查看安全建议Review your security recommendations

本主题说明如何查看和了解 Azure 安全中心内的建议,以帮助你保护 Azure 资源。This topic explains how to view and understand the recommendations in Azure Security Center to help you protect your Azure resources.

监视建议 Monitor recommendations

安全中心将分析资源的安全状态,以识别潜在的漏洞。Security Center analyzes the security state of your resources to identify potential vulnerabilities.

  1. 在安全中心的菜单中,打开“建议”页,查看适用于你的环境的建议。From Security Center's menu, open the Recommendations page to see the recommendations applicable to your environment. 建议会被分组到各项安全控制中。Recommendations are grouped into security controls.

    建议会按安全控制分组

  2. 若要查找特定于资源类型、严重性、环境或其他对你很重要的条件的建议,请使用建议列表上方的可选筛选器。To find recommendations specific to the resource type, severity, environment, or other criteria that are important to you, use the optional filters above the list of recommendations.

    用于优化 Azure 安全中心建议列表的筛选器

  3. 展开一项控制并选择特定的建议,以查看建议详细信息页。Expand a control and select a specific recommendation to view the recommendation details page.

    建议详细信息页。

    该页面包括:The page includes:

    1. 对于支持的建议,顶部工具栏将显示以下任意或所有按钮:For supported recommendations, the top toolbar shows any or all of the following buttons:
      • 查看策略定义,用于直接进入基础策略的 Azure 策略条目View policy definition to go directly to the Azure Policy entry for the underlying policy
    2. 严重性指标Severity indicator
    3. 刷新间隔(如果相关)Freshness interval (where relevant)
    4. 描述 - 问题简述Description - A short description of the issue
    5. 修正步骤 - 修正受影响资源的安全问题时所需的手动步骤的说明。Remediation steps - A description of the manual steps required to remediate the security issue on the affected resources. 对于带有“快速修复”的建议,可以先选择“查看修正逻辑”,然后再为资源应用建议的修补程序。For recommendations with 'quick fix', you can select View remediation logic before applying the suggested fix to your resources.
    6. 受影响的资源 - 资源会分组到不同的选项卡中:Affected resources - Your resources are grouped into tabs:
      • 正常资源 - 相关的资源,这些资源要么未受影响,要么已经修正了问题。Healthy resources - Relevant resources which either aren't impacted or on which you've already remediated the issue.

      • 不正常的资源 - 已标识的问题仍会影响的资源。Unhealthy resources - Resources which are still impacted by the identified issue.

      • 不适用的资源 - 建议无法为其提供明确答案的资源。Not applicable resources - Resources for which the recommendation can't give a definitive answer. “不适用”选项卡还会为每个资源提供原因。The not applicable tab also includes reasons for each resource.

        不适用的资源及其原因。

    7. 用于修正建议或触发逻辑应用的操作按钮。Action buttons to remediate the recommendation or trigger a logic app.

预览建议Preview recommendations

计算安全分数时不包括标记为“预览”的建议。Recommendations flagged as Preview aren't included in the calculations of your secure score.

仍应尽可能按这些建议修正,以便在预览期结束时,它们会有助于提升评分。They should still be remediated wherever possible, so that when the preview period ends they'll contribute towards your score.

预览建议示例如下:An example of a preview recommendation:

带有预览标志的建议

后续步骤Next steps

在本文档中,已向你介绍安全中心的安全建议。In this document, you were introduced to security recommendations in Security Center. 如需相关信息:For related information: