I'm a Systems Administrator and Architect supporting around 200 employees. One of my Data Engineers installed WSL 2 on their Windows machine. Since everyone has E5 licenses, I use Intune and Defender for MDM and antivirus solutions. I'm looking for best practices to ensure that I'm properly managing and securing the Linux subsystem on Windows. Any tips or resources would be greatly appreciated!
2 Answers
It’s good to know you’re using Intune and Defender. I’d recommend checking out CrowdStrike because they have a WSL module which can help enhance your security. Make sure to enable the WSL2 Windows prevention setting, as the CrowdStrike sensor didn’t have visibility into older WSL versions.
I’ve been curious about this too! I found a helpful resource that outlines best practices for using WSL in enterprise environments. You can check it out here: https://learn.microsoft.com/en-us/windows/wsl/enterprise. It has a lot of useful info on securing WSL deployments.
Thanks for the link! It looks really comprehensive.
Just a heads up, in our environment, we block the original version of WSL and only allow it through requests. It’s been working well for us!