All Products
Search

This Product

    :Enable features on the Agent Settings tab

    Document Center

    :Enable features on the Agent Settings tab

    Last Updated:Nov 07, 2023

    You can enable features on the Agent Settings tab to improve the running and detection capabilities of the Security Center agent. The features include client protection, local file detection, and client resource management. This topic describes the features that you can enable on the Agent Settings tab and how to enable the features.

    Client Protection

    The client protection feature blocks malicious operations that attempt to uninstall the Security Center agent. The feature ensures that Security Center provides stable protection capabilities.

    Description

    After you enable the client protection feature, Security Center provides default capabilities of security protection for the process files in the directory of the Security Center agent. Security Center also blocks all malicious behavior that attempts to uninstall the Security Center agent but is not performed in the Security Center console. This prevents attackers from gaining access to servers and uninstalling the Security Center agent. This also prevents the Security Center agent from being accidentally terminated by other processes. If the Security Center agent on your server is uninstalled or terminated, Security Center cannot protect your server. We recommend that you enable the client protection feature for all servers.

    Note

    After you enable the client protection feature for your server, you can uninstall the Security Center agent only by using one of the following methods:

    • Disable the client protection feature for the server and uninstall the Security Center agent from the server.

    • Uninstall the Security Center agent in the Security Center console. For more information, see Uninstall the Security Center agent.

    If the version of the operating system or kernel used by a server is not supported by the feature, you cannot enable the feature for the server.

    View the operating system versions and kernel versions supported by the client protection feature

    Operating system

    Supported operating system version

    Supported kernel version

    Windows (64-bit)

    • Windows Server 2008 R2

    • Windows Server 2012 R2

    • Windows Server 2016

    • Windows Server 2019

    • Windows Server 2022

    All versions

    CentOS (64-bit)

