在 Azure Stack Hub 上更新 Windows Defender 防病毒Update Windows Defender Antivirus on Azure Stack Hub

Windows Defender 防病毒是一种反恶意软件解决方案,可提供安全性和病毒防护功能。Windows Defender Antivirus is an antimalware solution that provides security and virus protection. 每个 Azure Stack Hub 基础结构组件(Hyper-V 主机和虚拟机)均受到 Windows Defender 防病毒的保护。Every Azure Stack Hub infrastructure component (Hyper-V hosts and virtual machines) is protected with Windows Defender Antivirus. 为了获得最新的保护,需要定期更新 Windows Defender 防病毒定义、引擎和平台。For up-to-date protection, you need periodic updates to Windows Defender Antivirus definitions, engine, and platform. 如何应用更新取决于配置。How updates are applied depends on your configuration.

已连接的场景Connected scenario

Azure Stack Hub 的更新资源提供程序每天多次下载反恶意软件定义和引擎更新。The Azure Stack Hub update resource provider downloads antimalware definitions and engine updates multiple times per day. 每个 Azure Stack Hub 基础结构组件都会从更新资源提供程序获取更新并自动应用更新。Each Azure Stack Hub infrastructure component gets the update from the update resource provider and applies the update automatically.

对于连接到公共 Internet 的 Azure Stack Hub 部署,请应用每月 Azure Stack Hub 更新For those Azure Stack Hub deployments that are connected to the public Internet, apply the monthly Azure Stack Hub update. 每月的 Azure Stack Hub 更新包括该月的 Windows Defender 防病毒平台更新。The monthly Azure Stack Hub update includes Windows Defender Antivirus platform updates for the month.

离线场景Disconnected scenario

对于未连接到公共 Internet 的 Azure Stack Hub 部署(例如,与网络隔绝的数据中心),从版本 1910 开始,客户可以应用已发布的反恶意软件定义和引擎更新。For those Azure Stack Hub deployments that are not connected to the public Internet (e.g. air-gapped datacenters), starting with the 1910 release, customers have the ability to apply the antimalware definitions and engine updates as they are published.

若要将更新应用到 Azure Stack Hub 解决方案,必须先从 Microsoft 网站(以下链接)下载更新,然后将其导入 updateadminaccount 下的存储 Blob 容器中。To apply the updates to your Azure Stack Hub solution, you first have to download them from the Microsoft site (links below) and subsequently, import them into a storage blob container under your updateadminaccount. 计划的任务每隔 30 分钟扫描 Blob 容器,如果发现新的 Defender 定义和引擎更新,则会将其应用到 Azure Stack Hub 基础结构。A scheduled task scans the blob container every 30 minutes and, if new Defender definitions and engine updates are found, it applies them to the Azure Stack Hub infrastructure.

对于尚未使用 1910 或更高版本或无法每日下载 Defender 定义和引擎更新的离线部署,每月的 Azure Stack Hub 更新包含该月的 Windows Defender 防病毒定义、引擎和平台更新。For those disconnected deployments that are not yet on 1910 or later, or that don't have the ability to download Defender definitions and engine updates on a daily basis, the monthly Azure Stack Hub update includes Windows Defender Antivirus definitions, engine, and platform updates for the month.

设置 Windows Defender 以进行手动更新Set up Windows Defender for manual updates

在版本 1910 中,已将两个新的 cmdlet 添加到特权终结点,用于在 Azure Stack Hub 中配置 Windows Defender 手动更新。With the 1910 release, two new cmdlets were added to the privileged endpoint to configure Windows Defender manual update in Azure Stack Hub.

### cmdlet to configure the storage blob container for the Defender updates 
Set-AzsDefenderManualUpdate [-Container <string>] [-Remove]  
### cmdlet to retrieve the configuration of the Defender manual update settings 
Get-AzsDefenderManualUpdate  

以下过程说明如何设置 Windows Defender 手动更新。The following procedure shows how to setup Windows Defender manual update.

  1. 连接到特权终结点,然后运行以下 cmdlet 来指定要将 Defender 更新上传到的存储 Blob 容器的名称。Connect to the privileged endpoint and run the following cmdlet to specify the name of the storage blob container where the Defender updates will be uploaded.

    备注

    下述手动更新过程仅适用于不允许访问“go.microsoft.com”的离线环境。The manual update process described below only works in disconnected environments where access to "go.microsoft.com" is not allowed. 尝试在联网环境中运行 Set-AzsDefenderManualUpdate cmdlet 会导致出错。Trying to run the cmdlet Set-AzsDefenderManualUpdate in connected environments will result in an error.

    ### Configure the storage blob container for the Defender updates 
    Set-AzsDefenderManualUpdate -Container <yourContainerName>
    
  2. 下载两个 Windows Defender 更新包,并将其保存到可从 Azure Stack Hub 管理门户访问的位置。Download the two Windows Defender update packages and save them on a location that is reachable from your Azure Stack Hub administration portal.

    备注

    每当你要更新 Defender 签名时,都必须下载这两个文件。You'll have to download these two files every time you want to update the Defender signatures.

  3. 在管理门户中,选择“所有服务”。 In the administration portal, select All services. 然后,在“数据 + 存储” 类别下,选择“存储帐户” 。Then, under the DATA + STORAGE category, select Storage accounts. (或者,在筛选框中开始键入“存储帐户” ,然后选择它。)(Or, in the filter box, start typing storage accounts, and select it.)

    Azure Stack Hub Defender - 所有服务

  4. 在筛选框中,键入“更新” ,然后选择 updateadminaccount 存储帐户。In the filter box, type update, and select the updateadminaccount storage account.

  5. 在存储帐户详细信息中,在“服务” 下,选择 BlobIn the storage account details, under Services, select Blobs.

    Azure Stack Hub Defender - Blob

  6. 在“Blob 服务”下,选择“+ 容器”以创建容器。 Under Blob service, select + Container to create a container. 输入通过 Set-AzsDefenderManualUpdate 指定的名称(在本示例中为 defenderupdates),然后选择“确定”。 Enter the name that was specified with the Set-AzsDefenderManualUpdate (in this example defenderupdates) and then select OK.

    Azure Stack Hub Defender - 容器

  7. 创建容器后,单击容器名称,然后单击“上传” 将包文件上传到容器。After the container is created, click the container name, and then click Upload to upload the package files to the container.

    Azure Stack Hub Defender - 上传

  8. 在“上传 Blob”下,单击文件夹图标,浏览到 Windows Defender 更新 mpam-fe.exe 文件,然后在文件资源管理器窗口中单击“打开”。 Under Upload blob, click the folder icon, browse to the Windows Defender update mpam-fe.exe files and then click Open in the file explorer window.

  9. 在“上传 blob” 下,单击“上传” 。Under Upload blob, click Upload.

    Azure Stack Hub Defender - 上传 Blob 1

  10. 针对 nis_full.exe 文件重复步骤 8 和 9。Repeat steps 8 and 9 for the nis_full.exe file.

    Azure Stack Hub Defender - 上传 Blob 2

计划的任务每隔 30 分钟扫描 Blob 容器,并应用任何新的 Windows Defender 包。A scheduled task scans the blob container every 30 minutes and applies any new Windows Defender package.

后续步骤Next steps

详细了解 Azure Stack Hub 安全性Learn more about Azure Stack Hub security