Security Center is a cloud platform that can be used to handle security risks. Security Center can continuously monitor the security status and provides in-depth threat defense, comprehensive analysis, and quick response capabilities. To meet the security requirements in different scenarios, Security Center provides multiple editions and value-added features. This topic provides answers to some frequently asked questions before the purchase of Security Center.
FAQ about the free trial of Security Center
I used the free trial of Security Center Ultimate before. Can I apply for the free trial again?
No, you cannot apply for the free trial again. Each Alibaba Cloud account is limited to one free trial of Security Center Ultimate.
How do I apply for a free trial of Security Center?
Security Center offers free trials of multiple editions. If you meet the required conditions, you can apply for a free trial of Security Center.
Edition | Trial duration | Condition | Reference |
Basic | Unlimited | Your Alibaba Cloud account passes real-name verification. | |
Ultimate | Seven days | You have not used a paid edition of Security Center, and your Alibaba Cloud account passes real-name verification. The paid editions of Security Center are the Anti-virus, Advanced, Enterprise, and Ultimate editions. |
How do I enable application vulnerability detection after I enable a free trial?
After you enable the free trial of the Enterprise or Ultimate edition, you can use manual quick scan or configure an automated periodic scan to detect application vulnerabilities. The following list describes the methods:
Manual quick scan.
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose .
On the Vulnerabilities page, click Scan now.
In the Vulnerability Scan dialog box, select Application Vulnerability and click OK.
Automated periodic scan: The scan period is from 00:00:00 to 07:00:00.
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. You can select China or Outside China.
In the left-side navigation pane, choose .
In the upper-right corner of the Vulnerabilities page, click Settings.
In the Settings panel, specify a value for the Application Vul(s) Scan Cycle parameter.
What are the differences between the Basic edition of Security Center and a free trial of Security Center?
A free trial of Security Center is different from the Basic edition of Security Center.
The Basic edition of Security Center is provided for all Alibaba Cloud users free of charge. The Basic edition supports basic security hardening capabilities, including the detection of unusual logons to servers, DDoS trojan detection, mining virus detection, and vulnerability detection on common types of servers. The Basic edition can be used with an unlimited duration and is available to all Alibaba Cloud users. For more information, see Introduction to Security Center Basic.
A free trial allows you to try the Enterprise or Ultimate edition of Security Center within a limited period. The Enterprise and Ultimate editions are paid editions. When you use a free trial of the Enterprise or Ultimate edition, you can use the security hardening capabilities that are supported by the edition, including virus detection and removal, and threat detection. You can also use specific value-added features such as application protection, vulnerability fixing, and log analysis. For more information about a free trial, see Apply for a 7-day free trial of Security Center.
What do I do if the Overview page does not provide an entry point to a free trial of Security Center?
If the Overview page in the Security Center console does not provide an entry point to a free trial of Security Center, you have used a free trial or purchased Security Center. In this case, you cannot apply for a free trial of Security Center. If you want to use the protection capabilities of Security Center, you can purchase Security Center. For more information, see Purchase Security Center.
Are the configurations of Security Center retained after a free trial of Security Center ends?
Yes, all feature configurations and historical data are retained for seven days after a free trial of Security Center ends. The configurations and data are automatically cleared after the seven days.
Can I cancel the free trial of Security Center?
No, a free trial is automatically canceled after the free trial period ends.
FAQ about the purchase of Security Center
If I have 100 ECS instances, can I activate Security Center only for 10 ECS instances?
No, you cannot activate Security Center only for specific Elastic Compute Service (ECS) instances within your Alibaba Cloud account.
If you use a paid edition of Security Center, you must activate Security Center for all ECS instances within your Alibaba Cloud account.
This way, Security Center protects all your ECS instances. If you activate Security Center for specific ECS instances, only the specified ECS instances are protected, and unprotected instances are vulnerable. In this case, if one ECS instance is compromised, other ECS instances may also be compromised. As a result, the overall security of your business is affected.
