How to Deploy Microsoft Endpoint Protection (MEP) for Windows Azure CTP

The customer technology preview of Microsoft Endpoint Protection (MEP) for Windows Azure, allows Windows Azure developers and administrators to include antimalware protection in their Windows Azure VMs. "The package is installed as an extension on top of Windows Azure SDK. After installing the MEP for Windows Azure CTP, you can enable antimalware protection on your […]

Microsoft Endpoint Protection for Windows Azure Customer Technology PreviewThe customer technology preview of Microsoft Endpoint Protection (MEP) for Windows Azure, allows Windows Azure developers and administrators to include antimalware protection in their Windows Azure VMs.

"The package is installed as an extension on top of Windows Azure SDK. After installing the MEP for Windows Azure CTP, you can enable antimalware protection on your Windows Azure VMs by simply importing the MEP antimalware module into your roles' definition," explains Microsoft.

The MEP for Windows Azure plugin enables the following core functionality:

  • Real-time protection monitors activity on the system to detect and block malware from executing.
  • Scheduled scanning periodically performs targeted scanning to detect malware on the system,
    including actively running malicious programs.
  • Malware remediation takes action on detected malware resources, such as deleting or quarantining
    malicious files and cleaning up malicious registry entries.
  • Signature updates installs the latest protection signatures (aka "virus definitions") to
    ensure protection is up-to-date.
  • Active protection reports metadata about detected threats and suspicious resources to
    Microsoft to ensure rapid response to the evolving threat landscape, as well as
    enabling real-time signature delivery through the Dynamic Signature Service
    (DSS).

Microsoft Endpoint Protection (MEP) for Windows Azure diagram

The following is required to run MEP:

  1. Sign up for a Windows Azure account
  2. Install Visual Studio 2010
  3. Install Windows Azure Tools for Visual Studio

To deploys just follow these steps:

  1. Install Microsoft Endpoint Protection for Windows Azure
  2. Enable your Windows Azure service for antimalware
  3. Optionally customize antimalware configuration options
  4. Configure Azure Diagnostics to capture antimalware related information
  5. Publish your service to Windows Azure

To enable your service to include endpoint protection in
your role VMs, simply add the "Antimalware" plugin when defining the role.

  1. In Visual Studio 2010, open the service definition file for your service (ServiceDefinition.csdef).
  2. For each role defined in the service definition (e.g. your worker roles and web roles), update the
    <imports> section to import the "Antimalware" plugin by adding the following line:

The MEP for Windows Azure can be downloaded from the Microsoft Download Center.