All Products
Search
Document Center

Security Center:Overview

Last Updated:Oct 08, 2024

After ransomware intrudes into your assets, business data in your assets is encrypted and used for ransom. This can cause severe risks, such as service interruptions, data leaks, and data loss. To defend against ransomware, Security Center provides the following features: anti-ransomware for servers and anti-ransomware for databases. You can use the features to protect your servers and databases from ransomware.

Protection system against ransomware

  • Block known ransomware in real time

    Security Center blocks a large amount of known ransomware by using the threat intelligence library of Alibaba Cloud. Security Center blocks ransomware to avoid potential loss. After you enable malicious host behavior prevention, Security Center blocks known ransomware. For more information, see Enable features on the Host Protection Settings tab.

    Important
    • The Anti-virus edition of Security Center and higher support malicious host behavior prevention.

    • After you install the Security Center agent on a server, the defense process of Security Center requires a specific period of time to take effect on the server. During this period of time, Security Center cannot block threats such as ransomware and DDoS trojans.

  • Capture and block unknown ransomware

    Security Center sets up trap directories on your servers to capture potential ransomware attacks. To protect against unknown ransomware, Security Center immediately blocks viruses that perform unusual encryption operations and notifies you of the operations for further handling. If you use the Advanced, Enterprise, or Ultimate edition of Security Center, you can turn on Anti-ransomware (Bait Capture) in the Security Center console to enable the anti-ransomware feature. For more information, see Enable features on the Host Protection Settings tab.

    Note

    If you find a suspicious directory on your server after the anti-ransomware feature is enabled, submit a ticket to contact Alibaba Cloud technical support to check whether the directory is a trap directory that is set up by Security Center. Trap directories do not affect your workloads and are not malicious. You cannot manually delete trap directories.

  • Back up data

    You can create an anti-ransomware policy to back up core data and purchase anti-ransomware capacity to store the backup data. If your business is infected with ransomware, you can restore core data by using the backup data in a timely manner.

Anti-ransomware implementation based on data backup

Security Center and Cloud Backup jointly launch the anti-ransomware feature that allows you to back up and restore data. If your server or database is intruded by ransomware, you can use backup data to restore data. The following process describes how the anti-ransomware feature works:

  1. If Cloud Backup is not activated, the system automatically activates Cloud Backup when you enable the anti-ransomware feature in the Security Center console.

    Note

    You are not charged for the activation of Cloud Backup. The fees for the storage usage of backup vaults in Cloud Backup are included in the fees for the anti-ransomware capacity. You are not separately charged for the storage of backup data.

  2. After you create an anti-ransomware policy for a server, the system installs the anti-ransomware agent on the server. This agent is a Cloud Backup client.

  3. The anti-ransomware agent reads protected data and transfers the data to Cloud Backup at the time that you specify in the anti-ransomware policy.

    When data is being backed up, server resources are consumed.

  4. If your data is encrypted by ransomware, you can restore data by using the backup data.

    When data is being restored, the backup data is transferred from Cloud Backup to the server directory that you specify.

Usage notes

Feature differences

Anti-ransomware for servers and anti-ransomware for databases protect different types of data. If you want to protect database files, use anti-ransomware for databases. If you want to protect other files in the specified directories of your server, use anti-ransomware for servers. If you want to protect both database files and other files in the specified directories of your server, use anti-ransomware for databases together with anti-ransomware for servers. For more information about how to create anti-ransomware policies, see the following topics:

Important
  • If you want to back up files from a non-local path, we recommend that you do not specify the path as the protected directory when you create an anti-ransomware policy. This prevents additional fees from being generated when the system accesses data from the path. A non-local path refers to a mount path, such as a directory in an Elastic Compute Service (ECS) instance to which an Object Storage Service (OSS) object or Apsara File Storage NAS (NAS) file system is attached. In this scenario, we recommend that you use Cloud Backup to back up files from a mount path. For more information, see Get started with OSS backup and Get started with on-premises NAS backup.

  • To protect database files on a server, use anti-ransomware for databases.

Procedure

You can use the anti-ransomware feature to back up data on your servers or databases. If your business data is encrypted by ransomware, you can restore the encrypted files based on the backup data. This reduces the adverse impacts on your workloads.

  1. Purchase a specific anti-ransomware capacity and complete the required authorization. For more information, see Enable anti-ransomware.

  2. Select anti-ransomware for servers or anti-ransomware for databases based on the type of data that you want to protect. For more information, see Feature differences.

