SQL Server Advanced Threat Protection Enabled
Ensures that Advanced Threat Protection is enabled on SQL Servers.
Azure Defender for SQL is a unified package for advanced SQL security capabilities.
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
-
Log in to the Microsoft Azure Management Console.
-
Select the “Search resources, services, and docs” option at the top and search for “SQL servers”.
-
On the “SQL server” page, select the SQL server that needs to be examined.
-
On the selected “SQL server” page, scroll down the left navigation panel and select “Microsoft defender for cloud” under “Security”.
-
On the “Microsoft Defender for Cloud” page, if the “Microsoft Defender for SQL” is “Disabled” then the selected “SQL server” does not ensure that the server data is encrypted and monitored for unusual activity, vulnerabilities and threats.
-
To ensure that Advanced Threat Protection is enabled for the selected server, on the “Microsoft Defender for Cloud” page, click on “Enabled” button to enable the Microsoft Defender for SQL.
-
Once the Microsoft Defender is enable , you can see the vulnerabilities and threats.
-
On the “Microsoft Defender for Cloud” page, click on “Configure” next to Enabled at the subscription-level.
-
Here we can see by enabling Microsoft Defender for SQL , Vulnerability Assessment and Advanced Threat Protection are also enabled.
-
Repeat steps number 3 - 6 to ensure that Advanced Threat Protection is enabled for all SQL Servers.