Security Center:Purchase Security Center

Procedure

1. Go to the Security Center buy page and log on to your Alibaba Cloud account.

2. Configure the parameters. The following table describes the parameters on the buy page.

   Parameter	Description
   Edition	The edition that you want to purchase. For more information about the features that are supported by each edition, see Functions and features. Note Security Center provides the Value-added Plan edition. This edition allows you to separately enable the value-added features, such as anti-ransomware, container image scan, cloud honeypot, web tamper proofing, and application protection, for the Basic edition.
   Protected Servers	The number of servers that you want to protect by using Security Center. The default value is the total number of Elastic Compute Service (ECS) instances plus the servers that are not deployed on Alibaba Cloud but have the Security Center agent installed within your Alibaba Cloud account. Note If you want to increase the number of protected servers during the subscription, we recommend that you specify a value that includes the estimated total number of servers to protect. If you specify Anti-virus or Value-added Plan as the edition, you do not need to configure this parameter.
   vCore	The number of cores of servers that you want to protect by using Security Center. The default value indicates the minimum number of cores that you must specify. This parameter is required only if you specify Anti-virus or Ultimate as the edition.
   Vulnerability Fixing	A value-added feature. If you want to purchase the feature, select Yes and configure the Quota for Vulnerability Fixing parameter. This parameter is required only if you specify Anti-virus or Value-added Plan as the edition. You can use this feature to fix Linux software vulnerabilities and Windows system vulnerabilities that are detected on your servers with a few clicks. We recommend that you set the Quota for Vulnerability Fixing parameter to the total number of vulnerabilities that you want to fix each month. Important If you want to fix a large number of vulnerabilities, we recommend that you purchase the Advanced, Enterprise, or Ultimate edition. These editions provide an unlimited quota for vulnerability fixing. If you want to fix a small number of vulnerabilities, you can purchase the vulnerability fixing feature based on the pay-as-you-go billing method. To purchase the vulnerability fixing feature based on the pay-as-you-go billing method, go to the Vulnerabilities page and click Purchase. Pay-as-you-go bills are not affected by the subscription duration of your Security Center. You can use resources before you pay for them.
   Quota for Application Protection	A value-added feature. If you want to purchase the feature, set the Quota for Application Protection parameter to a value greater than 0. You can use the feature to identify and block attacks on applications during application runtime and provide self-protection. We recommend that you set this parameter to the number of application processes that you want to protect each month on your hosts. A larger quota provides protection at a lower unit price. For more information, see Billing overview.
   Anti-ransomware	A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0. The general anti-ransomware solution provides the protection, alerting, and data backup features to prevent ransomware from intruding into your core servers. Important Before you purchase this feature, make sure that the servers that you want to protect are deployed in a supported region of anti-ransomware. For more information about the supported regions, see Overview of anti-ransomware.
   Container Image Scan	A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0. We recommend that you set this parameter to the number of images for which you want to detect container vulnerabilities each month. Security Center identifies an image based on a unique digest value. If the digest value of an image does not change, the quota specified by Container Image Scan is deducted by one only for the first scan. If the digest value of an image changes and the image is scanned again, the quota specified by Container Image Scan is deducted again. The quota is deducted by one each time the digest value changes. For example, if you want to scan 10 images and the estimated total number of times the digest values of the images change is 20 within the subscription, set Container Image Scan to 30. This indicates that the value of Container Image Scan equals the number of images that you want to scan plus the number of times the digest values change. This parameter is available only if you specify Advanced, Enterprise, or Value-added Plan as the edition.
   Log Analysis	A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0. The log analysis feature retrieves data from all logs, including host, network, and security logs. This allows you to trace and analyze security events. Note Security Center Enterprise and Security Center Ultimate support 16 types of logs. Security Center Anti-virus and Security Center Advanced support only 12 subtypes of host logs and security logs. Security Center Anti-virus and Security Center Advanced do not support network logs.
   Cloud Honeypot	A value-added feature. If you want to purchase the feature, select Yes and configure the Quota for Cloud Honeypot parameter. This feature can capture attacks at the earliest opportunity. You can use this feature to detect attacks and protect your core assets in an efficient manner in attack and defense scenarios.
   Web Tamper Proofing	A value-added feature. If you want to purchase the feature, select Yes and configure the Quota for Web Tamper Proofing parameter. This feature monitors web directories in real time and can restore files or directories that are tampered with based on the backup files. This prevents important website information from being tampered with.
   Threat Analysis	A value-added feature. If you want to purchase the feature, select Yes and configure the Log Storage Capacity of Threat Analysis parameter. This feature can detect and handle the security events of multiple cloud services, such as Cloud Firewall and Virtual Private Cloud (VPC), across multiple Alibaba Cloud accounts. This helps improve the operational efficiency of events. If you purchased the log storage capacity for log analysis, we recommend that you set the Log Storage Capacity of Threat Analysis parameter to a value that is three times the purchased log storage capacity. The threat analysis feature stores the logs of multiple Alibaba Cloud accounts and cloud services that are added. Therefore, you must purchase sufficient log storage capacity for threat analysis.
   Duration	The subscription duration. You must determine whether to select Auto-renewal. Note The auto-renewal cycle is based on the subscription duration. If you purchase Security Center on a yearly basis, the auto-renewal cycle is one year. For example, if you select Auto-renewal and purchase a two-year subscription, the auto-renewal cycle is one year.

   Important

   • On July 21, 2022, the basic service fees for Security Center Ultimate is changed from USD 3 per core-month to USD 23.5 per server-month + USD 1 per core-month. You can no longer purchase the product expert service but you can still renew the product expert service that you purchased.

   • If you purchased Security Center Ultimate before July 21, 2022, you are charged based on the original prices when you renew, upgrade, or downgrade Security Center.

   • Starting from July 21, 2022, you are charged the basic service fees for Security Center Ultimate in scenarios when you purchase Security Center Ultimate or upgrade Security Center to the Ultimate edition. Basic service fees = USD 23.5 per server-month + USD 1 per core-month.

3. Read and select Security Center Terms of Service, click Buy Now, and then complete the payment.