Defender for Endpoint 中的 Microsoft Cloud App Security 概述Microsoft Cloud App Security in Defender for Endpoint overview


某些信息与预发布的产品有关,在商业发布之前可能有重大修改。Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft 对此处所提供的信息不作任何明示或默示的保证。Microsoft makes no warranties, express or implied, with respect to the information provided here.

适用于:Applies to:

想要体验 Microsoft Defender for Endpoint?Want to experience Microsoft Defender for Endpoint? 注册免费试用版。Sign up for a free trial.

Microsoft Cloud App Security (Cloud App Security) 是一个全面的解决方案,通过允许您控制和限制对云应用的访问权限,同时对云中存储的数据强制执行合规性要求,可了解云应用和服务。Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that gives visibility into cloud apps and services by allowing you to control and limit access to cloud apps, while enforcing compliance requirements on data stored in the cloud. 有关详细信息,请参阅Cloud App Security。For more information, see Cloud App Security.


此功能随 E5 许可证一起提供,适用于运行 Windows 10 版本 1809 或更高版本的设备上企业移动性 + 安全性。This feature is available with an E5 license for Enterprise Mobility + Security on devices running Windows 10 version 1809 or later.

Microsoft Defender for Endpoint 和 Cloud App Security 集成Microsoft Defender for Endpoint and Cloud App Security integration

Cloud App Security 发现依赖于从企业防火墙和代理服务器转发到它的云流量日志。Cloud App Security discovery relies on cloud traffic logs being forwarded to it from enterprise firewall and proxy servers. Microsoft Defender for Endpoint 通过收集和转发所有云应用网络活动与 Cloud App Security 集成,从而提供云应用使用情况的可见度。Microsoft Defender for Endpoint integrates with Cloud App Security by collecting and forwarding all cloud app networking activities, providing unparalleled visibility to cloud app usage. 监控功能内置于设备中,可提供网络活动的完全覆盖。The monitoring functionality is built into the device, providing complete coverage of network activity.

集成对现有云应用安全发现提供了以下重大改进:The integration provides the following major improvements to the existing Cloud App Security discovery:

  • 可在任何位置使用 - 由于网络活动直接从终结点收集,因此无论设备位于公司网络内部还是外部,设备都可用,因为它不再依赖于通过企业防火墙或代理服务器路由的流量。Available everywhere - Since the network activity is collected directly from the endpoint, it's available wherever the device is, on or off corporate network, as it's no longer depended on traffic routed through the enterprise firewall or proxy servers.

  • 开箱即用,无需配置 - 将云流量日志转发到 Cloud App Security 需要防火墙和代理服务器配置。Works out of the box, no configuration required - Forwarding cloud traffic logs to Cloud App Security requires firewall and proxy server configuration. 借助 Defender for Endpoint 和 Cloud App Security 集成,无需任何配置。With the Defender for Endpoint and Cloud App Security integration, there's no configuration required. 只需在 Microsoft Defender 安全中心设置中打开它,你可继续操作。Just switch it on in Microsoft Defender Security Center settings and you're good to go.

  • 设备上下文 - 云流量日志缺少设备上下文。Device context - Cloud traffic logs lack device context. Defender for Endpoint 网络活动通过设备上下文报告 (哪些设备访问了云应用) ,因此你能够准确了解 (设备) 网络活动的发生位置,以及执行网络活动的 () 用户。Defender for Endpoint network activity is reported with the device context (which device accessed the cloud app), so you are able to understand exactly where (device) the network activity took place, in addition to who (user) performed it.

有关云发现详细信息,请参阅 使用发现的应用For more information about cloud discovery, see Working with discovered apps.