適用於單一或集區資料庫的 Azure SQL Database 威脅偵測Azure SQL Database threat detection for single or pooled databases

適用於單一和集區資料庫的威脅偵測會偵測意圖存取或惡意探索資料庫,並可能造成損害的異常活動。Threat detection for single and pooled databases detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit databases. 威脅偵測可識別潛在 SQL 插入式攻擊來自不尋常位置或資料中心的存取來自不熟悉主體或疑似有害應用程式的存取暴力 SQL 認證 - 請參閱威脅偵測警示以取得更多詳細資料。Threat detection can identify Potential SQL injection, Access from unusual location or data center, Access from unfamiliar principal or potentially harmful application, and Brute force SQL credentials - see more details in threat detection alerts.

您可以透過電子郵件通知Azure 入口網站接收偵測到威脅的通知You can receive notifications about the detected threats via email notifications or Azure portal

威脅偵測進階資料安全性 (ADS) 供應項目的一部分,該供應項目是進階 SQL 安全性功能的整合套件。Threat detection is part of the advanced data security (ADS) offering, which is a unified package for advanced SQL security capabilities. 威脅偵測可以透過中央 SQL ADS 入口網站存取及管理。Threat detection can be accessed and managed via the central SQL ADS portal. 進階資料安全性套件的費用是每部邏輯伺服器每月 15$,前 30 天免費。The advanced data security package is charged 15$/month per Logical Server, with the first 30 days free of charge.

使用 Azure 入口網站為資料庫設定威脅偵測Set up threat detection for your database in the Azure portal

  1. https://portal.azure.com 上啟動 Azure 入口網站。Launch the Azure portal at https://portal.azure.com.

  2. 瀏覽至所要保護的 Azure SQL Database 伺服器的組態頁面。Navigate to the configuration page of the Azure SQL Database server you want to protect. 在 [安全性] 設定中,選取 [進階資料安全性] 。In the security settings, select Advanced Data Security.

  3. 在 [進階資料安全性] 組態頁面上:On the Advanced Data Security configuration page:

    • 在伺服器上啟用進階資料安全性。Enable advanced data security on the server.
    • 在 [威脅偵測設定] 的 [傳送警示給] 文字方塊中,提供要在偵測到異常資料庫活動時收到安全性警示的電子郵件清單。In Threat Detection Settings, in the Send alerts to text box, provide the list of emails to receive security alerts upon detection of anomalous database activities.

    設定威脅偵測

使用 PowerShell 設定威脅偵測Set up threat detection using PowerShell

如需指令碼範例,請參閱使用 PowerShell 設定稽核與威脅偵測For a script example, see Configure auditing and threat detection using PowerShell.

後續步驟Next steps