    • CentOS 6.3~6.10

    • CentOS 7.0~7.9

    • CentOS 8.0~8.5

    5.x.x series

    • 5.6.5-1.el7.elrepo.x86_64

    • 5.5.7-1.el7.elrepo.x86_64

    • 5.5.5-1.el7.elrepo.x86_64

    • 5.5.1-1.el7.elrepo.x86_64

    • 5.4.208-1.el7.elrepo.x86_64

    • 5.4.201-1.el7.elrepo.x86_64

    • 5.4.195-1.el7.elrepo.x86_64

    • 5.4.188-1.el7.elrepo.x86_64

    • 5.4.181-1.el7.elrepo.x86_64

    • 5.4.173-1.el7.elrepo.x86_64

    • 5.4.168-1.el7.elrepo.x86_64

    • 5.4.157-1.el7.elrepo.x86_64

    • 5.4.155-1.el7.elrepo.x86_64

    • 5.4.148-1.el7.elrepo.x86_64

    • 5.4.144-1.el7.elrepo.x86_64

    • 5.4.143-1.el7.elrepo.x86_64

    • 5.4.132-1.el7.elrepo.x86_64

    • 5.4.129-1.el7.elrepo.x86_64

    • 5.4.109-1.el7.elrepo.x86_64

    • 5.4.91-1.el7.elrepo.x86_64

    • 5.4.86-1.el7.elrepo.x86_64

    • 5.4.42-200.el7.x86_64

    • 5.4.8-1.el7.elrepo.x86_64

    • 5.3.8-1.el7.elrepo.x86_64

    • 5.3.7-1.el7.elrepo.x86_64

    • 5.3.0-1.el7.elrepo.x86_64

    4.x.x series

    • 4.20.13-1.el7.elrepo.x86_64

    • 4.19.113-300.el7.x86_64

    • 4.19.104-300.el7.x86_64

    • 4.19.110-300.el7.x86_64

    • 4.19.94-300.el7.x86_64

    • 4.19.12-1.el7.elrepo.x86_64

    • 4.18.10-1.el7.elrepo.x86_64

    • 4.18.8-1.el7.elrepo.x86_64

    • 4.18.0-408.el8.x86_64

    • 4.18.0-394.el8.x86_64

    • 4.18.0-383.el8.x86_64

    • 4.18.0-373.el8.x86_64

    • 4.18.0-372.19.1.el8_6.x86_64

    • 4.18.0-372.9.1.el8.x86_64

    • 4.18.0-365.el8.x86_64

    • 4.18.0-358.el8.x86_64

    • 4.18.0-348.20.1.el8_5.x86_64

    • 4.18.0-348.12.2.el8_5.x86_64

    • 4.18.0-348.7.1.el8_5.x86_64

    • 4.18.0-348.2.1.el8_5.x86_64

    • 4.18.0-348.el8.x86_64

    • 4.18.0-305.25.1.el8_4.x86_64

    • 4.18.0-305.19.1.el8_4.x86_64

    • 4.18.0-305.17.1.el8_4.x86_64

    • 4.18.0-305.12.1.el8_4.x86_64

    • 4.18.0-305.10.2.el8_4.x86_64

    • 4.18.0-305.7.1.el8_4.x86_64

    • 4.18.0-305.3.1.el8.x86_64

    • 4.18.0-240.22.1.el8_3.x86_64

    • 4.18.0-240.15.1.el8_3.x86_64

    • 4.18.0-240.10.1.el8_3.x86_64

    • 4.18.0-240.1.1.el8_3.x86_64

    • 4.18.0-193.28.1.el8_2.x86_64

    • 4.18.0-193.19.1.el8_2.x86_64

    • 4.18.0-193.14.2.el8_2.x86_64

    • 4.18.0-193.6.3.el8_2.x86_64

    • 4.18.0-193.1.2.el8_2.x86_64

    • 4.18.0-193.el8.x86_64

    • 4.18.0-147.8.1.el8_1.x86_64

    • 4.18.0-147.5.1.el8_1.x86_64

    • 4.18.0-147.3.1.el8_1.x86_64

    • 4.18.0-80.11.2.el8_0.x86_64

    • 4.14.1-1.el7.elrepo.x86_64

    • 4.13.3-1.el7.elrepo.x86_64

    • 4.13.2-1.el7.elrepo.x86_64

    • 4.11.8-1.el7.elrepo.x86_64

    • 4.9.220-37.el7.x86_64

    • 4.9.215-36.el7.x86_64

    • 4.4.248-1.el7.elrepo.x86_64

    • 4.4.169-1.el7.elrepo.x86_64

    • 4.4.196-1.el7.elrepo.x86_64

    • 4.4.216-1.el7.elrepo.x86_64

