Alibaba Cloud Server Guard: A Comprehensive Assessment
Created#More Posted time:Mar 9, 2019 13:06 PM
Three Major Threats Hackers Pose to Cloud Hosts
I. Vulnerabilities in Open-Source Software
II. Trojan and Hacker Programs
III. Database Hits, Brute-Force Cracking, and Weak Passwords
In a traditional data center, these problems are often solve by installing enterprise level anti-virus software. This method does not work well on cloud hosts.First, traditional enterprise level anti-virus software requires a significant amount of CPU and memory to run real-time defense functionality. Eliminating the virus requires a large virus library to analyze the system and file. Traditional servers have powerful processing capability and can sacrifice the resources necessary to run these features. However, for a cloud host, paying for the required resources can be a huge waste.
Second, because cloud systems expand and contract due to current service demands, traditional anti-virus software has difficulty offering consistent coverage at all times, posing an opportunity to hackers.
Moreover, traditional enterprise-level anti-virus software often lacks effective methods of defending against attacks on administrator permissions, including database hits, brute-force cracking, and weak passwords.
Server Guard consists of Agent, Cloud Protection Center, Console, and Server Guard App.
---Uniform, Efficient, and Lightweight O&M Alibaba Cloud Security and AliHids processes only occupy 0.3% of total CPU capacity (0.6% and 0.9% of total respectively) when installing Server Guard on a single core Linux cloud host with 1G of memory. ---Discover and instantly repair suspect vacancies When testing kernel settings through the Server Guard console, we discovered that the mirror used by the cloud host can be changed to a newer mirror to upgrade the kernel, so Server Guard issued a security notice.
Control Source to Clean Zombie Computers and Remove Trojans
Check Login Security Details
Application Analysis, Connection, and Management - Future Trends in Cloud Security