  3. Create anti-ransomware policies for your servers or databases to back up your data. For more information, see Create anti-ransomware policies for servers and Create anti-ransomware policies for databases.

  4. Create restoration tasks to restore data that is encrypted by ransomware. For more information, see Create restoration tasks for servers and Create restoration tasks for databases.

Protected Directory

Important

Anti-ransomware feature cannot be used to back up data on databases deployed in containers.

Directories on your host can be protected. If the directory you want to protect resides in a container, you can map the container directory to the host.

For example, you can use the -v parameter to map the directory of the Docker container to the host when the container is running. Run the following command:

docker run -v /host directory:/container directory your-image-name

If you want to map the host's /home/user/data directory to the /app/data directory in the container, run the following command:

docker run -v /home/user//app/data your-image-name

CPU and memory requirements for the backup feature

The following table describes the CPU and memory requirements for backing up data of different volumes.

Backup data volume

CPU

Memory size

100,000 files

Dual-core

4 GB

1 million files (up to 8 TB)

Dual-core

8 GB

10 million files

Quad-core

16 GB

Anti-ransomware for databases consumes a small number of resources to back up data. Anti-ransomware for servers consumes a large number of resources to back up data. The process that anti-ransomware for servers runs to back up data consumes server resources. The consumed server resources vary based on the size and number of files. In most cases, your business is not affected. If you want to manage the server resources that are consumed to back up data, you can evaluate the backup speed and limit the maximum usage of server memory. For more information, see Backup speed and recovery speed and How do I resolve OOM issues on a Cloud Backup client?

Supported regions

Note
  • If you create an anti-ransomware policy for a server that is not deployed on Alibaba Cloud, select the region in which the server is deployed. If an ECS instance for which you want to create an anti-ransomware policy resides in a region in which the anti-ransomware feature is unavailable, the instance is not displayed in the asset list.

  • Anti-ransomware for databases is not available for ECS instances in a classic network.

Feature

Area

Supported region

Anti-ransomware for servers

Chinese mainland

  • China (Hangzhou), China (Shanghai), and China East 2 Finance

  • China (Qingdao), China North 2 Ali Gov 1, China (Beijing), China (Zhangjiakou), and China (Hohhot)

  • China (Shenzhen) and China South 1 Finance

  • China (Chengdu)

Asia Pacific

Indonesia (Jakarta), Australia (Sydney) (Closing down), Japan (Tokyo), Malaysia (Kuala Lumpur), China (Hong Kong), Singapore, and Philippines (Manila)

Europe and Americas

US (Silicon Valley), US (Virginia), Germany (Frankfurt), and UK (London)

Middle East

SAU (Riyadh)

Anti-ransomware for databases

Chinese mainland

  • China (Hangzhou) and China (Shanghai)

  • China (Beijing), China (Zhangjiakou), and China (Hohhot)

  • China (Shenzhen)

  • China (Chengdu)

Asia Pacific

China (Hong Kong), Singapore

Operating systems and versions supported by anti-ransomware for servers

Important

The following table lists the operating systems and versions that are supported by anti-ransomware for servers. You can install the anti-ransomware agent only on the servers that run supported operating systems and versions. If you use other operating systems and versions, you cannot install the anti-ransomware agent or back up data. Before you use the anti-ransomware feature, we recommend that you check whether the operating system and version of your server are supported.

Operating system

Operating system version

Windows

7, 8, 10, and 11

Windows Server

2008 R2, 2012, 2012 R2, 2016, 2019, and 2022

RHEL

7.0, 7.2, 7.4, 7.5, 7.6, 7.7, 7.8, 8.0, 8.1, and 8.2

CentOS

6.5, 6.9, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9, 8.2, and 8.3

Ubuntu

14.04, 16.04, 18.04, and 20.04

SUSE Linux Enterprise Server

11, 12, and 15

Database versions and operating system versions supported by anti-ransomware for databases

Important

The following table lists the database versions and operating system versions that are supported by anti-ransomware for databases. You can install the anti-ransomware agent only on the following types of databases and operating systems. If you use other types of databases or operating systems, you cannot install the anti-ransomware agent or back up data. Before you use the anti-ransomware feature, we recommend that you check whether the versions of your database and operating system on your server are supported.