    • 4.4.219-1.el7.elrepo.x86_64

    • 4.4.223-1.el7.elrepo.x86_64

    • 4.4.225-1.el7.elrepo.x86_64

    • 4.4.228-2.el7.elrepo.x86_64

    • 4.4.231-1.el7.elrepo.x86_64

    • 4.4.240-1.el7.elrepo.x86_64

    • 4.4.71-1.el7.elrepo.x86_64

    3.10.0 series

    • 3.10.0-1160.90.1.el7.x86_64

    • 3.10.0-1160.88.1.el7.x86_64

    • 3.10.0-1160.83.1.el7.x86_64

    • 3.10.0-1160.81.1.el7.x86_64

    • 3.10.0-1160.80.1.el7.x86_64

    • 3.10.0-1160.76.1.el7.x86_64

    • 3.10.0-1160.71.1.el7.x86_64

    • 3.10.0-1160.66.1.el7.x86_64

    • 3.10.0-1160.62.1.el7.x86_64

    • 3.10.0-1160.59.1.el7.x86_64

    • 3.10.0-1160.53.1.el7.x86_64

    • 3.10.0-1160.49.1.el7.x86_64

    • 3.10.0-1160.45.1.el7.x86_64

    • 3.10.0-1160.42.2.el7.x86_64

    • 3.10.0-1160.41.1.el7.x86_64

    • 3.10.0-1160.36.2.el7.x86_64

    • 3.10.0-1160.31.1.el7.x86_64

    • 3.10.0-1160.25.1.el7.x86_64

    • 3.10.0-1160.24.1.el7.x86_64

    • 3.10.0-1160.21.1.el7.x86_64

    • 3.10.0-1160.15.2.el7.x86_64

    • 3.10.0-1160.11.1.el7.x86_64

    • 3.10.0-1160.6.1.el7.x86_64

    • 3.10.0-1160.2.2.el7.x86_64

    • 3.10.0-1160.2.1.el7.x86_64

    • 3.10.0-1160.el7.x86_64

    • 3.10.0-1127.19.1.el7.x86_64

    • 3.10.0-1127.18.2.el7.x86_64

    • 3.10.0-1127.13.1.el7.x86_64

    • 3.10.0-1127.10.1.el7.x86_64

    • 3.10.0-1127.8.2.el7.x86_64

    • 3.10.0-1127.el7.x86_64

    • 3.10.0-1062.18.1.el7.x86_64

    • 3.10.0-1062.12.1.el7.x86_64

    • 3.10.0-1062.9.1.el7.x86_64

    • 3.10.0-1062.7.1.el7.x86_64

    • 3.10.0-1062.4.3.el7.x86_64

    • 3.10.0-1062.4.2.el7.x86_64

    • 3.10.0-1062.4.1.el7.x86_64

    • 3.10.0-1062.1.2.el7.x86_64

    • 3.10.0-1062.1.1.el7.x86_64

    • 3.10.0-1062.el7.x86_64

    • 3.10.0-957.27.2.el7.x86_64

    • 3.10.0-957.21.3.el7.x86_64

    • 3.10.0-957.21.2.el7.x86_64

    • 3.10.0-957.12.2.el7.x86_64

    • 3.10.0-957.12.1.el7.x86_64

    • 3.10.0-957.10.1.el7.x86_64

    • 3.10.0-957.5.1.el7.x86_64

    • 3.10.0-957.1.3.el7.x86_64

    • 3.10.0-957.el7.x86_64

    • 3.10.0-862.14.4.el7.x86_64

    • 3.10.0-862.11.6.el7.x86_64

    • 3.10.0-862.9.1.el7.x86_64

    • 3.10.0-862.6.3.el7.x86_64

    • 3.10.0-862.3.3.el7.x86_64

    • 3.10.0-862.3.2.el7.x86_64

    • 3.10.0-862.2.3.el7.x86_64

    • 3.10.0-862.el7.x86_64

    • 3.10.0-693.21.1.el7.x86_64

    • 3.10.0-693.17.1.el7.x86_64

    • 3.10.0-693.11.6.el7.x86_64

    • 3.10.0-693.11.1.el7.x86_64

    • 3.10.0-693.5.2.el7.x86_64

    • 3.10.0-693.2.2.el7.x86_64

    • 3.10.0-693.el7.x86_64

    • 3.10.0-514.26.2.el7.x86_64

    • 3.10.0-514.26.1.el7.x86_64

    • 3.10.0-514.21.2.el7.x86_64

    • 3.10.0-514.21.1.el7.x86_64

    • 3.10.0-514.16.1.el7.x86_64

    • 3.10.0-514.10.2.el7.x86_64

    • 3.10.0-514.6.2.el7.x86_64

