Managing Security by Using Microsoft Defender for Cloud
Start course

This course will help you manage security on your Azure Virtual Desktop and allow you to understand how it integrates with the other Azure services. It covers understanding conditional access policies, multi-factor authentication, integrating with Microsoft Defender for Cloud, and deploying antivirus onto session hosts.

Learning Objectives

  • Plan and implement conditional access policies for connection to Azure Virtual Desktop
  • Plan and implement Multi-Factor Authentication in Azure Virtual Desktop
  • Manage security by using Microsoft Defender for Cloud
  • Configure Microsoft Defender Antivirus for session hosts

Intended Audience

This course is intended for anyone who wants to become an Azure Virtual Desktop Specialist or anyone preparing to take the AZ-140 exam.


If you wish to get the most out of this course, you should have a good understanding of Azure administration, however, this is not essential.


Welcome to this module on managing security by using Microsoft Defender for Cloud, formerly known as Azure Security Center. We will cover the following topics in this module. We will discuss the requirements needed to integrate Microsoft Defender for Cloud with Azure Virtual Desktop. We will then look at the features that are available. Finally, we will look at some general security best practices for Azure Virtual Desktop. 

Let's start off by taking a look at some of the requirements that need to be fulfilled in order to integrate Azure Virtual Desktop with Microsoft Defender for Cloud. There are two levels of Microsoft Defender for Cloud, basic and standard. Before you can integrate this service with AVD, you need to ensure you have enabled the standard tier in Microsoft Defender for Cloud. Finally, you need to ensure you have provisioned your Azure Virtual Desktop environment and have active session hosts within this environment.

Let's now move on to discussing some of the features that are available once you meet these requirements. The first feature I would like to highlight is the security configuration assessment, which will assess your existing security implementation within Azure Virtual Desktop. Next, we have a security score, which again assesses the AVD environment, but this time outputs a score, detailing vulnerabilities and how you can remediate those.

We move on to file integrity monitoring, better known as FIM. This feature examines operating system files, Windows registry, apps, and more for changes in behavior that might indicate an attack. I also want to mention Just-in-time VM access as an important feature. This feature allows you to control access to the sessions hosts and limit not only the level of access, but the amount of time a user can access a VM.

The final feature I will touch on is adaptive application control. This is an intelligent and automated solution for defining allow lists of known, safe applications for your session hosts. In the final part of this lecture, I will discuss general security best practices for Azure Virtual Desktop. An important aspect of AVD is the session host virtual machines, so ensuring you have some type of endpoint protection enabled on these is very important.

With any type of cloud-hosted environment, security posture is key, and AVD is no different, which is why it is another best practice to continuously monitor and improve your secure score. Access and authentication are an important aspect of all cloud-hosted services, and as such, forcing users to utilize multi-factor authentication when accessing Azure Virtual Desktop should be standard. The final best practice recommendation I want to point out is to set up screen locks for idle sessions. This protects access to the environment if users walk away from their screens and leave the session unattended.

About the Author

Shabaz Darr is a Senior Infrastructure Specialist at Netcompany based in the UK. He has 15 years plus experience working in the IT industry, 7 of those he has spent working with Microsoft Cloud Technologies in general, with a focus on MEM and IaaS. Shabaz is a Microsoft MVP in Enterprise Mobility with certifications in Azure Administration and Azure Virtual Desktop. During his time working with Microsoft Cloud, Shabaz has helped multiple public and private sector clients in the UK with designing and implementing secure Azure Virtual Desktop environments.