Database type

Supported database version

Supported operating system version

Oracle

9i

SUSE 9.3, SLES 9, and CentOS 4.5

10g

RHEL 9, CentOS 4.6, SUSE 11 SP4, and RHEL 6.5

11g

RHEL 6, CentOS 6.4, RHEL 6.5, CentOS 6.5, Oracle Enterprise Linux 6.7, RHEL 7, Windows Server 2008 R2, and Windows Server 2012 R2

12c

Windows Server 2008 R2, RHEL 6.5, and RHEL 7.5

18c

RHEL 7.0 and Windows Server 2008 R2

19c

Oracle Enterprise Linux7.0

Oracle RAC

9i

SUSE 9.3 and RHEL

10g

Windows 2008 R2

11g

Windows Server 2008 R2, RHEL 6.5, Oracle Enterprise Linux 6.4, and iSoft Server OS V3.0

12c

CentOS 6, RHEL 6.5, Windows Server 2008 R2, CentOS 6.7, and Oracle Enterprise Linux 6

18c

Windows 2008 R2

19c

RHEL 7.6

Oracle Data Guard

11g

CentOS 6.4, CentOS 6.5, RHEL 6, and Windows Server 2008 R2

12c

Oracle Enterprise Linux6

MySQL

5.0

RHEL 6.0, RHEL 6.5, Ubuntu 11.10, Ubuntu 12.10, SLES 10, SUSE 11 SP4, and Neokylin 6.0

5.1

RHEL 6.5, SUSE 11 SP4, and RHEL 6.0

5.4

RHEL 6.5 and SUSE 11 SP4

5.5

Ubuntu 12.04, Ubuntu 14.04, Debian 7.8, Debian 8.3, CentOS 6.0, and RHEL 6.5

5.6

RHEL 6.0, RHEL 6.5, Ubuntu 14.04, CentOS 6.0, and CentOS 7.2

5.7

RHEL 6.0, RHEL 7.0, CentOS 7.0, RHEL 6.5, Ubuntu 16.04, CentOS 7.2, and NeoKylin 7.0

SQL Server

2005

Windows 2008 R2 SP1

2008

Windows Server 2008 R2 and Windows Server 2008 R2 Service Pack 1

2008 R2

Windows 2008 R2

2012

Windows 2012 RC

2014

Windows Server 2008 R2 Service Pack 1 and Windows Server 2016

2016 (RTM)

Windows 2012 R2

2017

Windows Server 2012 and Windows Server 2016

2019

Windows 2016

SQL Server Always On

2012, 2016, and 2017

Windows 2012 R2

Anti-ransomware endpoints

ECS instances

Endpoints for V2.0 anti-ransomware policies

Region

Purpose

Public endpoint

VPC endpoint

China (Hangzhou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp90rcien05.mqtt.aliyuncs.com

post-cn-mp90rcien05-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hangzhou.aliyuncs.com

*.oss-cn-hangzhou-internal.aliyuncs.com

China (Shanghai)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4590rcihm02.mqtt.aliyuncs.com

post-cn-4590rcihm02-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shanghai.aliyuncs.com

*.oss-cn-shanghai-internal.aliyuncs.com

China (Qingdao)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-n6w1oj5j506.mqtt.aliyuncs.com

post-cn-n6w1oj5j506-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-qingdao.aliyuncs.com

*.oss-cn-qingdao-internal.aliyuncs.com

China (Beijing)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp90rcibd04.mqtt.aliyuncs.com

post-cn-mp90rcibd04-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-beijing.aliyuncs.com

*.oss-cn-beijing-internal.aliyuncs.com

China (Zhangjiakou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-45917akja09.mqtt.aliyuncs.com

post-cn-45917akja09-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-zhangjiakou.aliyuncs.com

*.oss-cn-zhangjiakou-internal.aliyuncs.com

China (Hohhot)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-0pp1epkb50h.mqtt.aliyuncs.com

post-cn-0pp1epkb50h-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-huhehaote.aliyuncs.com

*.oss-cn-huhehaote-internal.aliyuncs.com

China (Shenzhen)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-v0h0rcijv04.mqtt.aliyuncs.com

post-cn-v0h0rcijv04-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shenzhen.aliyuncs.com

*.oss-cn-shenzhen-internal.aliyuncs.com

China (Chengdu)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-st21piid30e.mqtt.aliyuncs.com

post-cn-st21piid30e-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-chengdu.aliyuncs.com