    • 3.10.0-514.6.1.el7.x86_64

    • 3.10.0-514.2.2.el7.x86_64

    • 3.10.0-514.el7.x86_64

    • 3.10.0-327.36.3.el7.x86_64

    • 3.10.0-327.28.3.el7.x86_64

    • 3.10.0-327.28.2.el7.x86_64

    • 3.10.0-327.22.2.el7.x86_64

    • 3.10.0-327.18.2.el7.x86_64

    • 3.10.0-327.13.1.el7.x86_64

    • 3.10.0-327.10.1.el7.x86_64

    • 3.10.0-327.el7.x86_64

    • 3.10.0-229.el7.x86_64

    2.6.32 series

    • 2.6.32-754.35.1.el6.x86_64

    • 2.6.32-754.33.1.el6.x86_64

    • 2.6.32-754.31.1.el6.x86_64

    • 2.6.32-754.30.2.el6.x86_64

    • 2.6.32-754.29.2.el6.x86_64

    • 2.6.32-754.29.1.el6.x86_64

    • 2.6.32-754.28.1.el6.x86_64

    • 2.6.32-754.27.1.el6.x86_64

    • 2.6.32-754.25.1.el6.x86_64

    • 2.6.32-754.24.3.el6.x86_64

    • 2.6.32-754.23.1.el6.x86_64

    • 2.6.32-754.22.1.el6.x86_64

    • 2.6.32-754.18.2.el6.x86_64

    • 2.6.32-754.17.1.el6.x86_64

    • 2.6.32-754.15.3.el6.x86_64

    • 2.6.32-754.14.2.el6.x86_64

    • 2.6.32-754.12.1.el6.x86_64

    • 2.6.32-754.11.1.el6.x86_64

    • 2.6.32-754.10.1.el6.x86_64

    • 2.6.32-754.9.1.el6.x86_64

    • 2.6.32-754.6.3.el6.x86_64

    • 2.6.32-754.3.5.el6.x86_64

    • 2.6.32-754.2.1.el6.x86_64

    • 2.6.32-754.el6.x86_64

    • 2.6.32-696.30.1.el6.x86_64

    • 2.6.32-696.28.1.el6.x86_64

    • 2.6.32-696.23.1.el6.x86_64

    • 2.6.32-696.20.1.el6.x86_64

    • 2.6.32-696.18.7.el6.x86_64

    • 2.6.32-696.16.1.el6.x86_64

    • 2.6.32-696.13.2.el6.x86_64

    • 2.6.32-696.10.2.el6.x86_64

    • 2.6.32-696.10.1.el6.x86_64

    • 2.6.32-696.6.3.el6.x86_64

    • 2.6.32-696.3.2.el6.x86_64

    • 2.6.32-696.3.1.el6.x86_64

    • 2.6.32-696.1.1.el6.x86_64

    • 2.6.32-696.el6.x86_64

    • 2.6.32-642.15.1.el6.x86_64

    • 2.6.32-642.13.1.el6.x86_64

    • 2.6.32-642.11.1.el6.x86_64

    • 2.6.32-642.6.2.el6.centos.plus.x86_64

    • 2.6.32-642.6.2.el6.x86_64

    • 2.6.32-642.6.1.el6.x86_64

    • 2.6.32-642.4.2.el6.x86_64

    • 2.6.32-642.3.1.el6.x86_64

    • 2.6.32-642.1.1.el6.x86_64

    • 2.6.32-642.el6.x86_64

    • 2.6.32-573.22.1.el6.x86_64

    • 2.6.32-573.18.1.el6.x86_64

    • 2.6.32-573.12.1.el6.x86_64

    • 2.6.32-573.26.1.el6.x86_64

    • 2.6.32-573.3.1.el6.x86_64

    • 2.6.32-573.7.1.el6.x86_64

    • 2.6.32-573.8.1.el6.x86_64

    • 2.6.32-573.el6.x86_64

    • 2.6.32-504.30.3.el6.x86_64

    • 2.6.32-504.16.2.el6.x86_64

    • 2.6.32-504.12.2.el6.x86_64

    • 2.6.32-504.8.1.el6.x86_64

    • 2.6.32-504.el6.x86_64

    • 2.6.32-431.29.2.el6.x86_64

    • 2.6.32-431.23.3.el6.x86_64

    • 2.6.32-431.20.3.el6.x86_64

    • 2.6.32-431.17.1.el6.x86_64

    • 2.6.32-431.el6.x86_64

    • 2.6.32-358.6.2.el6.x86_64

    • 2.6.32-358.el6.x86_64

    • 2.6.32-279.el6.x86_64

    • 2.6.32-220.el6.x86_64

    Ubuntu (64-bit)

