Azure哨兵或安全中心硬件设备识别 [英] Azure sentinel or security center hardware device identification
问题描述
所以我们有多个安全工具,很多时候我们正在扫描或报告相同的服务器/工作站,但我们从来不知道这一点。所以看起来我们拥有的计算机和设备比我们环境中实际拥有的更多。
So we have multiple security tools, and alot of times we are scanning or reporting the same server/workstation, but we never know this. So it looks like we have more computers and devices than we actually have in our environment.
如何使用azure安全中心(或哨兵)来验证您是否正在扫描同一台服务器使用我们正在使用的不同工具?
How can you use azure security center (or sentinel) to verify that you may be scanning the same server with the different tools we are using?
进行快速搜索,我们注意到一种方法是使用机器guid。不确定这是否是常见做法,或者是否有更好的方法......
doing a quick search, we noticed one way of doing this is using the machine guid. Not sure if this is common practice, or if there is a better way...
推荐答案
它应显示服务器/工作站的名称,不应报告两次。你在哪里寻找安全中心和Sentinel?
It should show you the name of the server/workstation and should not report twice. Where are you looking in Security Center and Sentinel?
你能指定你正在使用哪些工具以及你正在查看哪些类型的报告显示相同的服务器?您是否也可以拥有属于多个域的工作站?
Can you specify which tools you are using and what types of reports you are looking at that are showing the same servers? Is it also possible that you have workstations belonging to several domains?
这篇关于Azure哨兵或安全中心硬件设备识别的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
