The Security Center agent is a local plug-in that is provided by Security Center. Before you use Security Center to protect your servers, you must install the Security Center agent on your servers. This topic describes how to install and uninstall the Security Center agent.

Background information

For more information about the description and limits of the Security Center agent, see Overview of the Security Center agent.

How the Security Center agent works

The Security Center agent automatically sends connection information about the agent to the Security Center server in real time.

If the Security Center server does not receive information from the agent in 12 hours, the Security Center server considers that the server on which the agent runs is offline. Then, the Security Center server changes the security status of the server to Unprotected in the console.

Supported operating systems and versions

Supported operating system Supported operating system version
Windows
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012
  • Windows Server 2008
  • Windows Server 2003
Linux
  • CentOS 5, CentOS 6, CentOS 7, and CentOS 8 (32-bit or 64-bit)
  • Ubuntu 9.10 to Ubuntu 20.10 (32-bit or 64-bit)
  • Debian 6, Debian 7, Debian 8, and Debian 9 (32-bit or 64-bit)
  • RHEL 5, RHEL 6, RHEL 7, and RHEL 8 (32-bit or 64-bit)
  • Gentoo (32-bit or 64-bit)
  • openSUSE (32-bit or 64-bit)
  • SUSE (32-bit or 64-bit)
  • Aliyun Linux

Automatic installation of the Security Center agent

Automatic installation is supported only for Elastic Compute Service (ECS) instances. Before you initiate automatic installation, make sure that your server meets the following requirements:
  • Your server is an ECS instance. Otherwise, you must manually install the Security Center agent.
  • Cloud Assistant is installed on your server. For more information about how to install Cloud Assistant, see Cloud Assistant.
  • Your ECS instance is deployed in a region where automatic installation is supported. For more information, see Regions that support automatic installation.
  • Your server is running.
  • The network of your server is working as expected.
  • No third-party security software is installed on your server. Otherwise, you may fail to install the Security Center agent. Before you install the Security Center agent, we recommend that you check whether third-party security software is installed on your server. If third-party security software is installed on your server, we recommend that you disable or uninstall the software before you install the Security Center agent.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Settings.
  3. On the Settings page, click the Agent tab.
  4. On the Client to be installed tab of the Agent tab, find the server that you want to install the agent and click Install the client in the Actions column. You can select multiple servers and click One-click installation in the lower-left corner.
    One-click installation
    Approximately 5 minutes after the agent is installed, you can view the status of the Security Center agent on the Assets page. The status in the Agent column changes from Close to Enable.
    Note If the status in the Agent column is Failed and a message appears indicating that Cloud Assistant is not installed, you must install Cloud Assistant before you install the Security Center agent. For more information about how to install Cloud Assistant, see Cloud Assistant.

Manual installation of the Security Center agent

You must manually install the Security Center agent in the following scenarios:
  • Your server is not deployed on Alibaba Cloud, or Cloud Assistant is not installed on your ECS instance. For more information about how to install Cloud Assistant, see Cloud Assistant.
  • Your ECS instance is deployed in the classic network.
  • Your ECS instance is deployed in a region where automatic installation is not supported. For more information, see Regions that support automatic installation.
  • Your server runs one of the following operating systems: Windows Server 2019, Windows Server 2016, Windows Server 2012, Windows Server 2008, and Windows Server 2003.
  • If your server is not deployed on Alibaba Cloud and is deployed in an on-premises network by using Express Connect circuits, you must add the Domain Name System (DNS) records of Security Center to the host file on your server. If no DNS records are added, automatic installation is not supported. In this case, you must manually install the Security Center agent.

    To add the DNS records, perform the following steps:

    1. Find the host file on your server based on the operating system that your server runs:
      • Linux: /etc/hosts
      • Windows: C:\windows\system32\drivers\etc\hosts
    2. Add the following DNS records to the host file:
      • 106.11.248.209 jsrv.aegis.aliyun.com
      • 106.11.248.90 update.aegis.aliyun.com
Note
  • Do not install the Security Center agent on servers that do not require protection from Security Center, such as debugging servers or your PC.
  • Before you manually install the Security Center agent, make sure that the server is running and the network is working as expected.
  • We recommend that you do not run the installation command in a subdirectory of the /usr/local/aegis/ directory. If you run the installation command in a subdirectory of the /usr/local/aegis/ directory, the directory is cleared. We recommend that you run the installation command in the root directory of the server.

