Azure 安全中心的安全建议Security recommendations in Azure Security Center

本主题说明如何查看和了解 Azure 安全中心内的建议,以帮助你保护 Azure 资源。This topic explains how to view and understand the recommendations in Azure Security Center to help you protect your Azure resources.

安全建议是什么?What are security recommendations?

建议是为了保护资源而要采取的措施。Recommendations are actions for you to take in order to secure your resources.

安全中心会定期分析 Azure 资源的安全状态,以识别潜在的安全漏洞。Security Center periodically analyzes the security state of your Azure resources to identify potential security vulnerabilities. 然后会提供有关如何消除这些安全漏洞的建议。It then provides you with recommendations on how to remediate those vulnerabilities.

每项建议都提供:Each recommendation provides you with:

  • 问题的简短说明A short description of the issue
  • 为实施建议而要执行的修正步骤The remediation steps to carry out in order to implement the recommendation
  • 受影响的资源The affected resources

监视建议 Monitor recommendations

安全中心将分析资源的安全状态,以识别潜在的漏洞。Security Center analyzes the security state of your resources to identify potential vulnerabilities.

  1. 在安全中心的菜单中,打开“建议”页,查看适用于你的环境的建议。From Security Center's menu, open the Recommendations page to see the recommendations applicable to your environment. 建议会被分组到各项安全控制中。Recommendations are grouped into security controls.


  2. 展开一项控制并选择特定的建议,以查看建议详细信息页。Expand a control and select a specific recommendation to view the recommendation details page.


    该页面包括:The page includes:

    1. 严重性指标Severity indicator
    2. 刷新间隔(如果相关)Freshness interval (where relevant)
    3. 描述 - 问题简述Description - A short description of the issue
    4. 修正步骤 - 修正受影响资源的安全问题时所需的手动步骤的说明。Remediation steps - A description of the manual steps required to remediate the security issue on the affected resources. 对于带有“快速修复”的建议,可以先选择“查看修正逻辑”,然后再为资源应用建议的修补程序。For recommendations with 'quick fix', you can select View remediation logic before applying the suggested fix to your resources.
    5. 受影响的资源 - 资源会分组到不同的选项卡中:Affected resources - Your resources are grouped into tabs:
      • 正常资源 - 相关的资源,这些资源要么未受影响,要么已经修正了问题。Healthy resources - Relevant resources which either aren't impacted or on which you've already remediated the issue.

      • 不正常的资源 - 已标识的问题仍会影响的资源。Unhealthy resources - Resources which are still impacted by the identified issue.

      • 不适用的资源 - 建议无法为其提供明确答案的资源。Not applicable resources - Resources for which the recommendation can't give a definitive answer. “不适用”选项卡还会为每个资源提供原因。The not applicable tab also includes reasons for each resource.


    6. 用于修正建议或触发逻辑应用的操作按钮。Action buttons to remediate the recommendation or trigger a logic app.

预览建议Preview recommendations

计算安全分数时不包括标记为“预览”的建议。Recommendations flagged as Preview aren't included in the calculations of your secure score.

仍应尽可能按这些建议修正,以便在预览期结束时,它们会有助于提升评分。They should still be remediated wherever possible, so that when the preview period ends they'll contribute towards your score.

预览建议示例如下:An example of a preview recommendation:


后续步骤Next steps

在本文档中,已向你介绍安全中心的安全建议。In this document, you were introduced to security recommendations in Security Center. 如需相关信息:For related information: