Azure 安全中心的安全建议Security recommendations in Azure Security Center

本主题说明如何查看和了解 Azure 安全中心内的建议,以帮助你保护 Azure 资源。This topic explains how to view and understand the recommendations in Azure Security Center to help you protect your Azure resources.

备注

本文档将使用示例部署介绍该服务。This document introduces the service by using an example deployment. 本文档不是一份分步指南。This document is not a step-by-step guide.

安全建议是什么?What are security recommendations?

建议是为了保护资源而要采取的措施。Recommendations are actions for you to take in order to secure your resources.

安全中心会定期分析 Azure 资源的安全状态,以识别潜在的安全漏洞。Security Center periodically analyzing the security state of your Azure resources to identify potential security vulnerabilities. 然后向你提供有关如何删除这些安全漏洞的建议。It then provides you with recommendations on how to remove them.

每项建议都提供:Each recommendation provides you with:

  • 建议的简短说明。A short description of what is being recommended.
  • 为实施建议而要执行的补救步骤。The remediation steps to carry out in order to implement the recommendation.
  • 哪些资源需要你对其执行建议的操作。Which resources are in need of you performing the recommended action on them.
  • 安全功能分数影响,这是如果你实施此建议,安全功能分数将增加的数量。The Secure Score impact, which is the amount that your Secure Score will go up if you implement this recommendation.

监视建议 Monitor recommendations

安全中心将分析资源的安全状态,以识别潜在的漏洞。Security Center analyzes the security state of your resources to identify potential vulnerabilities. “概述”下的“建议”磁贴显示了安全中心列出的建议总数。The Recommendations tile under Overview shows the total number of recommendations identified by Security Center.

安全中心概述

  1. 选择“概述”下的“建议”磁贴。Select the Recommendations tile under Overview. 这会打开“建议”列表。The Recommendations list opens.

    查看建议

    可筛选建议。You can filter recommendations. 要筛选建议,请选择“建议”边栏选项卡上的“筛选器”。 To filter the recommendations, select Filter on the Recommendations blade. 此时会打开“筛选器”边栏选项卡,选择要查看严重性和状态值。The Filter blade opens and you select the severity and state values you wish to see.

    • 建议:建议。RECOMMENDATIONS: The recommendation.
    • 安全功能分数影响:安全中心使用你的安全建议并应用高级算法来确定每个建议的重要性而生成的分数。SECURE SCORE IMPACT: A score generated by Security Center using your security recommendations, and applying advanced algorithms to determine how crucial each recommendation is. 有关详细信息,请参阅安全功能分数计算For more information, see Secure Score calculation.
    • 资源:列出了此建议适用的资源。RESOURCE: Lists the resources to which this recommendation applies.
    • 状态栏:描述该特定建议的严重性:STATUS BARS: Describes the severity of that particular recommendation:
      • 高(红色) :重要资源(如应用程序、VM 或网络安全组)存在漏洞,需要提请注意。High (Red): A vulnerability exists with a meaningful resource (such as an application, a VM, or a network security group) and requires attention.
      • 中等(橙色) :存在漏洞,需要采取非关键步骤或额外步骤来消除它或完成某个过程。Medium (Orange): A vulnerability exists and non-critical or additional steps are required to eliminate it or to complete a process.
      • 低(蓝色) :存在需要解决的漏洞,但不需立即处理。Low (Blue): A vulnerability exists that should be addressed but does not require immediate attention. (默认情况下,不显示严重性低的建议,但如果用户需要查看这些建议,可以将其筛选出来。)(By default, low recommendations aren't presented, but you can filter on low recommendations if you want to see them.)
      • 正常(绿色)Healthy (Green):
      • 不可用(灰色)Not Available (Grey):
  2. 若要查看每个建议的详细信息,请单击该建议。To view each recommendation's details, click on the recommendation.

    建议详细信息

备注

有关 Azure 资源,请参阅经典和资源管理器部署模型See classic and Resource Manager deployment models for Azure resources.