Procedure

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Settings.
  3. On the Settings page, click the Agent tab.
  4. Click the Client Installation Guide tab.
    Security Center provides four default installation commands on the Client Installation Guide tab. If you do not want Security Center to create an image based on an installation command, or you do not want the server on which the installation command is run to be automatically added to a specified server group, you can select an installation command based on the type of your server and the operating system that your server runs. Then, you can run a default command to install the Security Center agent on your server.
  5. Optional:On the Client Installation Guide tab, click Add Installation Command to create an installation command.
    Notice If you use a default installation command, skip this step.
    You can create an installation command to achieve the following purposes:
    • Enable Security Center to create an image based on the installation command, and use the image to preinstall the Security Center agent on multiple servers.
    • Bind a server group to the installation command. After you run the command to install the Security Center agent on a server, the server is automatically added to the server group.
    1. In the Add Installation Command dialog box, configure the parameters.

      The following table describes the parameters.

      Parameter Description
      Expiration time The time when the installation command expires.
      Service Provider The provider of your server.
      Default grouping The server group that you want to bind to the installation command.
      Operating system The operating system in which the installation command can be run. Valid values: Windows, Linux, and windows-2003.
      Making Image System Specifies whether to enable Security Center to create an image. Valid values: Yes and No.
      • If you select Yes, Security Center automatically creates an image based on the installation command. You can use the image to preinstall the Security Center agent on multiple servers at a time without the need to run the installation command on each server.
        Note After you run the installation command on your server, only the installation package of the Security Center agent is downloaded to the server. The process of the Security Center agent is not started. If you want Security Center to protect your server, you must restart the server to start the process of the Security Center agent.
      • If you select No, Security Center generates an installation command but does not create an image based on the installation command.
    2. Click OK. An installation command is generated. Then, copy the command.

      You can view the generated installation command on the Client Installation Guide tab.

  6. Log on to the server on which you want to install the agent by using an account that has administrative rights.
    The tool that you can use to run the installation command varies based on the operating system of the server.
    • Windows: Open the Command Prompt and run the installation command that you copied. Then, the installation package of the Security Center agent is downloaded to and installed on the server.
    • Linux: Open the CLI and run the installation command that you copied. Then, the installation package of the Security Center agent is downloaded to and installed on the server.
    Notice After you run the installation command, the latest version of the Security Center agent is downloaded from Alibaba Cloud. If you use a server that is not deployed on Alibaba Cloud, make sure that the server is connected to the Internet before you run the installation command.
    You can view the status of the agent on the Assets page approximately 5 minutes after the agent is installed.
    • If you use an ECS instance, the status in the Agent column of the instance changes from Close to Enable.
    • If you use a server that is not deployed on Alibaba Cloud, the server is added to the server list on the Assets page.
      Notice Due to network latency, a server that is not deployed on Alibaba Cloud and has the Security Center agent installed may not be immediately displayed on the Assets page. In this case, you must click Synchronize Asset on the Server(s) tab of the Assets page to update the information about the server.

Uninstallation of the Security Center agent

If you no longer need Security Center to protect your servers, you can uninstall the Security Center agent from the Security Center console. To uninstall the agent, perform the following steps: Log on to the Security Center console. In the left-side navigation pane, click Settings. On the page that appears, click the Agent tab. In the upper-right corner of this tab, click Uninstall Client. For more information, see Uninstall the Security Center agent. If your servers are not deployed on Alibaba Cloud, you must manually uninstall the Security Center agent on the servers.
Notice
  • If you manually uninstall the Security Center agent on a server, you must disable Client Protection on the Settings page of the Security Center console before you uninstall the agent. For more information about how to disable Client Protection, see Use the client protection feature.
  • If you uninstall the Security Center agent in the Security Center console, you do not need to disable Client Protection before you uninstall the agent.