Disable Defender for SQL Servers on Machines

Use this article to disable Defender for SQL Servers on Machines in Microsoft Defender for Cloud.

The Defender for SQL Servers on Machines plan is part of Defender for Databases. It protects SQL Server databases hosted on Azure virtual machines (VMs) and Azure Arc-enabled VMs.

What happens when you disable this plan

Disabling the plan means Defender for Cloud no longer provides SQL alerts and recommendations for the selected machines.

Prerequisites

• You must have Subscription Owner permissions.

• You must have the Defender for SQL Servers on Machines plan enabled in your Defender for Cloud environment.

Disable Defender for SQL Servers on Machines

To disable Defender for SQL Servers on Machines, follow these steps:

1. Sign in to the Azure portal.

2. Navigate to Microsoft Defender for Cloud > Environment settings.

3. Select the relevant subscription.

4. On the Defender plans page, locate the Databases plan and select Select types.

   

5. In the Resource types selection window, toggle the SQL Servers on Machines plan to Off.

   

6. Select Continue > Save.

Disable Defender for SQL Servers on Machines at the resource level

To disable this plan at the resource level for an individual SQL Server instance or SQL virtual machine, follow these steps:

1. In the Azure portal, choose one of the following options:

   • Azure Arc > Data services > SQL Server instances
   • SQL virtual machines

2. Select the relevant SQL Server instance.

3. Locate the security menu and select Extensions + applications.

   

4. Select the Defender for SQL (IaaS and Arc) extension.

   Confirm that the extension details match the following values:

   • Extension: Defender for SQL (IaaS and Arc)
   • Publisher: Microsoft.Azure.AzureDefenderForSQL
   • Type: AdvancedThreatProtection.Windows

5. Select Uninstall.

Next steps

• Update Defender for SQL Servers on Machines plan configuration
• Troubleshoot SQL machine protection configuration