*.oss-cn-chengdu-internal.aliyuncs.com

China (Hong Kong)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v0h1cmss401.mqtt.aliyuncs.com

mqtt-cn-v0h1cmss401-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hongkong.aliyuncs.com

*.oss-cn-hongkong-internal.aliyuncs.com

Singapore

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4590unarx01.mqtt.aliyuncs.com

post-cn-4590unarx01-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-1.aliyuncs.com

*.oss-ap-southeast-1-internal.aliyuncs.com

Australia (Sydney) (Closing down)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v641asd4403.mqtt.aliyuncs.com

mqtt-cn-v641asd4403-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-2.aliyuncs.com

*.oss-ap-southeast-2-internal.aliyuncs.com

Malaysia (Kuala Lumpur)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v0h1k5d7707.mqtt.aliyuncs.com

mqtt-cn-v0h1k5d7707-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-3.aliyuncs.com

*.oss-ap-southeast-3-internal.aliyuncs.com

Indonesia (Jakarta)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4591ee94i03.mqtt.aliyuncs.com

post-cn-4591ee94i03-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-5.aliyuncs.com

*.oss-ap-southeast-5-internal.aliyuncs.com

Japan (Tokyo)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp91kij0p01.mqtt.aliyuncs.com

post-cn-mp91kij0p01-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-northeast-1.aliyuncs.com

*.oss-ap-northeast-1-internal.aliyuncs.com

Germany (Frankfurt)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp91ki6sl0k.mqtt.aliyuncs.com

post-cn-mp91ki6sl0k-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-eu-central-1.aliyuncs.com

*.oss-eu-central-1-internal.aliyuncs.com

US (Silicon Valley)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-mp91j6gou03.mqtt.aliyuncs.com

mqtt-cn-mp91j6gou03-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-us-west-1.aliyuncs.com

*.oss-us-west-1-internal.aliyuncs.com

US (Virginia)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-oew1qqlw309.mqtt.aliyuncs.com

post-cn-oew1qqlw309-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-us-east-1.aliyuncs.com

*.oss-us-east-1-internal.aliyuncs.com

UAE (Dubai)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-oew1tb52204.mqtt.aliyuncs.com

post-cn-oew1tb52204-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-me-east-1.aliyuncs.com

*.oss-me-east-1-internal.aliyuncs.com

SAU (Riyadh)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-7pp2urf8g04.mqtt.aliyuncs.com

mqtt-cn-7pp2urf8g04-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-me-central-1.aliyuncs.com

*.oss-me-central-1-internal.aliyuncs.com

China East 2 Finance

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-nif1osdrt09.mqtt.aliyuncs.com

post-cn-nif1osdrt09-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

None

*.oss-cn-shanghai-finance-1-internal.aliyuncs.com

China South 1 Finance

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-n6w1pij7y0b.mqtt.aliyuncs.com

post-cn-n6w1pij7y0b-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

None

*.oss-cn-shenzhen-finance-1-internal.aliyuncs.com

China North 2 Ali Gov

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-v0h1cmsrj01.mqtt.aliyuncs.com

post-cn-v0h1cmsrj01-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-north-2-gov-1.aliyuncs.com

*.oss-cn-north-2-gov-1-internal.aliyuncs.com

Endpoints for V1.0 anti-ransomware policies

Region

Purpose

Public endpoint

VPC endpoint

China (Hangzhou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp90rcien05.mqtt.aliyuncs.com

post-cn-mp90rcien05-internal.mqtt.aliyuncs.com

hbr.cn-hangzhou.aliyuncs.com

hbr-vpc.cn-hangzhou.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hangzhou.aliyuncs.com

*.oss-cn-hangzhou-internal.aliyuncs.com

China (Shanghai)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4590rcihm02.mqtt.aliyuncs.com

post-cn-4590rcihm02-internal.mqtt.aliyuncs.com

hbr.cn-shanghai.aliyuncs.com

hbr-vpc.cn-shanghai.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shanghai.aliyuncs.com

*.oss-cn-shanghai-internal.aliyuncs.com

China (Qingdao)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-n6w1oj5j506.mqtt.aliyuncs.com

post-cn-n6w1oj5j506-internal-vpc.mqtt.aliyuncs.com

hbr.cn-qingdao.aliyuncs.com

hbr-vpc.cn-qingdao.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-qingdao.aliyuncs.com

