Alibaba Cloud Security Center provides Elastic Compute Service (ECS) with basic security services such as suspicious logon detection, vulnerability scan, and baseline check. You can check the security status of your ECS instances in the ECS console or Security Center console.

Background information

Alibaba Cloud Security Center collects and virtualizes security logs and fingerprints of ECS assets. Basic security services such as vulnerability detection, security alerts, and baseline check are provided free of charge. You can view security information about ECS assets on the Overview page of the ECS console or in the Security Center console. For more information, see What is Security Center?

Basic security services support the following billing methods:
  • In Security Center Basic Edition, basic security services for ECS are free of charge.
  • If you want to upgrade to Security Center Advanced or Enterprise Edition, log on to the Security Center console for a free trial or purchase of Security Center Advanced or Enterprise Edition. For more information about the billing methods of Security Center Advanced Edition and Enterprise Edition, see Billing in Security Center documentation.

Use the Security Center agent

The Security Center agent is a lightweight security control that can be installed on ECS instances. If the Security Center agent is not installed on your ECS instance, your ECS instance is not protected. The security data of the instance, such as vulnerabilities, alerts, baseline vulnerabilities, and asset fingerprints, is not displayed in the ECS console. For more information about the installation paths of the Security Center agent, see Overview of the Security Center agent.

You can perform the following operations to install or uninstall the Security Center agent:
  • Have the Security Center agent automatically installed when you create an ECS instance.
    1. Log on to the ECS console.
    2. In the left-side navigation pane, choose Instances & Images > Instances.
    3. In the top navigation bar, select a region.
    4. When you create an ECS instance, select Security Hardening in the Image section. The system installs the Security Center agent on the ECS instance. For more information, see Create an instance by using the wizard. Select Security Hardening
    Note If you call the RunInstances operation to create an ECS instance, you can also have the Security Center agent automatically installed on the instance by setting SecurityEnhancementStrategy to Active.
  • Manually install the Security Center agent on an existing ECS instance.
    1. Log on to the ECS console.
    2. On the Overview page, click Handle in the Security Score section to go to the Security Center console.
    3. Install the Security Center agent. For more information, see Install the Security Center agent in Security Center documentation.
  • Uninstall the Security Center agent
    1. Log on to the ECS console.
    2. On the Overview page, click Handle in the Security Score section to go to the Security Center console.
    3. Uninstall the Security Center agent. For more information, see Uninstall the Security Center agent in Security Center documentation.

Check the security status of your ECS instance

You can perform the following steps to check the security status of your ECS instance:

  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Instances & Images > Instances.
  3. In the top navigation bar, select a region.
  4. Use one of the following methods to check the security status of your ECS instance:
    • Method 1: On the Instances page, view the Alibaba Cloud Security icon in the Monitoring column corresponding to your ECS instance. If the icon is orange, vulnerability or security alerts in the instance are reported. You can click the Alibaba Cloud Security icon to log on to the Security Center console and view the alert details. Go to Security Center from the Instances page
    • Method 2: Click the instance ID to go to the Instance Details page. On the Instance Details page, view the Alibaba Cloud Security icon. You can click the Protection status icon to log on to the Security Center console and view the alert details. Go to Security Center from the Instance Details page

Set alert notifications

Basic security services allow you to configure alert notifications for security alert items. The alert notifications can be sent by text messages, emails, or internal messages. You can perform the following steps to configure alert notifications:

  1. Log on to the ECS console.
  2. On the Overview page, click Handle in the Security Score section to go to the Security Center console.
  3. In the left-side navigation pane, click Settings. On the Settings page, click the Notifications tab.
  4. In the Alerts section, specify a severity for alerts and configure the methods and time for sending alert notifications.
    Set security alert parameters
    Note If you have upgraded Security Center to Security Center Advanced or Enterprise Edition, see Overview in Security Center documentation.