为 Azure SQL 数据库配置高级威胁防护Configure Advanced Threat Protection for Azure SQL Database

• 01/04/2021
• • W

适用于： Azure SQL 数据库

Azure SQL 数据库的高级威胁防护可检测异常活动，指出有人在访问或利用数据库时的异常行为和可能有害的尝试。Advanced Threat Protection for Azure SQL Database detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. 高级威胁防护可以识别 潜在的 SQL 注入、来自异常位置或数据中心的访问、来自陌生主体或可能有害的应用程序的访问 以及 暴力破解 SQL 凭据 - 请在 高级威胁防护警报中查看更多详细信息。Advanced Threat Protection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in Advanced Threat Protection alerts.

你可以通过电子邮件通知或 Azure 门户接收有关检测到的威胁的通知You can receive notifications about the detected threats via email notifications or Azure portal

高级威胁防护包含在 Azure Defender for SQL 产品/服务（高级 SQL 安全功能的统一软件包）中。Advanced Threat Protection is part of the Azure Defender for SQL offering, which is a unified package for advanced SQL security capabilities. 可通过中心 Azure Defender for SQL 门户访问和管理高级威胁防护。Advanced Threat Protection can be accessed and managed via the central Azure Defender for SQL portal.

在 Azure 门户中设置高级威胁防护Set up Advanced Threat Protection in the Azure portal

1. 登录到 Azure 门户。Sign into the Azure portal.

2. 导航到要保护的服务器的配置页。Navigate to the configuration page of the server you want to protect. 在安全设置中，选择“安全中心”。In the security settings, select Security Center.

3. 在 Azure Defender for SQL 配置页中：On the Azure Defender for SQL configuration page:

   • 在服务器上启用 Azure Defender for SQL。Enable Azure Defender for SQL on the server.
   • 在“高级威胁防护设置”中的“发送警报到”文本框中，提供检测到异常数据库活动时接收安全警报的电子邮件列表 。In Advanced Threat Protection Settings, provide the list of emails to receive security alerts upon detection of anomalous database activities in the Send alerts to text box.

   

使用 PowerShell 设置高级威胁防护Set up Advanced Threat Protection using PowerShell

有关脚本示例，请参阅使用 PowerShell 配置审核和高级威胁防护。For a script example, see Configure auditing and Advanced Threat Protection using PowerShell.

后续步骤Next steps

• 详细了解高级威胁防护。Learn more about Advanced Threat Protection.
• 详细了解 SQL 托管实例中的高级威胁防护。Learn more about Advanced Threat Protection in SQL Managed Instance.
• 详细了解 Azure Defender for SQL。Learn more about Azure Defender for SQL.
• 详细了解审核Learn more about auditing
• 详细了解 Azure 安全中心Learn more about Azure security center
• 有关定价的详细信息，请参阅 SQL 数据库定价页For more information on pricing, see the SQL Database pricing page