Data Security Center:Purchase Data Security Center

Supported regions and database types

Before purchasing Data Security Center, ensure that your regions and database types are supported by DSC.

• For information on the regions that support DSC, see Supported Regions.

• For information on the database types that DSC supports, see Supported data asset types.

• To learn about the feature differences among various versions of DSC, see Feature differences between versions.

Procedure

1. Visit the or the international Data Security Center purchase page and log on to your Alibaba Cloud account.

2. Select the configuration you want to purchase.

   Refer to the table below to choose the configuration that suits your needs.

   Important

   • DSC does not support the activation of the same service version multiple times. Once you purchase a version, you are unable to purchase another version. You can only upgrade the specifications of your current edition. By default, the edition becomes Enterprise after you upgrade. You can click Upgrade on the Workbench page in the console to complete the upgrade process.

   • If you have activated the Free Edition service and want to purchase a paid edition:

     • Choosing the Only Purchase Value-added Services edition will retain your authorized assets and related usage data.

     • Selecting an edition other than Only Purchase Value-added Services will result in the release of your authorized assets and related usage data, along with the Free Edition instance.

   • When purchasing the Enterprise Edition, you must enable at least one of the services—either Database Management or Storage Data Management—to acquire the corresponding protection capacity.

   Parameter	Description
   Edition	Choose the DSC service edition you want to purchase. Supported editions include the following: Enterprise Edition: Complies with Level 2 of the Classified Protection of Cybersecurity for data audit and personal information protection. Offers comprehensive security audits for cloud-native data types (including RDS, OSS, MaxCompute, ADB, OTS, OceanBase, etc.), identifies and classifies sensitive information, and supports data breach alerts, data masking, and data watermark tracing features. DSC can be activated and deployed in the DSC console with just a few clicks, providing efficient access to core assets. Only Purchase Value-added Services: Services such as data detection response, column encryption, and log storage must be acquired as value-added services with the appropriate resource specifications. When you purchase the data detection and response feature, you also gain access to the data insights and data auditing features at no extra cost for one month. After this trial period, if you want to continue using both features, you must either upgrade your DSC instance to the Enterprise Edition.
   Database Management	A standard feature. Under the Enterprise Edition, you can choose to enable database management, which allows for the authorization, classification, and data audit of database instances. Supports: Enable: This option allows you to manage database instances via DSC, encompassing authorization, classification, and auditing of database instances. Disable: This indicates that the DSC purchased does not support authorization, classification, or data audit services for database instances.
   Number of Instances	A standard feature. Under the Enterprise Edition, specify the maximum number of database instances that can be authorized for protection. Valid values range from 1 to 2000. Note Only after enabling Database Management can you select the Number Of Instances.
   Storage Data Management	A standard feature. Under the Enterprise Edition, decide whether to enable storage data management, which includes authorization, classification, and data audit of data assets. Enable: This signifies that you can safeguard your storage data using DSC, which encompasses authorization, classification, and data audit for data assets. Disable: This signifies that the DSC you have purchased does not support authorization, classification, or data audit services for stored data. Storage data includes data stored in OSS buckets and Simple Log Service projects.
   Storage Protection Capacity	A basic feature. Within the Enterprise Edition, specify the total capacity of OSS and SLS data to be protected by DSC. The unit of measurement is GB. You can increase the capacity in 1,000 GB increments. Valid values range from 1,000 to 10,000,000 GB. In DSC, the authorized SLS supports only the data identification feature. In the Enterprise Edition, the authorized protection capacity of SLS is calculated and deducted at 0.5 times. For example, if your authorized protection capacity of SLS is 1,000 GB, when purchasing the Enterprise Edition Storage Protection Capacity, you only need to plan for 500 GB of SLS protection capacity.
   Detection And Response	A value-added service. Determine whether to enable the data threat detection and response feature for data in OSS, ApsaraDB RDS, and PolarDB. This feature is enabled by default. Enterprise Edition: Upon activation, DSC offers 1 TB of OSS protection capacity and one database instance authorization free of charge each month. Only Purchase Value-added Services: Upon activation, DSC offers monthly complimentary allowances including 500 database instance authorizations, 500 TB of storage data authorization protection capacity (covering both OSS and SLS authorization protection capacities), 100 database table identifications, and 5 GB of storage data identifications (encompassing OSS and SLS identifications).
   Detection And Response - OSS Protection Capacity	A value-added service. After enabling Detection And Response, specify the OSS data capacity that requires detection and response protection. Valid values range from 1 TB to 9,999,999,999 TB. Once the Detection And Response service is enabled, 1 TB of OSS protection capacity is provided free of charge each month.
   Detection And Response - Number Of Database Instances	A value-added service. After enabling Detection And Response, specify the number of database instances that require detection and response protection. Valid values range from 1 to 999,999,999. Once the Detection And Response service is enabled, 1 database instance number is provided free of charge each month.
   Column Encryption	Value-added service. Indicate if the column encryption service should be activated. The feature is Enabled by default. DSC offers one field at no cost.
   Number Of Column Encryption	A value-added service. Set the estimated number of columns that need encryption each month. The value must be in increments of 5 columns.
   Log Storage	Value-added service. Determine if you want to enable the log storage feature. By default, DSC provides 200 GB of log storage each month for each database instance included in your purchased database instance quota and 50 GB of log storage each month for each TB of OSS protection capacity. Enterprise Edition: Number of database instances = Number Of Instances of basic services + Value-added Module Detection Response - Number Of Database Instances OSS protection capacity equals the Storage Protection Capacity of the basic service plus the Value-added Module's Detection Response - OSS Protection Capacity Only Purchase Value-added Services Number of database instances = Detection And Response - Number Of Database Instances OSS protection capacity = Detection and Response - OSS Protection Capacity If the default log storage space provided each month cannot meet your business needs, you can enable Log Storage and purchase Log Storage Capacity. If the total log storage capacity is exhausted, DSC will no longer store subsequent logs.
   Log Storage Capacity	A value-added service. After enabling Log Storage, specify the required log storage capacity. Valid values range from 1 TB to 500 TB. Warning Ensure you select sufficient Log Storage Capacity. If the database access log volume suddenly increases or the purchased storage capacity is insufficient, it may result in log loss.
   Subscription Duration	Choose the subscription duration.

3. Click Buy Now and complete the payment process.