Operational best practices¶

Best practices for securing MCR on Windows fall into three general areas:

Continuous monitoring
Centralized logging
Regular vulnerability assessment

Continuous monitoring¶

Deploy monitoring tools, such as Prometheus to collect metrics and Grafana for visualization. You can use these tools to monitor resource utilization and detect anomalies in real-time.

Centralized logging¶

Implement logging drivers for centralized log management:

{
  "log-driver": "syslog",
  "log-opts": {
    "syslog-address": "tcp://<log-server>:514"
  }
}

Regular vulnerability assessment¶

Scan the host system and container workloads for vulnerabilities regularly, using such tools as Nessus and Microsoft Defender ATP.