Ukwahlulwa kweSixhobo seLinux luphawu olunikezelwa nguMicrosoft kwi-Defender
Kwiintsuku ezithile ezidlulileyo IMicrosoft ityhilwe ngesibhengezo esongezelele i inkxaso yokwahlulwa kwesixhobo kuMicrosoft Defender for Endpoint (MDE) kwizixhobo ezizinzisiweyo zeLinux.
Kuyafaneleka ukukhankanya ukuba mhlawumbi kuninzi, olu hlobo lwesenzo se-MS alukho into enkulu, kude nayo, kwaye ngokuqinisekileyo ndiyavumelana nawe, kodwa ngokobuqu ndifumene iindaba ezinomdla, kuba kwiindawo zoshishino kunye nezinto ezinjalo zilawulwa. ngeemfuno ezithile eziphantsi kunye namaxwebhu ngaphezu kwazo zonke, zinokuba neenzuzo ezithile kwaye ngaphezu kwayo yonke into encinci yentlabathi engathanga ngqo ukuze bathathele i-Linux kancinci ngakumbi, ngakumbi kwezo ndawo zilawulwa kusetyenziso lweemveliso zeMS.
Kulo mbandela, kukhankanyiwe ukuba ngoku abalawuli ngoku banokubeka bucala ngesandla oomatshini beLinux ubhalise ngeMicrosoft 365 Defender Portal okanye ngezicelo zeAPI.
Emva kokuba bebodwa, ukuba kukho nayiphi na ingxaki eyenzekayo, abayi kuba noqhagamshelwano kwinkqubo eyosulelekileyo, inqumle ulawulo lwayo kunye nokuthintela imisebenzi enobungozi efana nokubiwa kwedatha. Uphawu lokwahlulwa kweSixhobo lukwimboniso kawonke-wonke kwaye lubonisa into esele isenziwa yimveliso kwiinkqubo zeWindows.
“Ezinye iimeko zohlaselo zinokufuna ukuba uhlukanise isixhobo kwinethiwekhi. Esi senzo sinokunceda ukukhusela umhlaseli ekufumaneni ulawulo lwesixhobo esiphazamisekileyo kunye nokwenza ezinye izinto, ezifana nokukhutshwa kwedatha kunye nokunyakaza kwecala. Ngokufana nezixhobo zeWindows, olu phawu lokwahlulwa kwesixhobo luqhawula isixhobo esichaphazelekileyo kwinethiwekhi ngelixa sigcina uqhagamshelo kwi-Defender yenkonzo ye-Endpoint, ngelixa uqhubeka nokubeka esweni isixhobo, ”ucacisile uMicrosoft. Ngokutsho kwe-software giant, xa isixhobo sifakwe kwibhokisi yesanti, sithintelwe kwiinkqubo kunye neendawo zewebhu ezivumelekileyo.
Oku kuthetha ukuba ukuba usemva kwetonela yeVPN epheleleyo, iinkonzo zelifu aziyi kufumaneka Microsoft Defender for Endpoint. UMicrosoft ucebisa ukuba abathengi basebenzise itonela ecandekileyo yeVPN kwitrafikhi esekwe kwilifu kuzo zombini i-Defender ye-Endpoint kunye ne-Defender Antivirus.
Emva kokuba imeko ebangele ukuhlukaniswa isonjululwe, baya kukwazi ukuphinda badibanise isixhobo kwinethiwekhi. Ukwahlulwa kwenkqubo kwenziwa nge-API. Abasebenzisi banokufikelela kwiphepha lezixhobo zeLinux ngeMicrosoft 365 Defender portal, apho baya kubona "Isixhobo sodwa" ithebhu phezulu ngasekunene, phakathi kwezinye iinketho.
UMicrosoft uye wachaza ii-APIs zokwahlula isixhobo kwaye usikhulule kwibhloko.
Izixhobo ezizimeleyo zingaphinda zixhunywe kwinethiwekhi ngokukhawuleza nje ukuba isongelo sincitshiswe ngeqhosha elithi "Ukukhupha ngaphandle" kwiphepha lesixhobo okanye isicelo "esingekho sodwa" se-HTTP API. Izixhobo zeLinux ezinokusebenzisa iMicrosoft Defender ye-Endpoint ziquka iRed Hat Enterprise Linux (RHEL), iCentOS, Ubuntu, Debian, SUSE Linux, Oracle Linux, Fedora Linux, kunye neAmazon Web Services (AWS) Linux. Eli nqaku litsha kwiinkqubo zeLinux libonisa into ekhoyo kwiinkqubo zikaMicrosoft Windows.
Kulabo abangazi IMicrosoft Defender yeNdawo yokuGqibela, bafanele bazi ukuba kunjaloe yimveliso yomgca womyalelo kunye ne-anti-malware kunye nokufumanisa i-endpoint kunye neempawu zokuphendula (EDR) eyilelwe ukuthumela zonke iinkcukacha zogrogriso ezifumanayo kwiMicrosoft 365 Defender Portal.
I-Linux Device Isolation yinto yamva nje yokhuseleko eyenziwa nguMicrosoft uzibandakanye nenkonzo yelifu. Ekuqaleni kwale nyanga, inkampani yandise ukhuseleko lwe-Defender tamper ye-Endpoint ukubandakanya ukukhutshwa kwe-antivirus. Yonke le yinxalenye yepateni enkulu yokwenza lukhuni i-Defender ngeliso elijonge kumthombo ovulekileyo.
Kumboniso wayo we-Ignite ngo-Okthobha ka-2022, iMicrosoft yabhengeza ukudityaniswa kweqonga lokujonga inethiwekhi yomthombo ovulekileyo weZeek njengenxalenye ye-Defender ye-Endpoint yokuhlola ipakethi enzulu yetrafikhi yenethiwekhi.
Okokugqibela, ukuba unomdla wokwazi okungakumbi ngayo, unokujonga kwiinkcukacha Kule khonkco ilandelayo.