    • Ubuntu 14.04

    • Ubuntu 16.04

    • Ubuntu 18.04

    • Ubuntu 20.04

    5.x.x series

    • 5.4.0-139-generic

    • 5.4.0-137-generic

    • 5.4.0-136-generic

    • 5.4.0-135-generic

    • 5.4.0-132-generic

    • 5.4.0-131-generic

    • 5.4.0-126-generic

    • 5.4.0-125-generic

    • 5.4.0-124-generic

    • 5.4.0-123-generic

    • 5.4.0-122-generic

    • 5.4.0-121-generic

    • 5.4.0-120-generic

    • 5.4.0-117-generic

    • 5.4.0-113-generic

    • 5.4.0-110-generic

    • 5.4.0-109-generic

    • 5.4.0-108-generic

    • 5.4.0-107-generic

    • 5.4.0-106-generic

    • 5.4.0-105-generic

    • 5.4.0-104-generic

    • 5.4.0-102-generic

    • 5.4.0-100-generic

    • 5.4.0-99-generic

    • 5.4.0-97-generic

    • 5.4.0-96-generic

    • 5.4.0-94-generic

    • 5.4.0-92-generic

    • 5.4.0-91-generic

    • 5.4.0-90-generic

    • 5.4.0-89-generic

    • 5.4.0-88-generic

    • 5.4.0-86-generic

    • 5.4.0-84-generic

    • 5.4.0-83-generic

    • 5.4.0-81-generic

    • 5.4.0-80-generic

    • 5.4.0-77-generic

    • 5.4.0-75-generic

    • 5.4.0-74-generic

    • 5.4.0-73-generic

    • 5.4.0-72-generic

    • 5.4.0-70-generic

    • 5.4.0-67-generic

    • 5.4.0-66-generic

    • 5.4.0-65-generic

    • 5.4.0-62-generic

    • 5.4.0-60-generic

    • 5.4.0-59-generic

    • 5.4.0-58-generic

    • 5.4.0-54-generic

    • 5.4.0-52-generic

    • 5.4.0-48-generic

    • 5.4.0-47-generic

    • 5.4.0-45-generic

    • 5.4.0-42-generic

    • 5.4.0-31-generic

    • 5.3.0-40-generic

    4.x.x series

    • 4.18.0-21-generic

    • 4.18.0-15-generic

    • 4.15.0-202-generic

    • 4.15.0-200-generic

    • 4.15.0-197-generic

    • 4.15.0-196-generic

    • 4.15.0-192-generic

    • 4.15.0-191-generic

    • 4.15.0-190-generic

    • 4.15.0-189-generic

    • 4.15.0-188-generic

    • 4.15.0-187-generic

    • 4.15.0-184-generic

    • 4.15.0-181-generic

    • 4.15.0-180-generic

    • 4.15.0-177-generic

    • 4.15.0-176-generic

    • 4.15.0-175-generic

    • 4.15.0-173-generic

    • 4.15.0-171-generic

    • 4.15.0-170-generic

    • 4.15.0-169-generic

    • 4.15.0-167-generic

    • 4.15.0-166-generic

    • 4.15.0-161-generic

    • 4.15.0-163-generic

    • 4.15.0-162-generic

    • 4.15.0-159-generic

    • 4.15.0-158-generic

    • 4.15.0-156-generic

    • 4.15.0-154-generic

    • 4.15.0-153-generic

    • 4.15.0-151-generic

    • 4.15.0-147-generic

    • 4.15.0-145-generic

    • 4.15.0-144-generic

    • 4.15.0-143-generic

    • 4.15.0-141-generic

    • 4.15.0-142-generic

    • 4.15.0-140-generic

    • 4.15.0-139-generic

    • 4.15.0-137-generic

    • 4.15.0-136-generic

