快速入門:將 Azure 訂用帳戶上架到資訊安全中心的標準層Quickstart: Onboard your Azure subscription to Security Center Standard

Azure 資訊安全中心為混合式雲端工作負載提供統一的安全性管理和威脅防護。Azure Security Center provides unified security management and threat protection across your hybrid cloud workloads. 免費層只為 Azure 資源提供有限的安全性,而標準層會將這些功能延伸至內部部署與其他雲端。While the Free tier offers limited security for your Azure resources only, the Standard tier extends these capabilities to on-premises and other clouds. 資訊安全中心的標準層可協助您尋找和修正安全性弱點、套用存取和應用程式控制項以封鎖惡意活動、使用分析和情報來偵測威脅,以及在遭受攻擊時迅速回應。Security Center Standard helps you find and fix security vulnerabilities, apply access and application controls to block malicious activity, detect threats using analytics and intelligence, and respond quickly when under attack. 您可以免費試用資訊安全中心標準層。You can try Security Center Standard at no cost. 若要深入了解,請參閱價格頁面To learn more, see the pricing page.

在本文中,您可升級到標準層以取得額外的安全性,並且在您的虛擬機器上安裝 Microsoft Monitoring Agent 以監視安全性弱點和威脅。In this article, you upgrade to the Standard tier for added security and install the Microsoft Monitoring Agent on your virtual machines to monitor for security vulnerabilities and threats.

必要條件Prerequisites

若要開始使用資訊安全中心,您必須有 Microsoft Azure 訂用帳戶。To get started with Security Center, you must have a subscription to Microsoft Azure. 如果您沒有訂用帳戶,可以註冊免費帳戶If you do not have a subscription, you can sign up for a free account.

若要將訂用帳戶升級到標準層,您必須取得「訂用帳戶擁有者」、「訂用帳戶參與者」或「安全性管理員」角色。To upgrade a subscription to the Standard tier, you must be assigned the role of Subscription Owner, Subscription Contributor, or Security Admin.

啟用您的 Azure 訂用帳戶Enable your Azure subscription

  1. 登入 Azure 入口網站Sign into the Azure portal.

  2. 在 [Microsoft Azure] 功能表中,選取 [資訊安全中心]。On the Microsoft Azure menu, select Security Center. [資訊安全中心 - 概觀] 隨即開啟。Security Center - Overview opens.

    資訊安全中心概觀

[資訊安全中心 - 概觀] 可讓您統一檢視混合式雲端工作負載的安全性狀態、探索並評定工作負載的安全性,以及識別和降低風險。Security Center – Overview provides a unified view into the security posture of your hybrid cloud workloads, enabling you to discover and assess the security of your workloads and to identify and mitigate risk. 資訊安全中心會自動啟用先前並未由您或另一個訂用帳戶使用者上架到免費層的任何 Azure 訂用帳戶。Security Center automatically enables any of your Azure subscriptions not previously onboarded by you or another subscription user to the Free tier.

按一下 [訂用帳戶] 功能表項目,即可檢視和篩選訂用帳戶清單。You can view and filter the list of subscriptions by clicking the Subscriptions menu item. 資訊安全中心會立即開始評估這些訂用帳戶的安全性,以識別安全性弱點。Security Center will now begin assessing the security of these subscriptions to identify security vulnerabilities. 若要自訂評定的類型,您可以修改安全性原則。To customize the types of assessments, you can modify the security policy. 安全性原則會定義工作負載的所需設定,並且協助確保符合公司或法規安全性需求。A security policy defines the desired configuration of your workloads and helps ensure compliance with company or regulatory security requirements.

在第一次啟動資訊安全中心的數分鐘內,您可能看到:Within minutes of launching Security Center the first time, you may see:

  • 改善 Azure 訂用帳戶安全性的 [建議]。Recommendations for ways to improve the security of your Azure subscriptions. 按一下 [建議] 圖格會啟動已設定優先順序的清單。Clicking the Recommendations tile will launch a prioritized list.
  • 資訊安全中心正在評估的 [計算和應用程式]、[網路]、[資料安全性] 和 [身分識別與存取權] 資源的詳細目錄,以及每項資源的安全性狀態。An inventory of Compute & apps, Networking, Data security, and Identity & access resources that are now being assessed by Security Center along with the security posture of each.

若要充分利用資訊安全中心,您需要完成下列步驟,才能升級到標準層並安裝 Microsoft Monitoring Agent。To take full advantage of Security Center, you need to complete the steps below to upgrade to the Standard tier and install the Microsoft Monitoring Agent.

升級至標準層Upgrade to the Standard tier

基於資訊安全中心快速入門和教學課程的目的,您必須升級至標準層。For the purpose of the Security Center quickstarts and tutorials you must upgrade to the Standard tier. 資訊安全中心標準層有免費試用。There's a free trial of Security Center Standard. 若要深入了解,請參閱價格頁面To learn more, see the pricing page.

  1. 在 [資訊安全中心] 主功能表下,選取 [開始使用]。Under the Security Center main menu, select Getting started.

    開始使用

  2. 在 [升級] 下,資訊安全中心會列出符合上架資格的訂用帳戶和工作區。Under Upgrade, Security Center lists subscriptions and workspaces eligible for onboarding.

