Security Center is a centralized security management system that identifies and analyzes
security threats, and generates alerts when threats are detected. Security Center
provides multiple features to ensure the security of cloud resources and servers in
data centers. The features include anti-ransomware, antivirus, web tamper proofing,
and compliance check. This allows you to automate security operations, responses,
and threat tracing, and meet regulatory compliance requirements. By default, the features
of Security Center Basic are enabled to protect Elastic Compute Service (ECS) instances.
The Anti-virus or higher edition of Security Center automatically quarantines viruses, proactively
prevents and quarantines common ransomware and DDoS trojans. The ransomware includes
WannaCry and Globelmposter, and the DDoS trojans include XOR DDoS and BillGates. We
recommend that you enable the automatic quarantine feature of Security Center to reinforce
the security of your assets. For more information about how to enable the automatic quarantine feature, see Use proactive defense.
For more information about the features that each edition supports, see Features.
Security Hardening is selected when you purchase ECS instances. This way, Security Center protects your
View overall security information of ECS instances
To view the security information of ECS instances, log on to the ECS console
and click Overview
in the left-side navigation pane. On the tab that appears, click Handle
in the Security Status section. On the Overview
tab of the Security Center console, view the security information of ECS instances.
On the Overview
tab in the Security Center console, you can view the security score of your assets
and information about the threats that are detected on your assets. The information
includes the number of unhanded alerts, alert levels, and the total number of generated
alerts. For more information, see Overview
You can click Process Now in the Unhandled Alerts, Unfixed Vul, Baseline Risks, or Attacks section to view the details about the specific types of threats and handle the threats.
View the security information of an ECS instance
To view the details of an ECS instance, log on to the ECS console
and click Instances
in the left-side navigation pane. On the Instances
page, click the Alibaba Cloud Security icon of the required ECS instance. The Assets
page in the Security Center console appears. The details of the ECS instance are
displayed on the Assets page.
You can view the security information of an ECS instance on the Assets
page in the Security Center console. For more information, see View the details of an asset
If the Security Center agent on a server is in the Offline
state, the Security Center agent is disconnected from Alibaba Cloud, and Security
Center does not protect the server. In this case, go to the Security Center console
and click Settings
in the left-side navigation pane. On the page that appears, click the Agent
tab, find the required server, and then click Install the client
. For more information, see Install and uninstall the Security Center agent