適用於 SQL 的 Azure DefenderAzure Defender for SQL

適用於: Azure SQL Database Azure SQL 受控執行個體 Azure Synapse Analytics (SQL DW)

適用於 SQL 的 Azure Defender 是進階 SQL 安全性功能的整合套件。Azure Defender for SQL is a unified package for advanced SQL security capabilities. Azure Defender 適用于 Azure SQL Database、Azure SQL 受控執行個體和 Azure Synapse Analytics。Azure Defender is available for Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics. 其中包含的功能可用於探索和分類敏感性資料、找出潛在資料庫弱點並減低其風險,及偵測可能指出資料庫遇到威脅的異常活動。It includes functionality for discovering and classifying sensitive data, surfacing and mitigating potential database vulnerabilities, and detecting anomalous activities that could indicate a threat to your database. 此套件可讓您從單一的進入點位置啟用及管理前述功能。It provides a single go-to location for enabling and managing these capabilities.

概觀Overview

Azure Defender 提供一組先進的 SQL 安全性功能,包括 SQL 弱點評定和先進的威脅防護。Azure Defender provides a set of advanced SQL security capabilities, including SQL Vulnerability Assessment and Advanced Threat Protection.

  • 弱點評定 是一項易於設定的服務,可探索、追蹤及協助您補救潛在的資料庫弱點。Vulnerability Assessment is an easy-to-configure service that can discover, track, and help you remediate potential database vulnerabilities. 它會顯示您的安全性狀態,並包含可採取動作的步驟來解決安全性問題,並增強您的資料庫防護性。It provides visibility into your security state, and it includes actionable steps to resolve security issues and enhance your database fortifications.
  • 進階威脅防護偵測到異常活動,即表示有不尋常及可能有害的活動,試圖存取或惡意探索您的資料庫。Advanced Threat Protection detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit your database. 它會持續監視您的資料庫是否有可疑的活動,並針對潛在弱點、Azure SQL 插入式攻擊和異常資料庫存取模式提供立即的安全性警示。It continuously monitors your database for suspicious activities, and it provides immediate security alerts on potential vulnerabilities, Azure SQL injection attacks, and anomalous database access patterns. 進階威脅防護警示會提供可疑活動的詳細資料,以及如何調查與降低威脅的建議。Advanced Threat Protection alerts provide details of the suspicious activity and recommend action on how to investigate and mitigate the threat.

啟用適用于 SQL 的 Azure Defender 一次,以啟用所有這些包含的功能。Enable Azure Defender for SQL once to enable all these included features. 只要按一下,您就可以針對 Azure 中 伺服器 上或 SQL 受控執行個體中的所有資料庫啟用 Azure Defender。With one click, you can enable Azure Defender for all databases on your server in Azure or in your SQL Managed Instance. 啟用或管理 Azure Defender 設定需要屬於 SQL 安全性管理員 角色,或其中一個資料庫或伺服器管理員角色。Enabling or managing Azure Defender settings requires belonging to the SQL security manager role, or one of the database or server admin roles.

如需 Azure Defender for SQL 定價的詳細資訊,請參閱 Azure 資訊安全中心定價頁面For more information about Azure Defender for SQL pricing, see the Azure Security Center pricing page.

開始使用 Azure DefenderGetting started with Azure Defender

下列步驟可讓您開始使用 Azure Defender。The following steps get you started with Azure Defender.

啟用 Azure DefenderEnable Azure Defender

您可以透過 Azure 入口網站存取 Azure Defender。Azure Defender can be accessed through the Azure portal. 在您的伺服器或受控實例的 [安全性] 標題下流覽至 [ security center ],以啟用 Azure Defender。Enable Azure Defender by navigating to Security center under the Security heading for your server or managed instance.

注意

系統會自動建立並設定儲存體帳戶,以儲存您的 弱點評定 掃描結果。A storage account is automatically created and configured to store your Vulnerability Assessment scan results. 如果您已在相同資源群組和區域中的另一部伺服器上啟用 Azure Defender,則會使用現有的儲存體帳戶。If you've already enabled Azure Defender for another server in the same resource group and region, then the existing storage account is used.

Azure Defender 的成本與每個節點 Azure 資訊安全中心標準層定價一致,其中節點是整個伺服器或受控實例。The cost of Azure Defender is aligned with Azure Security Center standard tier pricing per node, where a node is the entire server or managed instance. 因此,您只需支付一次,即可使用 Azure Defender 保護伺服器或受控實例上的所有資料庫。You are thus paying only once for protecting all databases on the server or managed instance with Azure Defender. 您可以一開始就使用免費試用版來試用 Azure Defender。You can try Azure Defender out initially with a free trial.

開始追蹤弱點和調查威脅警示Start tracking vulnerabilities and investigating threat alerts

按一下 [弱點評估]**** 卡可檢視和管理弱點掃描和報告,以及追蹤您的安全性水準。Click the Vulnerability Assessment card to view and manage vulnerability scans and reports, and to track your security stature. 如果已收到安全性警示,請按一下 [ Advanced 威脅防護 卡] 以查看警示的詳細資料,並透過 [Azure 資訊安全中心安全性警示] 頁面,查看您 Azure 訂用帳戶中所有警示的匯總報告。If security alerts have been received, click the Advanced Threat Protection card to view details of the alerts and to see a consolidated report on all alerts in your Azure subscription via the Azure Security Center security alerts page.

管理 Azure Defender 設定Manage Azure Defender settings

若要查看及管理 Azure Defender 設定,請流覽至您伺服器或受控實例的 [安全性] 標題下的 [ security center ]。To view and manage Azure Defender settings, navigate to Security center under the Security heading for your server or managed instance. 在此頁面上,您可以啟用或停用 Azure Defender,以及修改整個伺服器或受控實例的弱點評定和先進的威脅防護設定。On this page, you can enable or disable Azure Defender, and modify vulnerability assessment and Advanced Threat Protection settings for your entire server or managed instance.

管理資料庫的 Azure Defender 設定Manage Azure Defender settings for a database

若要覆寫特定資料庫的 Azure Defender 設定,請核取 [在 資料庫層級啟用 Azure defender FOR SQL ] 核取方塊。To override Azure Defender settings for a particular database, check the Enable Azure Defender for SQL at the database level checkbox. 只有當您有特定的需求,可針對個別資料庫接收個別的 Advanced 威脅防護警示或弱點評定結果,而不是針對伺服器或受控實例上的所有資料庫接收警示和結果時,才使用此選項。Use this option only if you have a particular requirement to receive separate Advanced Threat Protection alerts or vulnerability assessment results for the individual database, in place of or in addition to the alerts and results received for all databases on the server or managed instance.

選取此核取方塊之後,您就可以設定此資料庫的相關設定。Once the checkbox is selected, you can then configure the relevant settings for this database.

您的伺服器或受控實例的 azure Defender for SQL 設定也可以從 Azure Defender 資料庫窗格連線。Azure Defender for SQL settings for your server or managed instance can also be reached from the Azure Defender database pane. 按一下 [主要 Azure Defender] 窗格中的 [ 設定 ],然後按一下 [ View AZURE defender for SQL server 設定]。Click Settings in the main Azure Defender pane, and then click View Azure Defender for SQL server settings.

後續步驟Next steps