快速入门:将 Azure 订阅加入安全中心标准层Quickstart: Onboard your Azure subscription to Security Center Standard

Azure 安全中心跨混合云工作负荷提供统一的安全管理。Azure Security Center provides unified security management across your hybrid cloud workloads. 免费层只能为 Azure 资源提供有限的安全性,而标准层将这些功能扩展到了本地和其他云。While the Free tier offers limited security for your Azure resources only, the Standard tier extends these capabilities to on-premises and other clouds. 借助安全中心标准层,可以查找和修复安全漏洞、应用访问控制和应用程序控制来阻止恶意活动、使用分析和智能功能检测威胁,以及在受到攻击时迅速做出响应。Security Center Standard helps you find and fix security vulnerabilities, apply access and application controls to block malicious activity, detect threats using analytics and intelligence, and respond quickly when under attack. 可以免费试用安全中心标准版。You can try Security Center Standard at no cost. 若要了解详细信息,请参阅定价页To learn more, see the pricing page.

在本文中,你将升级到标准层以增强安全性,并在虚拟机上安装 Azure Monitoring Agent 以监视安全漏洞和威胁。In this article, you upgrade to the Standard tier for added security and install the Azure Monitoring Agent on your virtual machines to monitor for security vulnerabilities and threats.

先决条件Prerequisites

若要开始使用安全中心,必须订阅世纪互联 Azure。To get started with Security Center, you must have a subscription to 21Vianet Azure. 如果你尚无订阅,则可以注册试用帐户If you do not have a subscription, you can sign up for a trial account.

若要将订阅升级到标准层,必须拥有“订阅所有者”、“订阅参与者”或“安全管理员”角色。To upgrade a subscription to the Standard tier, you must be assigned the role of Subscription Owner, Subscription Contributor, or Security Admin.

启用 Azure 订阅Enable your Azure subscription

  1. 登录到 Azure 门户Sign into the Azure portal.

  2. 在“世纪互联 Azure” 菜单上选择“安全中心” 。On the 21Vianet Azure menu, select Security Center. 此时会打开“安全中心 - 概览”。 Security Center - Overview opens.

    安全中心概述

“安全中心 - 概述”提供统一的视图用于查看混合云工作负荷的安全局势,可让你发现和评估工作负荷的安全性,以及识别和缓解风险。 Security Center – Overview provides a unified view into the security posture of your hybrid cloud workloads, enabling you to discover and assess the security of your workloads and to identify and mitigate risk. 安全中心会自动启用以前尚未由你或其他订阅用户加入到免费层的所有 Azure 订阅。Security Center automatically enables any of your Azure subscriptions not previously onboarded by you or another subscription user to the Free tier.

可以通过单击“订阅”菜单项来查看和筛选订阅列表。 You can view and filter the list of subscriptions by clicking the Subscriptions menu item. 现在,安全中心将开始评估这些订阅的安全性,以识别安全漏洞。Security Center will now begin assessing the security of these subscriptions to identify security vulnerabilities. 若要自定义评估类型,可以修改安全策略。To customize the types of assessments, you can modify the security policy. 安全策略定义了工作负载的相应配置,有助于确保用户遵守公司或法规方面的安全要求。A security policy defines the desired configuration of your workloads and helps ensure compliance with company or regulatory security requirements.

在首次启动安全中心后的几分钟内,可以看到:Within minutes of launching Security Center the first time, you may see:

  • 有关如何改善 Azure 订阅安全性的建议Recommendations for ways to improve the security of your Azure subscriptions. 单击“建议”磁贴会启动一个优先级列表。 Clicking the Recommendations tile will launch a prioritized list.
  • 该列表中包含安全中心目前正在评估的“计算和应用”、“网络”、“数据安全性”以及“标识和访问”资源的清单以及每个项的安全局势。 An inventory of Compute & apps, Networking, Data security, and Identity & access resources that are now being assessed by Security Center along with the security posture of each.

若要充分利用安全中心,需要完成以下步骤升级到标准层,并安装 Azure Monitoring Agent。To take full advantage of Security Center, you need to complete the steps below to upgrade to the Standard tier and install the Azure Monitoring Agent.

升级到标准层Upgrade to the Standard tier

若要学习安全中心快速入门和教程,必须升级到标准层。For the purpose of the Security Center quickstarts and tutorials you must upgrade to the Standard tier. 有一个免费试用的安全中心标准版。There's a free trial of Security Center Standard. 若要了解详细信息,请参阅定价页To learn more, see the pricing page.

  1. 在“安全中心”主菜单下,选择“入门” 。Under the Security Center main menu, select Getting started.

    入门

  2. 在“升级” 下,安全中心将列出符合载入条件的订阅和工作区。Under Upgrade, Security Center lists subscriptions and workspaces eligible for onboarding.

