Security Center is a security management system that can generate alerts, and detect and analyze risks in real time. Security Center provides features such as security overview, anti-ransomware, antivirus, web tamper proofing, and compliance checks. The features help you detect risks and protect your servers and web applications.

Intended users

This topic is intended for the following users:

  • Users who want to know how to activate and use Security Center.
  • Users who want to know about the features supported by each edition of Security Center.
  • Users who want to monitor the security status of the assets that are protected by Security Center.

Prerequisites

The Security Center agent is installed on the servers that you want to protect. The Security Center agent is a plug-in that you can install on your servers. Before you can use Security Center to protect your servers, you must install the Security Center agent on your servers. For more information about how to install the Security Center agent, see Install the Security Center agent.
Note If you select Security Enhancement when you purchase an Elastic Compute Service (ECS) instance, Security Center Basic is automatically activated for your Alibaba Cloud account, and the Security Center agent is automatically installed on the ECS instance.

Process

The following process shows how to use Security Center to protect your servers.

  1. Security Center automatically enables the features that are supported by the Basic edition. The Basic edition can detect only unusual logons to servers, Linux software vulnerabilities, Windows system vulnerabilities, Web-CMS vulnerabilities, and urgent vulnerabilities.
    1. Learn about the features that are supported by the Basic Anti-Virus, Advanced, and Enterprise editions of Security Center. For more information, see Features.
    2. Purchase an edition of Security Center based on your business requirements. For more information, see Purchase Security Center.
  2. After you purchase Security Center, you can view the security score of your assets on the Overview tab in the Security Center console. You can handle security events based on penalty points and the risks that correspond to the penalty points. This reinforces the security of your assets. For more information, see Improve the security score of your assets.
    Note The security status of your assets is detected by the Security Center agent, and the security information about your assets is also collected by the agent.
    • If you select Security Enhancement when you purchase an ECS instance, Security Center Basic is automatically activated for your Alibaba Cloud account, and the Security Center agent is automatically installed on the ECS instance. In this case, you can use Security Center without configurations.
    • If you do not select Security Enhancement when you purchase an ECS instance, you must install the agent on the ECS instance before you can use Security Center to protect the ECS instance. For more information, see Install the Security Center agent.
    • You can check whether the Security Center agent is online based on the protection status of your servers. If the status of the agent is Enable, the agent is online. If the status of the agent is Close, the agent is offline. If the agent is offline, you must identify the cause and resolve the issue based on the cause. Security Center protects your servers only when the agent is online. For more information, see Troubleshoot why the Security Center agent is offline.
  3. After you purchase Security Center, you can view the security status and security information of the servers within your Alibaba Cloud account on the Overview tab. The security information is about alerts, vulnerability detection results, and configuration risks on your system. For more information, see Overview (new version).