Security Center Basic provides you with basic features to harden the security of your assets. You can use these features to detect risks on your assets. The risks include unusual logons to your servers, distributed denial of service (DDoS) attacks, common vulnerabilities on your servers, and configuration risks of Alibaba Cloud services. You need only to install the Security Center agent on your servers to use the security protection features provided by Security Center Basic free of charge.

Intended users

Security Center Basic is suitable for enterprises or individual users who need to manage servers in a centralized manner. Security Center Basic supports Alibaba Cloud Elastic Compute Service (ECS) instances and servers that are not deployed on Alibaba Cloud, including servers in data centers.

Features

Note Security Center Basic detects risks, such as vulnerabilities, alerts, and configuration risks of Alibaba Cloud services. However, Security Center Basic cannot handle these risks.
Feature Description References
Vulnerability detection Security Center Basic detects Linux software vulnerabilities, Windows system vulnerabilities, and Web-CMS vulnerabilities. Security Center automatically scans your servers every two days. You can view the vulnerabilities detected on your servers on the Vulnerabilities page. Overview
Urgent vulnerability detection (warning for major security events) This feature detects high-risk vulnerabilities that are recently exposed on the Internet. This helps you identify critical vulnerabilities on your servers at the earliest opportunity and reduces the risk of intrusions into your servers. View and handle urgent vulnerabilities
Unusual logon detection The alerting feature detects logons from disapproved locations and brute-force attacks, and generates alerts. This helps you identify unusual logons at the earliest opportunity and reduces the risk of system attacks. Overview
Detection of AccessKey pair leaks or unusual calls of AccessKey pairs This feature checks the usernames and passwords in source code stored on platforms such as GitHub in real time. This helps you detect leaks of the usernames and passwords for your assets. If leaks are detected, Security Center generates alerts. This helps you detect and handle potential AccessKey pair leaks at the earliest opportunity. Detection of AccessKey pair leaks
Configuration assessment This feature checks whether the configurations of your Alibaba Cloud services pose risks. Security Center Basic checks multiple items. The check items include Cloud Platform - Root Account's Two-Factor Authentication Configuration, Cloud Security - Agent Online Status, and ECS - Disk Encryption. For more information about check items, see Check items. Overview
Compliance check Security Center provides you with the classified protection compliance check and ISO 27001 compliance check features. These features help you build systems that meet the requirements of classified protection and attain the ISO 27001 certification.

How to use Security Center Basic

Security Center can protect ECS instances and servers that are not deployed on Alibaba Cloud. After you install the Security Center agent on your servers, you can use the features provided by Security Center Basic. The following procedures describe how to install the agent:
  • ECS instances: When you purchase an ECS instance, select Security Hardening. This way, the agent is automatically installed on your ECS instance. Alternatively, install the agent on your ECS instance in the Security Center console. For more information, see Install the Security Center agent.
  • Servers that are not deployed on Alibaba Cloud: Manually install the agent on your server in the Security Center console. You can perform the following steps to install the agent. For more information, see Manually install the Security Center agent.
    1. Log on to the Security Center console.
    2. In the left-side navigation pane, click Settings.
    3. On the Settings page, click the Agent tab.
    4. Click the Client Installation Guide tab.
    5. In the Manually Install section of the Client Installation Guide tab, read the installation guide. Then, download and install the agent of the latest version based on the operating system that your server runs. Manual installation
      • Windows

        1. In the Windows OS section, select Alibaba Cloud Server or Non-Alibaba Server based on your server type.
        2. Set the Key Validity Period parameter.
          Note You can customize this parameter to specify the validity period of the command that is used to install the agent. By default, the validity period of the command is 1 hour. You must install the Security Center agent within the validity period.
        3. Select an installation method based on your business requirements. You can use one of the following installation methods:
          • Run a command
            1. Click Copy next to Applicable to Windows 2008 and later.
            2. Log on to your Windows server as an administrator.
            3. Open Command Prompt in Windows and run the command that you copied. This allows you to download and install the Security Center agent.
          • Download the Security Center agent when you select Alibaba Cloud Server
            1. Click Download Agent.
            2. Upload the installation package to your Windows server. You can use an FTP tool to upload the package.
            3. Run the installer of the Security Center agent on your Windows server as an administrator.
          • Download the Security Center agent when you select Non-Alibaba Server
            1. Click Download Agent.
            2. Click Copy next to Step 2: run the following command in the directory where the client is located.
            3. Upload the installation package to your Windows server. You can use an FTP tool to upload the package.
            4. Run the installer of the Security Center agent on your Windows server as an administrator.
            5. Run the command that you copied in the directory where the Security Center agent resides.

              This command is used to associate the servers that are not deployed on Alibaba Cloud with your Alibaba Cloud account.

          Notice If you install the Security Center agent on servers that run Windows Server 2008 or later, we recommend that you run a command. If you install the Security Center agent on servers that run Windows Server 2003, we recommend that you download the Security Center agent.
      • Linux

        1. On the Agent tab, select Alibaba Cloud Server or Non-Alibaba Server based on your server type.
        2. Set the Key Validity Period parameter.
          Note You can customize this parameter to specify the validity period of the command that is used to install the agent. By default, the validity period of the command is 1 hour. You must install the Security Center agent within the validity period.
        3. Log on to your Linux server as an administrator.
        4. Copy the installation command for 32-bit Linux or 64-bit Linux to your server based on the operating system that your server runs.
        5. Run the installation command on your server to download and install the Security Center agent.
        Notice After you run the installation command, the latest Security Center agent is downloaded from Alibaba Cloud. If you use a server that is not deployed on Alibaba Cloud, make sure that the server is connected to the Internet before you run the installation command.
    About 5 minutes after the agent is installed, you can view the servers that are not deployed on Alibaba Cloud but have the agent installed on the Server(s) tab of the Assets page.
    Notice Due to network latency, servers that are not deployed on Alibaba Cloud and have the Security Center agent installed may not be immediately displayed on the Assets page. In this case, you must click Synchronize Asset on the Server(s) tab of the Assets page to update the relevant information.

How to apply for a 7-day free trial of Security Center Ultimate

If you have purchased an ECS instance, you can apply for a 7-day free trial of Security Center Ultimate. Security Center Ultimate provides comprehensive features. The features include container image scan, threat detection on Kubernetes containers, asset fingerprints, and attack analysis. For more information about how to apply for a free trial, see Apply for a free trial of the Security Center Ultimate edition.