Security Center is a security management system that can detect and analyze risks in real time. It provides security overview, anti-ransomware, anti-virus, tamper proofing, and compliance check capabilities that help you detect and safeguard your servers and web applications.

Applicable to

This tutorial is intended for the following users:

  • Uses who want to learn how to activate and use Security Center.
  • Users who want to learn about the features provided by each Security Center edition.
  • Users who want to monitor the security status of assets protected by Security Center.

Prerequisites

The Security Center agent is a security plug-in installed on your local servers. You must install this agent on your servers before you can enable Security Center features. For more information, see Install the Security Center agent or Install the agent on servers in private networks.
Note When you purchase an Elastic Compute Service (ECS) instance, you can select the Security Enhancement check box to automatically install the agent and activate Security Center Basic edition. This removes the requirement of manually installing the agent.

Quick start

The following procedure shows how to quickly use Security Center to protect your assets.

  1. Features of the Basic edition of Security Center are available to protect your servers by default. The Basic edition only scans for the following risks: unusual logons to servers, vulnerabilities, and configuration risks in cloud services.
    1. Learn about the features of the Advanced and Enterprise editions of Security Center. For more information, see Features.
    2. Choose an edition based on your actual needs. For more information, see Purchase Security Center.
  2. After you purchase Security Center, you can view the security score of your assets on the Overview page in the Security Center console. You can manage security events and improve the security score based on the penalty points and the corresponding risks. For more information, see Security score.
    Note The security information about your assets is detected and collected by the Security Center agent.
    • If you select the Security Enhancement check box when you purchase an ECS instance, the Basic edition is automatically activated for the ECS instance and the agent is automatically installed on the ECS instance. In this case, you can use Security Center without further configurations.
    • If you do not select the Security Enhancement check box when you purchase an ECS instance, and you need to use Security Center to protect the ECS instance, you must manually install the agent on the ECS instance first. For more information, see Install the Security Center agent.
    • The protection status of the assets also indicates whether the agent is enabled or disabled. If the status of the agent is Enabled, it indicates that the agent is enabled on the server. If the status of the agent is Disabled, it indicates that the agent is disabled on the server. In this case, you need to troubleshoot issues causing the agent to be disabled. Protection for the server is restored only after the agent is enabled again. For more information, see Identify why the agent is offline.
  3. After you purchase Security Center, you can view the security status of the servers under your Alibaba Cloud account on the Overview page. The security information includes alerts, scan results, and system configuration risks. For more information, see Overview page.