แก้ไข

แชร์ผ่าน


Tutorial: Investigate the health of your resources

The resource health page provides a snapshot view of the overall health of a single resource. You can review detailed information about the resource and all recommendations that apply to that resource. Also, if you're using any of the advanced protection plans of Microsoft Defender for Cloud, you can see outstanding security alerts for that specific resource too.

This single page, in Defender for Cloud's portal pages shows:

  1. Resource information - The resource group and subscription it's attached to, the geographic location, and more.
  2. Applied security feature - Whether a Microsoft Defender plan is enabled for the resource.
  3. Counts of outstanding recommendations and alerts - The number of outstanding security recommendations and Defender for Cloud alerts.
  4. Actionable recommendations and alerts - Two tabs list the recommendations and alerts that apply to the resource.

Microsoft Defender for Cloud's resource health page showing the health information for a virtual machine

In this tutorial you'll learn how to:

  • Access the resource health page for all resource types
  • Evaluate the outstanding security issues for a resource
  • Improve the security posture for the resource

Prerequisites

To step through the features covered in this tutorial:

  • You need an Azure subscription. If you don’t have an Azure subscription, create a free account before you begin.

  • Microsoft Defender for Cloud enabled on your subscription.

  • To apply security recommendations: you must be signed in with an account that has the relevant permissions (Resource Group Contributor, Resource Group Owner, Subscription Contributor, or Subscription Owner)

  • To dismiss alerts: you must be signed in with an account that has the relevant permissions (Security Admin, Subscription Contributor, or Subscription Owner)

Access the health information for a resource

Tip

In the following screenshots, we're opening a virtual machine, but the resource health page can show you the details for all resource types.

To open the resource health page for a resource:

  1. Sign in to the Azure portal.

  2. Search for and select Microsoft Defender for Cloud.

  3. Select Inventory.

  4. Select any resource.

    Select a resource from the asset inventory to view the resource health page.

  5. Review the left pane of the resource health page for an overview of the subscription, status, and monitoring information about the resource. You can also see whether enhanced security features are enabled for the resource:

    The left pane of Microsoft Defender for Cloud's resource health page shows the subscription, status, and monitoring information about the resource. It also includes the total number of outstanding security recommendations and security alerts.

  6. Use the two tabs on the right pane to review the lists of security recommendations and alerts that apply to this resource:

    The right pane of Microsoft Defender for Cloud's resource health page has two tabs: recommendations and alerts.

    Note

    Microsoft Defender for Cloud uses the terms "healthy" and "unhealthy" to describe the security status of a resource. These terms relate to whether the resource is compliant with a specific security recommendation.

    In the screenshot above, you can see that recommendations are listed even when this resource is "healthy". One advantage of the resource health page is that all recommendations are listed so you can get a complete picture of your resources' health.

Evaluate the outstanding security issues for a resource

The resource health page lists the recommendations for which your resource is "unhealthy" and the alerts that are active.

Harden a resource

To ensure your resource is hardened according to the policies applied to your subscriptions, fix the issues described in the recommendations:

  1. From the right pane, select a recommendation.

  2. Continue as instructed on screen.

    Tip

    The instructions for fixing issues raised by security recommendations differ for each of Defender for Cloud's recommendations.

    To decide which recommendations to resolve first, look at the severity of each one and its potential impact on your secure score.

Investigate a security alert

  1. From the right pane, select an alert.

  2. Follow the instructions in Respond to security alerts.

Next steps

In this tutorial, you learned about using Defender for Cloud’s resource health page.

To learn more, see these related pages: