在 Azure 安全中心修正建议Remediate recommendations in Azure Security Center

建议提供了有关如何更好地保护资源的意见。Recommendations give you suggestions on how to better secure your resources. 可以按照建议中提供的修正步骤来实施建议。You implement a recommendation by following the remediation steps provided in the recommendation.

修正步骤Remediation steps

在查看完所有建议后,决定先修正哪一建议。After reviewing all the recommendations, decide which one to remediate first. 建议使用安全分数影响来帮助确定首先要执行的操作。We recommend that you use the Secure Score impact to help prioritize what to do first.

  1. 从列表中单击建议。From the list, click the recommendation.

  2. 按照“修正步骤”部分中的说明进行操作。Follow the instructions in the Remediation steps section. 每个建议都有其自己的一组指令。Each recommendation has its own set of instructions. 以下屏幕截图显示了一些修正步骤,这些步骤用于将应用程序配置为仅允许通过 HTTPS 传输的流量。The following screenshot shows remediation steps for configuring applications to only allow traffic over HTTPS.

    建议详细信息

  3. 完成后,将显示一条通知,告知你修正是否成功。Once completed, a notification appears informing you if the remediation succeeded.

“快速修复”修正Quick Fix remediation

快速修复使你能够针对多个资源快速修正某个建议。Quick Fix enables you to quickly remediate a recommendation on multiple resources. 它仅可用于特定的建议。It's only available for specific recommendations. 快速修复可简化修正,使你能够快速增加你的安全分数,提高环境的安全性。Quick Fix simplifies remediation and enables you to quickly increase your Secure Score, improving your environment's security.

若要实现“快速修复”修正,请执行以下操作:To implement Quick Fix remediation:

  1. 在带有“快速修复!”标签的建议的列表中,From the list of recommendations that have the Quick Fix! 单击建议。label, click on the recommendation.

    选择“快速修复!”Select Quick Fix!

  2. 从“不正常的资源”选项卡上,选择要对其实施建议的资源,然后单击“修正”。From the Unhealthy resources tab, select the resources that you want to implement the recommendation on, and click Remediate.

    备注

    列出的某些资源可能已禁用,因为你没有相应的权限,无法修改它们。Some of the listed resources might be disabled, because you don't have the appropriate permissions to modify them.

  3. 在确认框中,阅读修正详细信息和影响。In the confirmation box, read the remediation details and implications.

    快速修复

    备注

    影响在单击“修正”后打开的“修正资源”窗口的灰色框中列出。The implications are listed in the grey box in the Remediate resources window that opens after clicking Remediate. 其中列出了在继续进行“快速修复”修正时会发生哪些更改。They list what changes happen when proceeding with the Quick Fix remediation.

  4. 请插入相关参数(如有必要),并批准修正。Insert the relevant parameters if necessary, and approve the remediation.

    备注

    修正完成后可能需要几分钟时间,才能在“正常的资源”选项卡中看到资源。若要查看修正操作,请查阅活动日志It can take several minutes after remediation completes to see the resources in the Healthy resources tab. To view the remediation actions, check the activity log.

  5. 完成后,将显示一条通知,告知你修正是否成功。Once completed, a notification appears informing you if the remediation succeeded.

活动日志中的“快速修复”修正日志记录 Quick Fix remediation logging in the activity log

修正操作使用模板部署或 REST PATCH API 调用,将配置应用于资源。The remediation operation uses a template deployment or REST PATCH API call to apply the configuration on the resource. 这些操作记录在 Azure 活动日志中。These operations are logged in Azure activity log.

后续步骤Next steps

在本文档中,已向你介绍了如何在安全中心修正建议。In this document, you were shown how to remediate recommendations in Security Center. 若要了解有关安全中心的详细信息,请参阅以下主题:To learn more about Security Center, see the following topics: