Windows Admin Center security extension

Windows Admin Center now allows remotely scanning for malware on Windows Servers, including Windows Server Core installations. Let's take a look at the new Security extension, which is now available for download.

Author
Recent Posts

Brandon Lee

Brandon Lee has been in the IT industry 15+ years and focuses on networking and virtualization. He contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

New Security extension

The new Security extension for Windows Admin Center allows you to interact with Windows Defender on your local server or on remote servers. This is especially interesting in terms of interacting with remote Windows Server Core installations and running security scans on those boxes.

You can also use the new Security extension to schedule security scans on your local or remote Windows machines. This will be an excellent tool, especially for Windows Server Core installations, to run quick, ad-hoc security scans as well as scheduled security scans. Imagine having this centralized security tool to run scans across your environment, as opposed to remoting into servers and running security scans in a “sneakernet” fashion.

Installing Windows Admin Center Security Extension

Before installing the new Security extension, you need to make sure you are running the latest Windows Admin Center. To download the latest version, go to the Microsoft Windows Admin Center download page. This ensures the new extensions will be compatible with the version of Windows Admin Center you are running.

Once you have the latest Windows Admin Center, how do you get the new Windows Admin Center Security extension? It is extremely easy and is done the same way you get any other extension in Windows Admin Center. It is available through the Settings > Extensions area of Windows Admin Center. Microsoft presents available extensions as available for download instead of requiring users to download a package and have it presented to Windows Admin Center. The Security extension is currently available in Preview mode, which means that development is still underway and it is meant for "test drive" purposes only at this point.

Highlight the extension and click the Install button.

Windows Admin Center Security Extension in available extensions to install

Verify the new security extension is installed in Windows Admin Center

Once the Security extension is installed, you can access it by connecting to a server, either your local Windows Server or a remote Windows Server managed by Windows Admin Center, and navigate to Tools > Security. You will notice several things about the Security module. There are Summary and Protection History tabs as well as various actions in the dashboard. These include starting a New scan, scheduling a scan, and refreshing the status of the information displayed in the dashboard. Additionally, from this screen, you can turn real-time protection on or off.

Launching the new Security module in Windows Admin Center

When you click the New scan option, an overlay is launched from the side of the Windows Admin Center Security screen. The scan type options are to run a Quick Scan or Full scan.

Running a new security scan from Windows Admin Center

Another nice feature is the ability to schedule a security scan on your local or remote Windows Server. When you click Schedule, an overlay called Scan Schedule pops out from the side. Choose the Quick or Full scan option, as well as a Scan day. Currently, you can only select a day and not a weekly or monthly interval. You can also set the scan schedule to Never. So the scan schedule options are fairly basic at this point. However, I am sure these options will be greatly extended in the future for more powerful features and functionality.

Scheduling a new Security Scan in Windows Admin Center

The Protection History tab shows you any security-related events caught by the real-time malware scanning and protection offered by Windows Defender. There is also a Search field that will allow you to find a specific event on your Windows Server if more than one exists. This can be helpful if you are using the tool for forensics to note specific events and details.

Protection History shows any security events that have been noted on the Windows Server

One of the great things about Windows Admin Center is that it finally gives administrators the tool they need to manage the Windows Server Core operating system effectively. No longer do IT admins need to cobble together a number of tools to perform the various tasks needed to manage their Windows Server Core installations. In the realm of security scanning, have you ever wondered how you could effectively scan a Windows Server Core installation remotely? Now you can with Windows Admin Center security extension. Note below, a Widows Server Core installation is managed with Windows Admin Center. You can effectively use the new Security extension to scan your remote Windows Server Core installation for malware!

Subscribe to 4sysops newsletter!

Scanning Windows Server Core with the new Windows Admin Center Security extension

Conclusion

The new Windows Admin Center security module is going to be a great addition to the new extensions available for Windows Admin Center. This module makes it easy to scan and monitor servers remotely, including Windows Server Core installations. Be sure to download and install the new Security extension for your Windows Admin Center installation. Download the latest version of Windows Admin Center here.