    • 可以单击可展开的“申请试用” 来查看所有订阅和工作区的列表及其试用资格状态。You can click on the expandable Apply your trial to see a list of all subscriptions and workspaces with their trial eligibility status.
    • 你可以升级没有资格试用的订阅和工作区。You can upgrade subscriptions and workspaces that are not eligible for trial.
    • 可以选择符合试用条件的工作区和订阅来开始试用。You can select eligible workspaces and subscriptions to start your trial.
  3. 单击“开始试用” 在所选订阅上开始试用。Click Start trial to start your trial on the selected subscriptions.

安全警报

自动收集数据Automate data collection

安全中心从 Azure VM 和非 Azure 计算机收集数据以监视安全漏洞和威胁。Security Center collects data from your Azure VMs and non-Azure computers to monitor for security vulnerabilities and threats. 数据是使用 Azure Monitoring Agent 收集的,它从计算机中读取各种安全相关的配置和事件日志,然后将数据复制到工作区以进行分析。Data is collected using the Azure Monitoring Agent, which reads various security-related configurations and event logs from the machine and copies the data to your workspace for analysis. 默认情况下,安全中心会自动创建新工作区。By default, Security Center will create a new workspace for you.

启用自动预配后,安全中心会在所有受支持的 Azure VM 以及任何新建的 Azure VM 中安装 Azure Monitoring Agent。When automatic provisioning is enabled, Security Center installs the Azure Monitoring Agent on all supported Azure VMs and any new ones that are created. 我们强烈建议启用自动预配。Automatic provisioning is strongly recommended.

启用 Azure Monitoring Agent 自动预配的步骤:To enable automatic provisioning of the Azure Monitoring Agent:

  1. 在“安全中心”主菜单下,选择“定价和设置” 。Under the Security Center main menu, select Pricing & settings.
  2. 在订阅的行上,单击要更改其设置的订阅。On the row of the subscription, click on the subscription on which you'd like to change the settings.
  3. 在“数据收集” 选项卡上,将“自动预配” 设置为“开启”。 In the Data Collection tab, set Auto provisioning to On.
  4. 选择“保存”。 Select Save.

启用自动设置

根据针对 Azure VM 生成的这些新见解,安全中心可以提供与系统更新状态、OS 安全配置、终结点保护相关的其他建议,并生成其他安全警报。With this new insight into your Azure VMs, Security Center can provide additional Recommendations related to system update status, OS security configurations, endpoint protection, as well as generate additional Security alerts.

建议

清理资源Clean up resources

本系列中的其他快速入门和教程是在本快速入门的基础上制作的。Other quickstarts and tutorials in this collection build upon this quickstart. 如果打算继续学习后续的快速入门和教程,请继续运行“标准”层并让自动预配保持启用状态。If you plan to continue on to work with subsequent quickstarts and tutorials, continue running the Standard tier and keep automatic provisioning enabled. 如果不打算继续或想要返回到“免费”层,请执行以下操作:If you do not plan to continue or wish to return to the Free tier:

  1. 返回到“安全中心”主菜单,选择“定价和设置”。 Return to the Security Center main menu and select Pricing & settings.
  2. 单击要更改为免费层的订阅。Click on the subscription that you want to change to the free tier.
  3. 选择“定价层”并选择“免费”,将订阅从“标准”层更改为“免费”层。 Select Pricing tier and select Free to change subscription from Standard tier to Free tier.
  4. 选择“保存”。 Select Save.

如果希望禁用自动预配,请执行以下操作:If you wish to disable automatic provisioning:

  1. 返回到安全中心主菜单,选择“安全策略”。 Return to the Security Center main menu and select Security policy.
  2. 在希望禁用自动预配的订阅对应的行上,选择“编辑设置>”。 On the row of the subscription you want to disable automatic provisioning, select Edit settings>.
  3. 在“数据收集” 选项卡上,将“自动预配” 设置为“关闭”。 In the Data Collection tab, set Auto provisioning to Off.
  4. 选择“其他安全性验证” 。Select Save.

Note

禁用自动设置不会从已预配代理的 Azure VM 中删除 Azure Monitoring Agent。Disabling automatic provisioning does not remove the Azure Monitoring Agent from Azure VMs where the agent has been provisioned. 禁用自动设置会限制对资源的安全监视。Disabling automatic provisioning limits security monitoring for your resources.

后续步骤Next steps

在本快速入门中,我们已升级到标准层,并预配了 Azure Monitoring Agent,用于在混合云工作负荷之间进行统一的安全管理。In this quickstart you upgraded to Standard tier and provisioned the Azure Monitoring Agent for unified security management across your hybrid cloud workloads. 若要详细了解如何使用安全中心,请继续学习有关如何加入本地和其他云中的 Windows 计算机的快速入门。To learn more about how to use Security Center, continue to the quickstart for onboarding Windows computers that are on-premises and in other clouds.