View security information about ECS instances - Security Center

After you purchase an Elastic Compute Service (ECS) instance, the ECS instance is automatically protected by Security Center Basic. You can use Security Center to detect risks in your assets and obtain the status of your ECS instances in a quick manner.

Background information

Security Center is a centralized security management system that identifies and analyzes security threats, and generates alerts when threats are detected. Security Center provides multiple features to ensure the security of cloud resources and servers in data centers. The features include anti-ransomware, virus detection and removal, web tamper proofing, and compliance check. This allows you to automate security operations, responses, and threat tracing, and meet regulatory requirements.

The Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center automatically block viruses, and proactively prevent and block common ransomware and DDoS trojans. The ransomware includes WannaCry and Globelmposter, and the DDoS trojans include XOR DDoS and BillGates. We recommend that you enable the malicious behavior defense feature of Security Center to protect the security of your assets. For more information about how to enable the malicious behavior defense feature, see Proactive defense.

For more information about the features that are supported by each edition, see Functions and features.

Prerequisites

Security Hardening is selected when you purchase ECS instances. This way, Security Center protects your ECS instances.

View the risks of ECS instances

You can use one of the following methods to view the risks of ECS instances. You can identify and handle potential risks at the earliest opportunity.

Log on to the ECS console. On the Overview page, click Handle in the security status section on the right to go to the Security Risk panel of the Security Center console. In the panel, you can view and handle existing risks. For more information, see Overview.
Log on to the Security Center console. In the Secure Score section of the Overview page, click Process Now. In the Security Risk panel, you can view and handle existing security risks. For more information, see Overview.

View the security information about an ECS instance

You can use one of the following methods to view the risk details of an ECS instance:

Log on to the ECS console. On the Instances page, find the ECS instance that you want to manage and click the icon in the Monitoring column to view the security status of the ECS instance. If high-severity risks exist, we recommend that you handle the risks as prompted to prevent your workloads from being affected.
Note
The color of the icon varies based on the status. The icon displayed on the page shall prevail.
Log on to the Security Center console. In the top navigation bar, select China or Outside China. In the left-side navigation pane, choose Assets > Host. Then, find the ECS instance and view the security details of the ECS instance. For more information, see View the information about a server.

Note

In the asset list of the Host page, if the icon in the Agent column of an ECS instance indicates offline, the Security Center agent is disconnected from Alibaba Cloud, and the ECS instance is not protected by Security Center. In this case, you must reinstall the Security Center agent. For more information, see Install and uninstall the Security Center agent.