After exceptions and threats are detected, Security Center sends you alerts and provides solutions.
Three ways of handling alert events
- Security Center automatically handles certain types of events. The Precise Defense events are automatically detected and quarantined by the virus detection and removal
feature. This feature automatically detects and quarantines mainstream virus files.
No manual operations are required in this process. On the Alerts page, you can select Precision Defense in the event type filter box to show this type of events only. All of these events
are handled. This indicates that the viruses have been automatically quarantined by Security
For more information about virus detection and removal, see Cloud Threat Detection.
- Manual operations are required to handle all exceptions except for the Precise Defense type. The manual operations include the online quarantining of files and the offline
handling of exceptions. For example, you can click Quarantine in the Security Center console to handle the following events: malicious process-DDoS
trojans and webshells.
For more information about how to quarantine a file, see Which types of alerts can be handled by the quarantine operation?
- All the alert events that cannot be handled in the console must be handled on the
affected servers. For example, unusual logon activities and suspicious network connections
must be handled offline.