    • 4.15.0-135-generic

    • 4.15.0-134-generic

    • 4.15.0-132-generic

    • 4.15.0-130-generic

    • 4.15.0-129-generic

    • 4.15.0-128-generic

    • 4.15.0-124-generic

    • 4.15.0-122-generic

    • 4.15.0-121-generic

    • 4.15.0-117-generic

    • 4.15.0-118-generic

    • 4.15.0-112-generic

    • 4.15.0-111-generic

    • 4.15.0-109-generic

    • 4.15.0-108-generic

    • 4.15.0-106-generic

    • 4.15.0-101-generic

    • 4.15.0-99-generic

    • 4.15.0-96-generic

    • 4.15.0-91-generic

    • 4.15.0-88-generic

    • 4.15.0-76-generic

    • 4.15.0-74-generic

    • 4.15.0-72-generic

    • 4.15.0-70-generic

    • 4.15.0-66-generic

    • 4.15.0-65-generic

    • 4.15.0-64-generic

    • 4.15.0-58-generic

    • 4.15.0-54-generic

    • 4.15.0-55-generic

    • 4.15.0-52-generic

    • 4.15.0-48-generic

    • 4.15.0-46-generic

    • 4.15.0-45-generic

    • 4.15.0-43-generic

    • 4.15.0-42-generic

    • 4.15.0-23-generic

    • 4.15.0-13-generic

    • 4.11.0-14-generic

    • 4.4.0-210-generic

    • 4.4.0-206-generic

    • 4.4.0-203-generic

    • 4.4.0-201-generic

    • 4.4.0-198-generic

    • 4.4.0-197-generic

    • 4.4.0-194-generic

    • 4.4.0-193-generic

    • 4.4.0-190-generic

    • 4.4.0-189-generic

    • 4.4.0-187-generic

    • 4.4.0-186-generic

    • 4.4.0-185-generic

    • 4.4.0-184-generic

    • 4.4.0-179-generic

    • 4.4.0-178-generic

    • 4.4.0-177-generic

    • 4.4.0-176-generic

    • 4.4.0-174-generic

    • 4.4.0-173-generic

    • 4.4.0-171-generic

    • 4.4.0-170-generic

    • 4.4.0-169-generic

    • 4.4.0-165-generic

    • 4.4.0-164-generic

    • 4.4.0-161-generic

    • 4.4.0-159-generic

    • 4.4.0-157-generic

    • 4.4.0-154-generic

    • 4.4.0-151-generic

    • 4.4.0-150-generic

    • 4.4.0-148-generic

    • 4.4.0-146-generic

    • 4.4.0-145-generic

    • 4.4.0-143-generic

    • 4.4.0-142-generic

    • 4.4.0-141-generic

    • 4.4.0-140-generic

    • 4.4.0-139-generic

    • 4.4.0-138-generic

    • 4.4.0-135-generic

    • 4.4.0-131-generic

    • 4.4.0-130-generic

    • 4.4.0-128-generic

    • 4.4.0-127-generic

    • 4.4.0-124-generic

    • 4.4.0-119-generic

    • 4.4.0-117-generic

    • 4.4.0-116-generic

    • 4.4.0-105-generic

    • 4.4.0-104-generic

    • 4.4.0-101-generic

    • 4.4.0-97-generic

    • 4.4.0-96-generic

    • 4.4.0-93-generic

    • 4.4.0-87-generic

    • 4.4.0-85-generic

    • 4.4.0-81-generic

    • 4.4.0-79-generic

    • 4.4.0-63-generic

    • 4.4.0-62-generic

    • 4.4.0-57-generic

    • 4.4.0-53-generic

    3.x.x series

    • 3.19.0-80-generic

    Alibaba Cloud Linux (64-bit)

