating systems

Virtual machines, scale sets	Virtual machine extension	Installs the agent by using Azure extension framework.
Virtual machines, scale sets	Virtual machine extension	Installs the agent by using Azure extension framework.

• Whether VMSS instances with Uniform type will be shown in the console https://security.microsoft.com, under the Devices tab?

Yes, but Azure Security agent should be installed on your Linux virtual machine scale sets and Azure Security agent should be installed on your Windows virtual machine scale sets

[Preview]: Azure Security agent should be installed on your Linux virtual machine scale sets	Install the Azure Security agent on your Linux virtual machine scale sets in order to monitor your machines for security configurations and vulnerabilities. Results of the assessments can seen and managed in Azure Security Center.	AuditIfNotExists, Disabled	2.0.0-preview

• Whether VMSS that are part of AKS, will be protected at the instance level and will be shown in the console https://security.microsoft.com, under the Devices tab?

Yes, Microsoft Defender for Containers support AKS clusters with virtual machines scale sets. Kindly follow Microsoft Defender for Containers components

• Will I be billed for using Defender for Cloud - Defender for Servers P1 ($5/Server/Month) for each VMSS Uniform instance, including those working for AKS?

Yes. You're charged for all machines that are protected by Defender for Servers in Azure subscriptions, connected AWS accounts, or connected GCP projects. The term machines includes Azure virtual machines, instances of Azure Virtual Machine Scale Sets, and Azure Arc-enabled servers. Machines that don't have Log Analytics installed are covered by protections that don't depend on the Log Analytics agent.

For containers:

Containers	Microsoft Defender for Containers	$0.0095/vCore/hour4
Containers	Microsoft Defender for Containers	$0.0095/vCore/hour4

---

Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.

Thanks,

Akshay Kaushik***