雲端提供的保護與 Microsoft Defender 防毒軟體Cloud-delivered protection and Microsoft Defender Antivirus

適用於:Applies to:

Microsoft Defender 防毒軟體中的下一代技術提供近乎即時、自動防護,以防禦新的和新興的威脅。Next-generation technologies in Microsoft Defender Antivirus provide near-instant, automated protection against new and emerging threats. 若要以動態方式識別新威脅,下一代技術可使用 Microsoft 智慧型 Security Graph 和強大的人工智慧 (AI) 由「高級機器學習模型」所驅動的系統中的大量相互關聯的資料。To identify new threats dynamically, next-generation technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models. Microsoft Defender 防毒軟體會使用多個偵測及防護技術來提供準確、即時和智慧的保護。Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection.

Microsoft Defender 防毒軟體與 Microsoft 雲端服務無縫運作。Microsoft Defender Antivirus works seamlessly with Microsoft cloud services. 這些雲端保護服務也稱為 Microsoft Advanced Protection Service (對應) 、增強標準即時保護,可提供最佳的病毒防護。These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense.

注意

Microsoft Defender 防毒軟體 cloud service 是一種機制,可將更新的保護傳遞到網路和端點。The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. 做為雲端服務,不只是保護儲存在雲端中的檔案;相反地,雲端服務會使用分散式資源和機器教學,以比傳統的安全性智慧更新更快的速率來提供對端點的保護。As a cloud service, it is not simply protection for files stored in the cloud; instead, the cloud service uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional security intelligence updates.

透過雲端提供的保護,下一代技術可提供新威脅的快速識別,有時甚至在單一機器遭到感染之前。With cloud-delivered protection, next-generation technologies provide rapid identification of new threats, sometimes even before a single machine is infected. 下列博客文章說明雲端傳送保護的運作方式:The following blog posts illustrate how cloud-delivered protection works:

如何取得雲端提供的保護How to get cloud-delivered protection

預設會啟用已啟用雲端功能的保護。Cloud-delivered protection is enabled by default. 不過,如果它已停用為舊版組織原則的一部分,您可能需要重新啟用此功能。However, you may need to re-enable it if it has been disabled as part of previous organizational policies. 若要深入瞭解,請參閱 開啟雲端提供的保護To learn more, see Turn on cloud-delivered protection.

執行 Windows 10 E5 的組織也可以利用緊急的動態智慧更新,其可提供離新興威脅的接近即時防護。Organizations running Windows 10 E5 can also take advantage of emergency dynamic intelligence updates, which provide near real-time protection from emerging threats. 當您開啟雲端提供的保護時,惡意程式碼問題的修復程式可在幾分鐘內透過雲端傳送,而不是等待下一個更新。When you turn on cloud-delivered protection, fixes for malware issues can be delivered via the cloud within minutes, instead of waiting for the next update. 設定 Microsoft Defender 防毒軟體,根據雲端服務的報告自動接收新的保護更新Configure Microsoft Defender Antivirus to automatically receive new protection updates based on reports from our cloud service.

提示

流覽demo.wd.microsoft.com的 Windows Defender Testground 網站,確認該功能是否正常運作,並查看其運作方式。Visit the Windows Defender Testground website at demo.wd.microsoft.com to confirm the feature is working and see how it works.

後續步驟Next steps

  1. 啟用雲端提供的保護Enable cloud-delivered protection. 您可以使用現在包含 Microsoft Endpoint Configuration Manager 和 Microsoft Intune) 、群組原則或 PowerShell Cmdlet 的 Microsoft 端點管理員 (來啟用雲端提供的保護。You can enable cloud-delivered protection with Microsoft Endpoint Manager (which now includes Microsoft Endpoint Configuration Manager and Microsoft Intune), Group Policy, or PowerShell cmdlets.

  2. 指定雲端提供的保護層級Specify the cloud-delivered protection level. 您可以使用 Microsoft 端點管理員或群組原則指定雲端所提供的保護層級。You can specify the level of protection offered by the cloud by using Microsoft Endpoint Manager or Group Policy. 保護層級會影響與雲端共用的資訊數量,以及封鎖積極的新檔案的方式。The protection level affects the amount of information shared with the cloud and how aggressively new files are blocked.

  3. 設定及驗證 Microsoft Defender 防毒軟體的網路連接Configure and validate network connections for Microsoft Defender Antivirus. 您的網路和端點必須能夠連線,才能讓雲端提供的保護有效地運作。 URLsThere are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. 本文列出應該透過防火牆或網路篩選規則所允許的 URLs,以及確認網路是否已正確註冊雲端傳送保護中的指示。This article lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.

  4. 設定「初次看到時封鎖」功能Configure the "block at first sight" feature. 「第一次看到的封鎖」功能可以在數秒內封鎖新的惡意程式碼,而不需要等候傳統安全性情報的時間。The "block at first sight" feature can block new malware within seconds, without having to wait hours for traditional Security intelligence. 您可以使用 Microsoft 端點管理員或群組原則來啟用及設定它。You can enable and configure it by using Microsoft Endpoint Manager or Group Policy.

  5. 設定雲端封鎖超時期限Configure the cloud block timeout period. Microsoft Defender 防毒軟體可以封鎖可疑檔案的執行,同時查詢我們的雲端提供的保護服務。Microsoft Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. 您可以使用 Microsoft 端點管理員或群組原則來設定禁止執行檔案的時間長度。You can configure the amount of time the file will be prevented from running by using Microsoft Endpoint Manager or Group Policy.