Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
All Microsoft Defender for Cloud features will be officially retired in the Azure in China region on August 18, 2026. Due to this upcoming retirement, Azure in China customers are no longer able to onboard new subscriptions to the service. A new subscription is any subscription that was not already onboarded to the Microsoft Defender for Cloud service prior to August 18, 2025, the date of the retirement announcement. For more information on the retirement, see Microsoft Defender for Cloud Deprecation in Microsoft Azure Operated by 21Vianet Announcement. Customers should work with their account representatives for Microsoft Azure operated by 21Vianet to assess the impact of this retirement on their own operations.
This article indicates the Azure services, client operating systems, and which features are supported in Microsoft Azure operated by 21Vianet by Microsoft Defender for Cloud.
Security benefits for Azure services
Defender for Cloud provides recommendations, security alerts, and vulnerability assessment for these Azure services:
| Service | Recommendations free with Foundational CSPM | Security alerts | Vulnerability assessment |
|---|---|---|---|
| Azure App Service | ✔ | ✔ | - |
| Azure Automation account | ✔ | - | - |
| Azure Batch account | ✔ | - | - |
| Azure Blob Storage | ✔ | ✔ | - |
| Azure Cache for Redis | ✔ | - | - |
| Azure Cloud Services | ✔ | - | - |
| Azure AI Search | ✔ | - | - |
| Azure AI Service | ✔ | ✔ | - |
| Azure Container Registry | ✔ | ✔ | Defender for Containers |
| Azure Cosmos DB* | ✔ | ✔ | - |
| Azure Data Lake Analytics | ✔ | - | - |
| Azure Data Lake Storage | ✔ | ✔ | - |
| Azure Database for MySQL* | - | ✔ | - |
| Azure Database for PostgreSQL* | - | ✔ | - |
| Azure Event Hubs namespace | ✔ | - | - |
| Azure Files | ✔ | ✔ | - |
| Azure Functions app | ✔ | - | - |
| Azure Key Vault | ✔ | ✔ | - |
| Azure Kubernetes Service | ✔ | ✔ | - |
| Azure Load Balancer | ✔ | - | - |
| Azure Logic Apps | ✔ | - | - |
| Azure SQL Database | ✔ | ✔ | Defender for Azure SQL |
| Azure SQL Managed Instance | ✔ | ✔ | Defender for Azure SQL |
| Azure Service Bus namespace | ✔ | - | - |
| Azure Service Fabric account | ✔ | - | - |
| Azure Stream Analytics | ✔ | - | - |
| Azure Subscription | ✔ ** | ✔ | - |
| Azure Virtual Network (incl. subnets, NICs, and network security groups) |
✔ | - | - |
* These features are currently supported in preview.
** Microsoft Entra recommendations are available only for subscriptions with enhanced security features enabled.
Cloud support
In the support table, NA indicates that the feature isn't available.
| Feature/Plan | Azure | Azure Government | Microsoft Azure operated by 21Vianet3 |
|---|---|---|---|
| GENERAL FEATURES | |||
| Continuous data export | GA | GA | GA |
| Response automation with Azure Logic Apps | GA | GA | GA |
| Security alerts Generated when one or more Defender for Cloud plans is enabled. |
GA | GA | GA |
| Alert email notifications | GA | GA | GA |
| Alert suppression rules | GA | GA | GA |
| Azure Workbooks integration for reporting | GA | GA | GA |
| Automatic component/agent/extension provisioning | GA | GA | GA |
| FOUNDATIONAL Cloud Security Posture Management (CSPM) FEATURES (FREE) | |||
| FOUNDATIONAL CSPM FEATURES (FREE) | |||
| Asset inventory | GA | GA | GA |
| Security recommendations based on the Microsoft Cloud Security Benchmark | GA | GA | GA |
| Recommendation exemptions | Preview | NA | NA |
| Secure score | GA | GA | GA |
| DEFENDER FOR CLOUD PLANS | |||
| Defender Cloud Security Posture Management (CSPM) | GA | GA | NA |
| Defender for App Service | GA | NA | GA |
| Defender for Containers Review detailed feature support |
GA | GA | GA |
| Defender for Domain Name System (DNS) | GA | GA | GA |
| Defender for Resource Manager | GA | GA | GA |
| DEFENDER FOR STORAGE FEATURES | |||
| Activity monitoring (security alerts) | GA | GA | GA |
| DEFENDER FOR DATABASES FEATURES | |||
| Defender for Azure SQL database servers | GA | GA | GA A subset of alerts/vulnerability assessments is available. Behavioral threat protection isn't available. |
| Defender for SQL servers on machines | GA | GA | GA |
| Defender for SQL Servers on Machines | GA | GA | GA |
| Vulnerability assessment Express and Classic configurations | GA | GA | GA |
| Advanced threat protection | GA | GA | GA |
| Defender for Open-Source Relational Databases | GA | GA | GA |
| Defender for Azure Cosmos DB | GA | NA | NA |
1: Azure DNS Zone isn't supported for malware scanning and sensitive data threat detection.
2: GovCon Cloud Moderate (GCCM) doesn't support File Integrity Monitoring.
3: All Microsoft Defender for Cloud features will be officially retired in the Azure in China region on August 18, 2026. Learn more about the retirement of Microsoft Defender for Cloud in Azure operated by 21Vianet.
Important
- As of August 1, 2023, customers with an existing subscription to Defender for DNS can continue to use the service as a standalone plan.
- There's no change to the protection scope: Defender for DNS continues to protect all Azure resources connected to Azure's default DNS resolvers. The change affects how DNS protection is billed and bundled, not what resources are covered.
Supported operating systems
To learn more about the specific Defender for Cloud features available on Windows and Linux, review: