Security Center provides the asset fingerprints feature. You can configure this feature to collect 11 types of fingerprints of servers. This topic describes how to use the asset fingerprints feature to collect fingerprints and how to view the fingerprints of servers.
Background information
If you are a first-time user of the asset fingerprints feature, we recommend that you configure the fingerprint collection frequencies for servers to automate collection tasks. The automatic collection tasks collect the fingerprints of all servers. For more information about the fingerprints that the feature collects, see Fingerprints that the feature collects.
Limits
Only the Enterprise and Ultimate editions of Security Center support this feature. If you do not use these editions, you must upgrade Security Center to the Enterprise or Ultimate edition before you can use this feature. For more information about how to purchase and upgrade Security Center, see Purchase Security Center and Upgrade and downgrade Security Center.
Collect the fingerprints of servers
Security Center does not automatically collect the fingerprints of servers. You must configure automatic periodic collection tasks or run manual collection tasks to collect the latest fingerprints of servers.
Collection method | Description |
Automate periodic collection tasks | Security Center supports automatic collection of the fingerprints of all servers. You can configure the collection frequencies for automatic periodic collection based on your business requirements. For more information, see Configure an automatic periodic collection task. |
Collect the latest fingerprints of all servers | If you want to view the fingerprints of all servers, you can click Collect the latest data to collect the latest fingerprints of all servers with a few clicks. For more information, see Run a manual collection task to collect the latest fingerprints of all servers. |
Collect the fingerprints of a specific server | If you want to view the fingerprints of a specific server, you can click Collect data now to collect the latest fingerprints of the server with a few clicks. For more information, see Run a manual collection task to collect the latest fingerprints of a specific server. |
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.
In the left-side navigation pane, choose .
On the Host page, collect fingerprints.
Configure an automatic periodic collection task
On the Account tab, click Settings.
In the Settings dialog box, configure the collection frequency for each type of fingerprint and click OK.
NoteIf you set a type to Disable, Security Center does not automatically collect the latest fingerprints of the type. By default, the collection frequencies of all types are Disable. You can configure different collection frequencies for different types of fingerprints.
To configure a collection frequency for middleware, databases, and web services, you can configure the Middleware parameter.
If you use the asset exposure analysis feature, you can set the Middleware parameter to Collected once an hour, Collected once every 3 hours, Collected once every 12 hours, or Collected once a day. You cannot set the Middleware parameter to Disable or Collected once every 7 days.
After the collection frequencies are configured, Security Center automatically runs collection tasks based on the collection frequencies and synchronizes the collected fingerprints to the tabs of different fingerprint types for you to view. For more information, see View the fingerprints of servers.
Run a manual collection task to collect the latest fingerprints of all servers
On the Account tab, click Collect the latest data.
In the Collect the latest data dialog box, select the types of fingerprints that you want to collect and click OK.
NoteThe system requires approximately 1 to 5 minutes to collect the fingerprints.
Run a manual collection task to collect the latest fingerprints of a specific server
In the server list of the Server tab, find the server whose fingerprints you want to collect and click View in the Operation column.
On the details page, click the Asset Fingerprints tab. Then, click the tab of the required fingerprint type.
In the upper-right corner, click Collect data now. In the Collect data message, click OK.
NoteThe system requires approximately 1 to 5 minutes to collect the fingerprints.
Add a server to the whitelist of IDC probe findings
An IDC probe that is installed on a server in a data center can scan other servers in the same data center. If you created an IDC probe, you can view the information about the scanned servers on the IDC probe findings tab. For more information about IDC probes, see Manage an IDC probe.
If you no longer want the IDC probe to scan a specific server, perform the following steps to add the server to the whitelist:
On the IDC probe findings tab, find the server and click Whitelist in the Operation column.
After you add the server to the whitelist, the system no longer scans the server or records the information about the server.
On the IDC probe findings tab, click White list in the upper-right corner of the tab to view the information about the servers that are added to the whitelist.
View the fingerprints of servers
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.
In the left-side navigation pane, choose .
On the Host page, view fingerprints.
View the fingerprints of all servers
On the Host page, click the tab of the required fingerprint type.
Section 1 provides a fingerprint list. The list includes all fingerprints and the number of servers related to each fingerprint.
Section 2 provides a list of fingerprint details. In the fingerprint list of the section 1, you can click a fingerprint such as a port number to view the details of the fingerprint in this section.
Section 3 provides a filter and a search box. You can configure the filter and enter search conditions in the search box to search for a fingerprint. Fuzzy match is supported.
View the fingerprints of a specific server
In the server list of the Server tab, find the server whose fingerprints you want to view and click View in the Operation column.
On the details page, click the Asset Fingerprints tab, and then click the tab of the required fingerprint type. On the tab, view the fingerprints.
Fingerprints that the feature collects
Fingerprint type | Description |
Account | The information about the account of your server. Security Center periodically collects information about the account of your server. The information includes the following items:
|
Port | The information about the listener port of your server. Security Center periodically collects information about the listener port of your server. The information includes the following items:
|
Process | The information about the process that runs on your server. Security Center periodically collects information about the process that runs on your server. The information includes the following items:
|
Middleware | The information about the middleware that runs on your server. Security Center periodically collects information about the middleware of your server. The middleware refers to system components that can independently run, such as MySQL databases and Docker. Docker is a container component. The information includes the following items:
|
Database | The information about the database that runs on your server. Security Center periodically collects information about the database that runs on your server. The information includes the following items:
|
Web service | The information about the web service of your server. Security Center periodically collects information about the web service of the server. The information includes the following items:
|
Software | The information about the software that is installed on your server. Security Center periodically collects information about the software that is installed on your server. The information includes the following items:
|
Scheduled Tasks | The information about the scheduled task on your server. Security Center periodically collects information about the path of the scheduled task that is run on your server. The information includes the following items:
|
Startup item | The information about the startup item of your server. Security Center periodically collects information about the startup item of your server. The information includes the following items:
|
Kernel Module | The information about the kernel module of your server. Security Center periodically collects information about the kernel module of your server. The information includes the following items:
|
Website | The information about the website on your server. Security Center periodically collects information about the website on your server. The information includes the following items:
|
IDC probe findings | The information about each server scanned by an IDC probe. The information includes the following items:
|