Security Center is a centralized security management system that identifies and analyzes security threats, and generates alerts when threats are detected. Security Center provides multiple features to ensure the security of cloud resources and servers in data centers. The features include anti-ransomware, antivirus, web tamper proofing, and compliance check. This allows you to automate security operations, responses, and threat tracing, and meet regulatory compliance requirements. By default, the features of Security Center Basic are enabled to protect Elastic Compute Service (ECS) instances.

The Anti-virus or higher edition of Security Center automatically quarantines viruses, proactively prevents and quarantines common ransomware and DDoS trojans. The ransomware includes WannaCry and Globelmposter, and the DDoS trojans include XOR DDoS and BillGates. We recommend that you enable the automatic quarantine feature of Security Center to reinforce the security of your assets. For more information about how to enable the automatic quarantine feature, see Use proactive defense.

For more information about the features that each edition supports, see Features.

Prerequisites

Security Hardening is selected when you purchase ECS instances. This way, Security Center protects your ECS instances.

Security Hardening

View overall security information of ECS instances

To view the security information of ECS instances, log on to the ECS console and click Overview in the left-side navigation pane. On the tab that appears, click Handle in the Security Status section. On the Overview tab of the Security Center console, view the security information of ECS instances. Overall security information of ECS instances
On the Overview tab in the Security Center console, you can view the security score of your assets and information about the threats that are detected on your assets. The information includes the number of unhanded alerts, alert levels, and the total number of generated alerts. For more information, see Overview. Overview tab

You can click Process Now in the Unhandled Alerts, Unfixed Vul, Baseline Risks, or Attacks section to view the details about the specific types of threats and handle the threats.

View the security information of an ECS instance

To view the details of an ECS instance, log on to the ECS console and click Instances in the left-side navigation pane. On the Instances page, click the Alibaba Cloud Security icon of the required ECS instance. The Assets page in the Security Center console appears. The details of the ECS instance are displayed on the Assets page. Instances
You can view the security information of an ECS instance on the Assets page in the Security Center console. For more information, see View the details of an asset. Asset details
Note If the Security Center agent on a server is in the Offline state, the Security Center agent is disconnected from Alibaba Cloud, and Security Center does not protect the server. In this case, go to the Security Center console and click Settings in the left-side navigation pane. On the page that appears, click the Agent tab, find the required server, and then click Install the client. For more information, see Install and uninstall the Security Center agent.