整合 Cloud App Security 與 ZscalerIntegrate Cloud App Security with Zscaler

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

重要

Microsoft 的威脅防護產品名稱即將變更。Threat protection product names from Microsoft are changing. 如需有關此變更的詳細資訊與其他更新,請參閱這裡Read more about this and other updates here. 我們將在不久的將來更新產品與文件中的名稱。We'll be updating names in products and in the docs in the near future.

若您同時使用 Cloud App Security 與 Zscaler,您可以整合這兩個產品以加強您的安全性 Cloud Discovery 體驗。If you work with both Cloud App Security and Zscaler, you can integrate the two products to enhance your security Cloud Discovery experience. Zscaler 是獨立式雲端 Proxy,它會監視您組織的流量,讓您設定封鎖交易的原則。Zscaler, as a standalone cloud proxy, monitors your organization's traffic enabling you to set policies for blocking transactions. Cloud App Security 與 Zscaler 結合可提供下列功能:Together, Cloud App Security and Zscaler provide the following capabilities:

  • 無縫部署 Cloud Discovery 使用 Zscaler 來 proxy 您的流量,並將其傳送至 Cloud App Security。Seamless deployment of Cloud Discovery - Use Zscaler to proxy your traffic and send it to Cloud App Security. 這樣不需要在您的網路端點上安裝記錄收集器,就可以啟用 Cloud Discovery。This eliminates the need for installation of log collectors on your network endpoints to enable Cloud Discovery.
  • Zscaler 的封鎖功能會自動套用到您在 Cloud App Security 中設定為待批准的應用程式上。Zscaler's block capabilities are automatically applied on apps you set as unsanctioned in Cloud App Security.
  • 使用 Cloud App Security 適用於 200 個領先雲端應用程式的風險評定 (可直接從 Zscaler 入口網站檢視) 來加強 Zscaler 入口網站。Enhance your Zscaler portal with Cloud App Security's risk assessment for 200 leading cloud apps, which can be viewed directly in the Zscaler portal.

必要條件Prerequisites

  • Microsoft Cloud App Security 的有效授權,或 Azure Active Directory Premium P1 的有效授權A valid license for Microsoft Cloud App Security, or a valid license for Azure Active Directory Premium P1
  • 適用於 Zscaler Cloud 5.6 的有效授權A valid license for Zscaler Cloud 5.6
  • 有效的 Zscaler NSS 訂用帳戶An active Zscaler NSS subscription

部署Deployment

  1. 在 Zscaler 入口網站中,執行步驟以完成 Zscaler 合作夥伴與 Microsoft Cloud App Security 的整合In the Zscaler portal, do the steps to complete the Zscaler partner integration with Microsoft Cloud App Security.

  2. 在 Cloud App Security 入口網站中,執行下列整合步驟:In the Cloud App Security portal, do the following integration steps:

    1. 按一下 [設定] 齒輪,然後選取 [ Cloud Discovery 設定]。Click on the settings cog and select Cloud Discovery Settings.

    2. 按一下 [自動記錄上傳]**** 索引標籤,然後按一下 [加入資料來源]****。Click on the Automatic log upload tab and then click Add data source.

    3. 在 [加入資料來源]**** 頁面中,輸入下列設定:In the Add data source page, enter the following settings:

      • 名稱 = NSSName = NSS
      • 來源 = Zscaler QRadar LEEFSource = Zscaler QRadar LEEF
      • 接收器類型 = Syslog - UDPReceiver type = Syslog - UDP

      資料來源 Zscaler

      注意

      請確定資料來源的名稱為 NSS。Make sure the name of the data source is NSS. 如需設定 NSS 摘要的詳細資訊,請參閱 新增 CLOUD APP SECURITY nss摘要。For more information about setting up NSS feeds, see Adding Cloud App Security NSS Feeds.

    4. 按一下 [檢視所需記錄檔的範例]****。Click View sample of expected log file. 接著,按一下 [下載範例記錄檔]**** 以檢視範例探索記錄,並確定它符合您的記錄。Then click Download sample log to view a sample discovery log, and make sure it matches your logs.

  3. 調查在網路上探索到的雲端應用程式。Investigate cloud apps discovered on your network. 如需詳細資訊和調查步驟,請參閱使用 Cloud DiscoveryFor more information and investigation steps, see Working with Cloud Discovery.

  4. 您在 Cloud App Security 中設定為待批准的任何應用程式每小時都會被 Zscaler Ping 兩次,然後自動由 Zscaler 封鎖。Any app that you set as unsanctioned in Cloud App Security will be pinged by Zscaler every two hours, and then automatically blocked by Zscaler. 如需有關不批准應用程式的詳細資訊,請參閱批准/不批准應用程式For more information about unsanctioning apps, see Sanctioning/unsanctioning an app.

下一步Next steps

若您遇到任何問題,我們隨時提供協助。If you run into any problems, we're here to help. 若要取得產品問題的協助或支援,請建立支援票證To get assistance or support for your product issue, please open a support ticket.