When you purchase Security Center, you must configure the Protected Servers and vCore parameters. The Protected Servers parameter specifies the number of servers within your Alibaba Cloud account, and the vCore parameter specifies the number of cores of your servers. The default value of the Protected Servers parameter on the buy page is the total number of your ECS instances and servers that are not deployed on Alibaba Cloud but have the Security Center agent installed within your Alibaba Cloud account.
If you install the Security Center agent on additional servers after you purchase Security Center, an alert is generated to indicate that the number of your current servers exceeds the value of the Protected Servers parameter. The additional servers are the servers that are not deployed on Alibaba Cloud, servers in data centers, and newly purchased ECS instances. In this case, Security Center prompts you to pay the charges for the additional servers on which the Security Center agent is installed after you purchase Security Center.
Can I purchase Security Center on a monthly basis?
Yes,
you can purchase and renew Security Center on a monthly basis. For more information, see Billing overview.
Why is the price of the Advanced edition on the buy page higher than the list price?
The price on the buy page is based on the following two factors:
Protected Servers
The Protected Servers parameter specifies the total number of assets that are protected by Security Center. The assets include Alibaba Cloud ECS instances and third-party servers that have the Security Center agent installed. The default value is the total number of ECS instances and third-party servers that have the Security Center agent installed within your Alibaba Cloud account. If the number of protected servers is greater than 1, the price on the buy page is higher than USD 9.5 per month.
Enabled value-added features
Security Center provides value-added features, such as web tamper proofing, log analysis, and anti-ransomware. When you purchase Security Center, the default values of the Log Analysis and Anti-ransomware parameters are used. If you do not require log analysis or anti-ransomware, set the Log Analysis and Anti-ransomware parameters to 0 GB when you purchase the Anti-virus edition.
FAQ about the editions of Security Center
Are there differences among the editions of Security Center?
Yes, different editions of Security Center provide different features.
Security Center provides multiple editions such as Basic, Anti-virus, Advanced, Enterprise, and Ultimate. For more information about the features supported by each edition of Security Center, see Functions and features.
Which edition of Security Center provides the quick vulnerability fixing feature?
All editions of Security Center provide the quick vulnerability fixing feature when specific conditions are met.
If you use the Advanced, Enterprise, or Ultimate edition, you do not need to separately purchase the vulnerability fixing feature. You can directly use the feature to fix vulnerabilities for the protected servers. The quota for vulnerability fixing is not limited.
If you use the Basic, Value-added Plan, or Anti-virus edition, you must purchase the vulnerability fixing feature based on the pay-as-you-go or subscription billing method.
Pay-as-you-go (recommended): On the Vulnerabilities page, click Purchase to enable the vulnerability fixing feature.
Subscription: Purchase a quota for the vulnerability fixing feature. For more information, see Purchase Security Center or Upgrade and downgrade Security Center.
Which edition of Security Center is required if I want to meet the testing and evaluation requirements for classified protection?
You must purchase the Enterprise or Ultimate edition of Security Center and separately enable log analysis, which is a value-added feature. For more information about how to enable log analysis, see Enable log analysis.
The Enterprise and Ultimate editions of Security Center support the baseline check feature that is required to meet the requirements for classified protection. You can use the baseline check feature along with log analysis to meet the testing and evaluation requirements for classified protection. Log data is retained for 180 days.
How do I obtain the Basic edition of Security Center?
By default, the Basic edition of Security Center is activated for all Alibaba Cloud users. If you have not purchased Security Center, you can view the identifier of Security Center Basic on the Overview page of the Security Center console. If you use the Basic edition, you can use security capabilities such as vulnerability detection, unusual logon detection, AccessKey pair leak detection, and compliance check. Before you can use the capabilities, you must install the Security Center agent on your server. For more information, see Introduction to Security Center Basic.
FAQ about the usage of Security Center
Which Alibaba Cloud services can I install the Security Center agent?
You can install the Security Center agent on ECS instances, ECS bare metal instances, and simple application servers. You cannot install the agent on Alibaba Cloud services, such as Server Load Balancer (SLB), Object Storage Service (OSS), and WUYING Workspace.
