Linux Device Isolation ndicho chinhu chinopihwa neMicrosoft muDefender
Mamwe mazuva apfuura Microsoft yakazarurwa kuburikidza nechiziviso chakawedzera the tsigiro yekuzviparadzanisa nemudziyo kuMicrosoft Defender yeEndpoint (MDE) pane yakadzamirirwa Linux zvishandiso.
Zvakakodzera kutaura kuti pamwe kune vakawanda, rudzi urwu rweMS chiito hachisi chinhu chikuru, kure nazvo, uye ini ndinogona kubvumirana newe, asi ini pachangu ndakawana nhau dzinonakidza, sezvo kune bhizinesi nharaunda nezvimwe zvakadaro zvinotongwa. nekudzikira zvimwe zvinodiwa uye zvinyorwa pamusoro pezvose, zvinogona kuva nezvimwe zvikomborero uye pamusoro pezvose idiki diki diki diki rejecha kuitira kuti vatore Linux zvishoma zvishoma, kunyanya munzvimbo idzo dzinodzorwa nekushandiswa kweMS zvigadzirwa.
Pamusoro penyaya, inotaurwa kuti ikozvino vatungamiri vanogona ikozvino kusiyanisa Linux michina yakanyoresa kuburikidza neMicrosoft 365 Defender Portal kana kuburikidza neAPI zvikumbiro.
Kana yangove yakasarudzika, kana paine dambudziko rikaitika, havachave nekubatana kune iyo ine hutachiona system, ichicheka kutonga kwayo uye kuvharira zviitiko zvakashata sekuba data. Iyo Device Isolation ficha iri paruzhinji preview uye inoratidza izvo chigadzirwa chinotoita kuWindows system.
"Mamwe mamiriro ekurwiswa anogona kuda kuti iwe ubvise mudziyo kubva kunetiweki. Chiito ichi chinogona kubatsira kudzivirira anorwisa kubva pakuwana kutonga kweiyo yakakanganiswa mudziyo uye kuita zvimwe zviitiko, senge data exfiltration uye lateral kufamba. Zvakafanana neWindows zvishandiso, iyi yekuzviparadzanisa mudziyo inobvisa mudziyo wakakanganisika kubva kunetiweki uchichengetedza kubatana neDefender yeEndpoint sevhisi, uchienderera mberi nekutarisa mudziyo, "Microsoft yakatsanangura. Zvinoenderana neiyo software hofori, kana chishandiso chaiswa sandbox, chinorambidzwa mumaitiro uye nzvimbo dzewebhu dzinotenderwa.
Izvi zvinoreva kuti kana iwe uri kuseri kweiyo yakazara VPN mugero, Cloud masevhisi haazosvikiki Microsoft Defender yeEndpoint. Microsoft inokurudzira kuti vatengi vashandise mugero wakapatsanurwa VPN yegore-yakavakirwa traffic kune ese Defender for Endpoint uye Defender Antivirus.
Kana mamiriro ezvinhu akakonzera kuparadzaniswa agadziriswa, ivo vachakwanisa kubatanidza zvakare mudziyo kune network. Kuzviparadzanisa nehurongwa kunoitwa kuburikidza neAPI. Vashandisi vanogona kuwana iyo Linux system zvishandiso peji kuburikidza neMicrosoft 365 Defender portal, kwavachaona iyo "Isolate mudziyo" tab kumusoro kurudyi, pakati pedzimwe sarudzo.
Microsoft yakatsanangura iyo APIs yekuparadzanisa mudziyo uye kuisunungura kubva kubhuroka.
Zvishandiso zvakasarudzika zvinogona kubatanidzwazve kunetiweki nekukurumidza kana kutyisidzira kwadzikiswa kuburikidza nebhatani rekuti "Kusununguka kubva pakuzviparadzanisa nevamwe" pane peji remudziyo kana "isina-yakasarudzika" HTTP API chikumbiro. Linux zvishandiso zvinogona kushandisa Microsoft Defender ye Endpoint zvinosanganisira Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu, Debian, SUSE Linux, Oracle Linux, Fedora Linux, uye Amazon Web Services (AWS) Linux. Ichi chitsva chimiro paLinux masisitimu chinoratidza chiripo chiripo paMicrosoft Windows system.
Kune avo vasingazive Microsoft Defender ye Endpoint, vanofanira kuziva kuti ndizvoe chigadzirwa chekuraira chine anti-malware uye endpoint yekuona uye mhinduro maficha (EDR) yakagadzirirwa kutumira ruzivo rwese rwekutyisidzira rwainoona kuMicrosoft 365 Defender Portal.
Linux Device Isolation ndiyo yazvino kuchengetedza ficha iyo Microsoft apinda mu cloud service. Kutanga mwedzi uno, kambani yakawedzera Defender tamper dziviriro yeEndpoint kusanganisira kusabatanidzwa kweantivirus. Ichi chese chikamu chechimiro chakakura chekuomesa Defender neziso rakavhurika sosi.
Pane yayo Ignite show muna Gumiguru 2022, Microsoft yakazivisa kubatanidzwa kweyakavhurika sosi network yekutarisa chikuva Zeek sechikamu cheDefender for Endpoint yekudzika pakiti yekuongorora yetiweki traffic.
Chekupedzisira, kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo Mune inotevera chinongedzo.