    AliyunLinux 2.1903

    5.x.x series

    • 5.10.134-14.1.al8.x86_64

    • 5.10.134-13.1.al8.x86_64

    • 5.10.134-13.al8.x86_64

    • 5.10.134-12.2.al8.x86_64

    • 5.10.134-12.al8.x86_64

    • 5.10.112-11.2.al8.x86_64

    • 5.10.112-11.1.al8.x86_64

    • 5.10.112-11.al8.x86_64

    • 5.10.84-10.4.al8.x86_64

    • 5.10.84-10.3.al8.x86_64

    • 5.10.84-10.2.al8.x86_64

    • 5.10.60-9.al8.x86_64

    • 5.10.23-6.al8.x86_64

    • 5.10.23-6.1.al8.x86_64

    • 5.10.23-5.al8.x86_64

    4.x.x series

    • 4.19.91-27.al7.x86_64

    • 4.19.91-26.6.al7.x86_64

    • 4.19.91-26.5.al7.x86_64

    • 4.19.91-26.4.al7.x86_64

    • 4.19.91-26.2.al7.x86_64

    • 4.19.91-26.1.al7.x86_64

    • 4.19.91-26.al7.x86_64

    • 4.19.91-25.8.al7.x86_64

    • 4.19.91-25.7.al7.x86_64

    • 4.19.91-25.6.al7.x86_64

    • 4.19.91-25.3.al7.x86_64

    • 4.19.91-25.1.al7.x86_64

    • 4.19.91-25.al7.x86_64

    • 4.19.91-24.1.al7.x86_64

    • 4.19.91-24.al7.x86_64

    • 4.19.91-23.1.al7.x86_64

    • 4.19.91-23.al7.x86_64

    • 4.19.91-22.2.al7.x86_64

    • 4.19.91-22.1.al7.x86_64

    • 4.19.91-22.fc.1.al7.x86_64

    • 4.19.91-22.al7.x86_64

    • 4.19.91-21.2.al7.x86_64

    • 4.19.91-21.al7.x86_64

    • 4.19.91-19.2.al7.x86_64

    • 4.19.91-19.1.al7.x86_64

    • 4.19.91-18.al7.x86_64

    • 4.19.81-17.2.al7.x86_64

    • 4.19.81-17.1.al7.x86_64

    • 4.19.81-17.al7.x86_64

    • 4.19.57-15.1.al7.x86_64

    • 4.19.43-13.2.al7.x86_64

    • 4.19.36-12.al7.x86_64

    • 4.19.34-11.al7.x86_64

    • 4.19.24-9.al7.x86_64

    • 4.19.24-7.14.al7.x86_64

    • 4.4.95-3.al7.x86_64

    • 4.4.95-2.al7.x86_64

    • 4.4.95-1.al7.x86_64

    • 4.4.24-2.al7.x86_64

    • 4.19.91-009.ali4000.alios7.x86_64

    3.10.0 series

    • 3.10.0-1160.al7.1.x86_64

    • 3.10.0-1127.19.1.al7.1.x86_64

    • 3.10.0-1127.al7.1.x86_64

    • 3.10.0-1062.12.1.al7.1.x86_64

    • 3.10.0-1062.4.1.al7.1.x86_64

    • 3.10.0-514.2.3.al7.x86_64

    Anolis (64-bit)

    All versions

    4.x.x series

    • 4.19.91-27.an7.x86_64

    • 4.19.91-26.6.an8.x86_64

    • 4.19.91-26.6.an7.x86_64

    • 4.19.91-26.5.an8.x86_64

    • 4.19.91-26.5.an7.x86_64

    • 4.19.91-26.4.an7.x86_64

    • 4.19.91-26.1.an8.x86_64

    • 4.19.91-26.an8.x86_64

    • 4.19.91-26.an7.x86_64

    • 4.19.91-25.8.an8.x86_64

    • 4.19.91-25.7.an8.x86_64

    • 4.19.91-25.2.an7.x86_64

    • 4.18.0-372.32.1.an8_6.x86_64

    • 4.18.0-372.26.1.an8_6.x86_64

    • 4.18.0-372.19.1.an8_6.x86_64

    • 4.18.0-372.16.1.an8_6.x86_64

    • 4.18.0-372.9.1.an8.x86_64

    • 4.18.0-348.23.1.an8_5.x86_64

    • 4.18.0-348.20.1.an8_5.x86_64

    • 4.18.0-348.12.2.an8.x86_64

    • 4.18.0-348.2.1.an8_4.x86_64

    • 4.18.0-305.an8.x86_64

    3.10.0 series

    • 3.10.0-1160.81.1.0.1.an7.x86_64

    • 3.10.0-1160.76.1.0.1.an7.x86_64

    • 3.10.0-1160.71.1.0.1.an7.x86_64

    • 3.10.0-1160.66.1.0.1.an7.x86_64

    • 3.10.0-1160.62.1.0.1.an7.x86_64

    • 3.10.0-1062.an7.x86_64

    • 3.10.0-1160.an7.x86_64

    RHEL

    RHEL 6, RHEL 7, and RHEL 8

    • 3.10.0-1160.42.2.el7.x86_64

    • 3.10.0-1160.76.1.el7.x86_64

    • 2.6.32-754.el6.x86_64

    Limits

    All editions of Security Center support this feature. For more information about the features that are supported by each edition, see Functions and features.

    Enable the client protection feature for a server

    After you enable the client protection feature, the feature protects all servers that are within the protection scope and have the Security Center client installed.

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose System Configuration > Feature Settings.

    3. Click the Settings > Agent Settings tab. In the Client Protection section, turn on Defense mode.

    4. Click Manage to the right of Protection Scope.

    5. In the Client Protection panel, select the servers for which you want to enable the client protection feature and click OK.

      Note

      If you enable the client protection feature for a server, the feature immediately takes effect. If you disable the client protection feature for a server, the feature remains in effect for 5 minutes and then becomes invalid.

    Check whether the client protection feature is enabled

    You can perform the following steps to check whether the client protection feature is enabled for a server:

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose Assets > Host.

    3. On the page that appears, find the required server and click the server name or click View in the Actions column.

    4. On the server details page, click the Basic information tab. On the tab that appears, click Detail. In the Defensive status section, view the status of Client Protection.

      image.png

    Local File Detection Engine

    The local file detection engine is a high-efficiency and low-cost engine that is developed by Alibaba Cloud Security Center to detect threats in files. The local file detection engine is efficient and can reduce performance loss that is caused by data upload and data interaction in threat detection and removal.

    If you enable local file detection for a server, threats in the files on the server are detected by using local file detection and cloud file detection engines. The local file detection engine is preferentially used to detect threats. If no threats are detected in a file, the file is uploaded to the cloud for further threat detection.