How do I check whether an ECS instance that I purchased is protected by Security Center?
If the status of the Security Center agent that is installed on your ECS instance is 
, the instance is protected by Security Center. You can view the status on the Host page. If you do not purchase an edition of Security Center, your ECS instance is protected by the Basic edition of Security Center. The Basic edition provides only basic security capabilities, such as vulnerability detection and mining virus detection. For more information, see Introduction to Security Center Basic. After you purchase an edition of Security Center, your ECS instance is protected by the features provided by the edition.
I purchased ECS instances from Alibaba Cloud, but vulnerabilities are detected on the instances, and the instances are infected by viruses such as mining viruses and ransomware. Why?
If you purchase ECS instances from Alibaba Cloud, Alibaba Cloud ensures the physical security of the computing infrastructure and the integrity of the network infrastructure, and provides basic cloud security capabilities. You are responsible for the security of your business system that is deployed on the ECS instances, including the installation, configuration, maintenance, and security management of operating systems and applications. Alibaba Cloud provides only the computing infrastructure, which is irrelevant to your business system. Therefore, you must separately conduct measures to protect your business system.
If your ECS instance is exposed to risks such as vulnerabilities, weak passwords, data leaks, or insecure network configurations, attackers can exploit the risks to inject malicious programs such as viruses, ransomware, or mining software into your ECS instance. This causes your ECS instance to be infected or illegally used. Security Center provides basic security capabilities. You can install the Security Center agent on your ECS instance to ensure security. For more information, see Install the Security Center agent.
Can I use Security Center to protect servers in data centers?
Yes,
you can use Security Center to protect Alibaba Cloud ECS instances, servers in data centers, and third-party cloud servers. To use Security Center to protect your servers, you need to only install the Security Center agent on the servers. For more information, see Install the Security Center agent and Use Security Center to protect servers in data centers.
Can Security Center protect third-party cloud servers?
Yes,
Security Center can protect cloud servers of third-party service providers, such as Amazon Web Services (AWS), Tencent Cloud, QingCloud, and UCloud servers. To use Security Center to protect your servers, you must install the Security Center agent on the servers. For more information, see Add a third-party asset to Security Center and Manually install the Security Center agent.
How do I use Security Center to protect servers in data centers and third-party cloud servers?
To use Security Center to protect servers in data centers and third-party cloud servers, you must first install the Security Center agent on the servers. For more information, see the following table.
Server Type | How to use Security Center to protect the servers |
Alibaba Cloud ECS instances | If you select Security Hardening when you purchase an ECS instance, the Security Center agent is automatically installed on the instance, and Security Center Basic is automatically activated. Note Security Center Basic detects only unusual logons to servers and urgent vulnerabilities. The Basic edition is suitable for individual users. |
If you do not select Security Hardening when you purchase an ECS instance or Security Center notifies you that the Security Center agent is offline, perform the following steps to enable Security Center to protect the ECS instance:
| |
Third-party cloud servers | If you want to use Security Center to protect the servers in data centers and third-party cloud servers, perform the following steps:
|
Servers in data centers |
Does Security Center remove viruses?
Yes,
the Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center detect and automatically remove common viruses. For more information, see Description.
Does Security Center automatically quarantine viruses?
No, Security Center does not automatically quarantine viruses. Security Center can automatically block malicious programs, but cannot automatically quarantine infected files.
Automatic blocking: When virus intrusion is detected, Security Center identifies the virus and blocks the virus-related programs and processes. Security Center can automatically block common Internet viruses, such as ransomware, DDoS trojans, mining and trojan programs, malicious programs, webshells, and computer worms.
Automatic quarantine: After a system is intruded by viruses, infected files are moved to the quarantine to prevent the infected files from running again. An infected file can be a system- or business-related file. If the file is quarantined, your business may fail to run as expected. Security Center cannot automatically quarantine viruses. If you confirm that the impact of infected files on your business can be controlled, you can manually quarantine infected files. For more information, see View and handle security alerts.