Security Center monitors your cloud assets and diagnoses detected issues. This topic describes how to purchase basic protection features and value-added features that are provided by Security Center.
Background information
The Basic, Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center support basic protection features and different value-added features. The value-added features include anti-ransomware, container image scan, cloud honeypot, web tamper proofing, and application protection. The editions help meet your security protection requirements in various scenarios. Before you purchase Security Center, we recommend that you learn about the features that are supported by each edition and the billing rules. For more information, see Functions and features and Billing overview.
Procedure
Go to the Security Center buy page and log on to your Alibaba Cloud account.
Configure the parameters. The following table describes the parameters on the buy page.
Parameter
Description
Version selection
The edition that you want to purchase. For more information about the features that are supported by each edition, see Functions and features.
NoteSecurity Center provides the Value-added Plan edition. This edition allows you to separately enable the value-added features, such as anti-ransomware, container image scan, cloud honeypot, web tamper proofing, and application protection, for the Basic edition.
Number of servers
The number of servers that you want to protect by using Security Center. The default value is the total number of Elastic Compute Service (ECS) instances plus the servers that are not deployed on Alibaba Cloud but have the Security Center agent installed within your Alibaba Cloud account.
NoteIf you want to increase the number of protected servers during the subscription, we recommend that you specify a value that includes the estimated total number of servers to protect.
If you set the Edition parameter to Anti-virus Edition or Value-added Plan, you do not need to configure this parameter.
Vmcore
The number of cores of servers that you want to protect by using Security Center. The default value indicates the minimum number of cores that you must specify.
This parameter is required only if you set the Edition parameter to Anti-virus or Ultimate.
Vulnerability Fixing
A value-added feature. If you want to purchase the feature, select Yes and configure the Quota for Vulnerability Fixing parameter.
You can use the feature to fix vulnerabilities that are detected on the servers with a few clicks. This helps prevent attacks on servers. We recommend that you set the Quota for Vulnerability Fixing parameter to the total number of Linux software vulnerabilities and Windows system vulnerabilities that need to be fixed each month.
NoteThis parameter is available only if you set the Edition parameter to Anti-virus Edition or Value-added Plan. If you purchase the Advanced Edition, Enterprise Edition, or Ultimate Edition edition, you do not need to separately purchase this feature. If a large number of vulnerabilities need to be fixed, we recommend that you purchase the Advanced Edition, Enterprise Edition, or Ultimate Edition edition.
Quota for Application Protection
A value-added feature. If you want to purchase the feature, set the Quota for Application Protection parameter to a value greater than 0.
You can use the feature to identify and block attacks on applications during application runtime and provide self-protection. We recommend that you set this parameter to the number of application processes that you want to protect each month on your hosts. A larger quota provides protection at a lower unit price. For more information, see Billing overview.
Anti-ransomware
A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0.
The general anti-ransomware solution provides the protection, alerting, and data backup features to prevent ransomware from intruding into your core servers.
Container Image Scan
A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0.
We recommend that you set this parameter to the number of images for which you want to detect container vulnerabilities each month. Security Center identifies an image based on a unique digest value. If the digest value of an image does not change, the quota specified by Container Image Scan is deducted by one only for the first scan. If the digest value of an image changes and the image is scanned again, the quota specified by Container Image Scan is deducted again. The quota is deducted by one each time the digest value changes. For example, if you want to scan 10 images and the estimated total number of times the digest values of the images change is 20 within the subscription, set Container Image Scan to 30. This indicates that the value of Container Image Scan equals the number of images that you want to scan plus the number of times the digest values change.
This parameter is available only if you set the Edition parameter to Advanced, Enterprise, or Value-added Plan.
Log analysis
A value-added feature. If you want to purchase the feature, set this parameter to a value greater than 0. The log analysis feature retrieves data from all logs, including host, network, and security logs. This allows you to trace and analyze security events.
NoteSecurity Center Enterprise and Security Center Ultimate support 16 types of logs. Security Center Anti-virus and Security Center Advanced support only 12 subtypes of host logs and security logs. Security Center Anti-virus and Security Center Advanced do not support network logs.
Cloud Honeypot
A value-added feature. If you want to purchase the feature, select Yes and configure the Quota for Cloud Honeypot parameter. This feature can capture attacks at the earliest opportunity. You can use this feature to detect attacks and protect your core assets in an efficient manner in attack and defense scenarios.
Web Tamper Protection
A value-added feature. If you want to purchase the feature, select Yes and configure the Licenses parameter. This feature monitors web directories in real time and can restore files or directories that are tampered with based on the backup files. This prevents important website information from being tampered with.
Threat Analysis
A value-added feature. If you want to purchase the feature, select Yes and configure the Log Storage Capacity of Threat Analysis parameter. This feature can detect and handle the security events of multiple cloud services, such as Cloud Firewall and Virtual Private Cloud (VPC), across multiple Alibaba Cloud accounts. This helps improve the operational efficiency of events.
If you purchased the log storage capacity for log analysis, we recommend that you set Log Storage Capacity of Threat Analysis to a value that is three times the purchased log storage capacity. The threat analysis feature stores the logs of multiple Alibaba Cloud accounts and cloud services that are added. Therefore, you must purchase sufficient log storage capacity for threat analysis.
Duration of purchase
The subscription duration. You must determine whether to select Auto-renewal.
NoteThe auto-renewal cycle is based on the subscription duration. If you purchase Security Center on a yearly basis, the auto-renewal cycle is one year. For example, if you select Auto-renewal and purchase a two-year subscription, the auto-renewal cycle is one year.
Important- On July 21, 2022, the basic service fees for Security Center Ultimate was changed from USD 3 per core-month to USD 23.5 per server-month + USD 1 per core-month. You can no longer purchase the product expert service but you can still renew the product expert service that you purchased.
- If you purchased Security Center Ultimate before July 21, 2022, you are charged based on the original prices when you renew, upgrade, or downgrade Security Center.
- Starting from July 21, 2022, you are charged the basic service fees for Security Center Ultimate in scenarios when you purchase Security Center Ultimate or upgrade Security Center to the Ultimate edition. Basic service fees = USD 23.5 per server-month + USD 1 per core-month.
Read and select Security Center Terms of Service, click Buy Now, and then complete the payment.