    • 您可以按一下可擴展的 [適用試用版] 以查看所有訂用帳戶和工作區的清單與其試用版的資格狀態。You can click on the expandable Apply your trial to see a list of all subscriptions and workspaces with their trial eligibility status.
    • 您可以將沒有資格使用試用版的訂用帳戶和工作區升級。You can upgrade subscriptions and workspaces that are not eligible for trial.
    • 您可以選取符合資格的工作區和訂用帳戶來啟動試用版。You can select eligible workspaces and subscriptions to start your trial.
  3. 按一下 [啟動試用版] 來啟動所選訂用帳戶上的試用版。Click Start trial to start your trial on the selected subscriptions.

安全性警示

自動收集資料Automate data collection

資訊安全中心會從您的 Azure 虛擬機器和非 Azure 電腦收集資料,以監視安全性漏洞與威脅。Security Center collects data from your Azure VMs and non-Azure computers to monitor for security vulnerabilities and threats. 資料是使用 Microsoft Monitoring Agent 收集而得,收集的方式是讀取機器的各種安全性相關組態和事件記錄,並將資料複製到工作區進行分析。Data is collected using the Microsoft Monitoring Agent, which reads various security-related configurations and event logs from the machine and copies the data to your workspace for analysis. 根據預設,資訊安全中心會為您建立新的工作區。By default, Security Center will create a new workspace for you.

啟用自動佈建時,資訊安全中心會在所有支援的 Azure 虛擬機器和任何新建立的虛擬機器上安裝 Microsoft Monitoring Agent。When automatic provisioning is enabled, Security Center installs the Microsoft Monitoring Agent on all supported Azure VMs and any new ones that are created. 強烈建議使用自動佈建。Automatic provisioning is strongly recommended.

若要啟用 Microsoft Monitoring Agent 的自動佈建:To enable automatic provisioning of the Microsoft Monitoring Agent:

  1. 在 [資訊安全中心] 主功能表下,選取 [安全性原則]。Under the Security Center main menu, select Security Policy.
  2. 在訂用帳戶的資料列,選取 [編輯設定] >。On the row of the subscription, select Edit settings>.
  3. 在 [資料收集] 索引標籤中,將 [自動佈建] 設定為 [開啟]。In the Data Collection tab, set Auto provisioning to On.
  4. 選取 [ 儲存]。Select Save.

啟用自動佈建

利用 Azure 虛擬機器的這項深入解析,資訊安全中心可提供與系統更新狀態、作業系統安全性組態、端點防護相關的額外建議,以及產生額外的安全性警示。With this new insight into your Azure VMs, Security Center can provide additional Recommendations related to system update status, OS security configurations, endpoint protection, as well as generate additional Security alerts.

建議

清除資源Clean up resources

此集合中的其他快速入門和教學課程會以本快速入門為基礎。Other quickstarts and tutorials in this collection build upon this quickstart. 如果您打算繼續處理後續的快速入門和教學課程,請繼續執行標準層,並保持將自動佈建維持為啟用狀態。If you plan to continue on to work with subsequent quickstarts and tutorials, continue running the Standard tier and keep automatic provisioning enabled. 如果您不打算繼續,或是要返回免費層:If you do not plan to continue or wish to return to the Free tier:

  1. 返回 [資訊安全中心] 主功能表,並選取 [安全性原則]。Return to the Security Center main menu and select Security Policy.
  2. 在您想要免費返回的訂用帳戶資料列上,選取 [編輯設定]>。On the row of the subscription that you want to return to free, select Edit settings>.
  3. 選取 [定價層] 和 [免費] 以將訂用帳戶從標準層變更為免費層。Select Pricing tier and select Free to change subscription from Standard tier to Free tier.
  4. 選取 [ 儲存]。Select Save.

如果您需要停用自動佈建:If you wish to disable automatic provisioning:

  1. 返回 [資訊安全中心] 主功能表,並選取 [安全性原則]。Return to the Security Center main menu and select Security policy.
  2. 在您想要停用自動佈建的訂用帳戶資料列上,選取 [編輯設定]>。On the row of the subscription you want to disable automatic provisioning, select Edit settings>.
  3. 在 [資料收集] 索引標籤中,將 [自動佈建] 設定為 [關閉]。In the Data Collection tab, set Auto provisioning to Off.
  4. 選取 [ 儲存]。Select Save.

注意

停用自動佈建不會從已佈建代理程式的 Azure VM 移除 Microsoft Monitoring Agent。Disabling automatic provisioning does not remove the Microsoft Monitoring Agent from Azure VMs where the agent has been provisioned. 停用自動佈建會限制對資源的安全性監視。Disabling automatic provisioning limits security monitoring for your resources.

後續步驟Next steps

在本快速入門中,您已升級到標準層並且佈建 Microsoft Monitoring Agent,可取得各項混合式雲端工作負載的整合式安全性管理和威脅防護。In this quickstart you upgraded to Standard tier and provisioned the Microsoft Monitoring Agent for unified security management and threat protection across your hybrid cloud workloads. 若要深入了解如何使用資訊安全中心,請繼續進行將內部部署和其他雲端中的 Windows 電腦上架的快速入門。To learn more about how to use Security Center, continue to the quickstart for onboarding Windows computers that are on-premises and in other clouds.