Ransomware has become the biggest threat to network security. Security Center provides a general anti-ransomware solution to defend against ransomware at stages before, during, and after attacks.
Anti-ransomware is a value-added feature that is provided by Security Center. If you use the Basic Anti-Virus, Advanced, or Enterprise edition, you can use the anti-ransomware data backup function only after you purchase a specific amount of anti-ransomware capacity. If you use the Basic edition, you must upgrade Security Center to the Basic Anti-Virus, Advanced, or Enterprise edition before you can use the anti-ransomware feature.
The anti-ransomware feature supports a limited number of operating system versions. You cannot install an anti-ransomware client or back up data for servers that run unsupported operating system versions. For more information about the supported operating system versions, see Supported operating system versions.
- The anti-ransomware data backup function is available in the following regions: China (Chengdu), China East 2 Finance, China North 2 Ali Gov, China (Shanghai), China (Hangzhou), China (Beijing), China (Shenzhen), China (Zhangjiakou-Beijing Winter Olympics), China (Hohhot), China (Qingdao), China (Hong Kong), Singapore (Singapore), Indonesia (Jakarta), Australia (Sydney), US (Silicon Valley), US (Virginia), Germany (Frankfurt), Japan (Tokyo), and India (Mumbai).
- The anti-ransomware data backup function is only supported by Elastic Computing Service (ECS) instances that are deployed in virtual private clouds (VPCs). ECS instances deployed in the classic network do not support the anti-ransomware data backup function.
How it works
- Block recognized ransomware in real time
Based on the Alibaba Cloud intelligence library, Security Center has blocked a large amount of ransomware identified by the intelligence library. Security Center blocks ransomware at the earliest opportunity to prevent potential losses.
- Trap and block new ransomwareSecurity Center sets trap directories to block potential ransomware activities. To block new ransomware, Security Center immediately blocks unusual encryption activities when they are detected. At the same time, Security Center generates alerts to notify you of the potential threats.Note Security Center sets trap directories on your servers to block potential ransomware. If you find a suspicious directory on your server, contact after-sales services or submit aticket to check whether this directory is a trap directory set by Security Center. Trap directories do not affect your business and they are not malicious. Trap directories cannot be manually deleted.
- Restore infected files
In addition to anti-ransomware, Security Center also supports data backup. This function periodically backs up data and allows you to restore server data based on the specified time or file version. In scenarios where files in your servers are encrypted, you can restore the data to ensure the security of your servers.
Supported operating system versions
|Windows||7, 8, and 10|
|Windows Server||2008 R2, 2012, 2012 R2, 2016, and 2019|
|RHEL||7.0, 7.2, and 7.4|
|CentOS||6.5, 6.9, 7.2, 7.3, 7.4, and 8.2|
|Ubuntu||14.04, 16.04, 18.40, and 20.04|
|SUSE Linux Enterprise Server||11, 12, and 15|