    Limits

    Only the Enterprise and Ultimate editions of Security Center support this feature. For more information about how to purchase and upgrade Security Center, see Purchase Security Center and Upgrade and downgrade Security Center.

    Enable the local file detection feature for a server

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose System Configuration > Feature Settings.

    3. Click the Settings > Agent Settings tab. In the Local File Detection Engine section, turn on File Test.

    4. Click Manage to the right of Installation Scope.

    5. In the Local File Detection Engine panel, select the server for which you want to enable the local file detection feature and click OK.

    Client Resource Management

    The Security Center agent is a plug-in that you can install on servers. Before you can use Security Center to protect your servers, you must install the Security Center agent on the servers. Security Center supports multiple agent running modes to meet your security requirements in different scenarios. For more information about the Security Center agent, see Overview.

    Supported running modes

    When the Security Center agent runs on a server, the agent consumes a small number of server resources. You can change the running mode of the agent to limit the number of resources that the agent can consume. You can select a suitable running mode for a server to enhance security.

    Note

    If the memory usage or CPU utilization of the Security Center agent exceeds the maximum threshold that you specify in the running mode of the agent, the agent is suspended. When the CPU utilization or memory usage falls below the specified threshold, the agent automatically restarts.

    Running mode

    Maximum memory usage or CPU utilization

    Supported edition

    Scenario

    Low Consumption Mode

    • Maximum memory usage: 200 MB

    • Maximum CPU utilization: 10% per core

    All editions

    This mode is suitable for scenarios that have basic security requirements.

    In this mode, the Security Center agent can automatically downgrade the features that consume a large number of resources. However, threats may not be detected at the earliest opportunity. We recommend that you enable the smooth mode.

    Note

    By default, the low consumption mode is enabled for newly added assets.

    Smooth Mode

    • Maximum memory usage: 300 MB

    • Maximum CPU utilization: 30% per core

    Anti-virus, Advanced, Enterprise, and Ultimate

    This mode is suitable for scenarios in which important workloads need to be protected.

    In this mode, the Security Center agent consumes more resources to collect data and detect risks at the earliest opportunity.

    Custom Mode

    • Maximum memory usage: 500 MB

    • Maximum CPU utilization: 60% per core

    Enterprise and Ultimate

    This mode is suitable for major event protection.

    In this mode, you can control the memory usage and CPU utilization in a flexible manner. You can also configure the file collection frequency.

    Important

    If you set the thresholds to values that are too small, several detection capabilities may become invalid. Proceed with caution.

    Configure a running mode

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose System Configuration > Feature Settings.

    3. Click the Settings > Agent Settings tab. In the Client Resource Management section, click Manage to the right of Smooth Mode or Custom Mode.

    4. In the Smooth Mode or Custom Mode panel, select the servers for which you want to enable the mode and click OK.

      You can manually enable only Smooth Mode or Custom Mode for a server. For example, if you enable Custom Mode for a server that is protected in Smooth Mode, the running mode for the server changes to Custom Mode.

      Note

      In Custom Mode, more types of threats can be detected, and more alerts are triggered. As a result, the false positive rate may increase. We recommend that you pay attention to alerts and handle the alerts at the earliest opportunity.

    5. Optional. Change the thresholds for memory usage and CPU utilization. You can perform this step if you enable Custom Mode for a server.

      The higher the thresholds for memory usage and CPU utilization, the more efficiently Security Center protects your assets. We recommend that you set the thresholds to appropriate values.

    Agent Communication Management

    You can change the frequency threshold for file collection by the Security Center agent based on your business requirements. This way, the Security Center agent can collect data while minimizing resource consumption.

    Important

    If you enable Custom Mode in the Client Resource Management section and set File Collection Bandwidth to a value that is too small, files may not be collected at the earliest opportunity. We recommend that you set File Collection Bandwidth to an appropriate value.

    1. Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.

    2. In the left-side navigation pane, choose System Configuration > Feature Settings.

    3. Click the Settings > Agent Settings tab. In the Agent Communication Management section, configure File Collection Bandwidth.

      • If you select Custom, you can specify the frequency at which the agent collects files from servers. Valid values: 100 to 10000. Unit: times per second.

      • If you select Unlimited, the frequency at which the agent collects files from servers is not limited.