*.oss-cn-qingdao-internal.aliyuncs.com

China (Beijing)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp90rcibd04.mqtt.aliyuncs.com

post-cn-mp90rcibd04-internal.mqtt.aliyuncs.com

hbr.cn-beijing.aliyuncs.com

hbr-vpc.cn-beijing.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-beijing.aliyuncs.com

*.oss-cn-beijing-internal.aliyuncs.com

China (Zhangjiakou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-45917akja09.mqtt.aliyuncs.com

post-cn-45917akja09-internal.mqtt.aliyuncs.com

hbr.cn-zhangjiakou.aliyuncs.com

hbr-vpc.cn-zhangjiakou.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-zhangjiakou.aliyuncs.com

*.oss-cn-zhangjiakou-internal.aliyuncs.com

China (Hohhot)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-0pp1epkb50h.mqtt.aliyuncs.com

post-cn-0pp1epkb50h-internal.mqtt.aliyuncs.com

hbr.cn-huhehaote.aliyuncs.com

hbr-vpc.cn-huhehaote.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-huhehaote.aliyuncs.com

*.oss-cn-huhehaote-internal.aliyuncs.com

China (Shenzhen)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-v0h0rcijv04.mqtt.aliyuncs.com

post-cn-v0h0rcijv04-internal.mqtt.aliyuncs.com

hbr.cn-shenzhen.aliyuncs.com

hbr-vpc.cn-shenzhen.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shenzhen.aliyuncs.com

*.oss-cn-shenzhen-internal.aliyuncs.com

China (Chengdu)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-st21piid30e.mqtt.aliyuncs.com

post-cn-st21piid30e-internal-vpc.mqtt.aliyuncs.com

hbr.cn-chengdu.aliyuncs.com

hbr-vpc.cn-chengdu.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-chengdu.aliyuncs.com

*.oss-cn-chengdu-internal.aliyuncs.com

China (Hong Kong)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v0h1cmss401.mqtt.aliyuncs.com

mqtt-cn-v0h1cmss401-internal.mqtt.aliyuncs.com

hbr.cn-hongkong.aliyuncs.com

hbr-vpc.cn-hongkong.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hongkong.aliyuncs.com

*.oss-cn-hongkong-internal.aliyuncs.com

Singapore

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4590unarx01.mqtt.aliyuncs.com

post-cn-4590unarx01-internal.mqtt.aliyuncs.com

hbr.ap-southeast-1.aliyuncs.com

hbr-internal.ap-southeast-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-1.aliyuncs.com

*.oss-ap-southeast-1-internal.aliyuncs.com

Australia (Sydney) (Closing down)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v641asd4403.mqtt.aliyuncs.com

mqtt-cn-v641asd4403-internal.mqtt.aliyuncs.com

hbr.ap-southeast-2.aliyuncs.com

hbr-vpc.ap-southeast-2.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-2.aliyuncs.com

*.oss-ap-southeast-2-internal.aliyuncs.com

Malaysia (Kuala Lumpur)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-v0h1k5d7707.mqtt.aliyuncs.com

mqtt-cn-v0h1k5d7707-internal.mqtt.aliyuncs.com

hbr.ap-southeast-3.aliyuncs.com

hbr.ap-southeast-3.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-3.aliyuncs.com

*.oss-ap-southeast-3-internal.aliyuncs.com

Indonesia (Jakarta)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-4591ee94i03.mqtt.aliyuncs.com

post-cn-4591ee94i03-internal.mqtt.aliyuncs.com

hbr.ap-southeast-5.aliyuncs.com

hbr-vpc.ap-southeast-5.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-5.aliyuncs.com

*.oss-ap-southeast-5-internal.aliyuncs.com

Japan (Tokyo)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp91kij0p01.mqtt.aliyuncs.com

post-cn-mp91kij0p01-internal-vpc.mqtt.aliyuncs.com

hbr.ap-northeast-1.aliyuncs.com

hbr.ap-northeast-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-northeast-1.aliyuncs.com

*.oss-ap-northeast-1-internal.aliyuncs.com

Germany (Frankfurt)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-mp91ki6sl0k.mqtt.aliyuncs.com

post-cn-mp91ki6sl0k-internal.mqtt.aliyuncs.com

hbr.eu-central-1.aliyuncs.com

hbr.eu-central-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-eu-central-1.aliyuncs.com

*.oss-eu-central-1-internal.aliyuncs.com

US (Silicon Valley)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-mp91j6gou03.mqtt.aliyuncs.com

mqtt-cn-mp91j6gou03-internal.mqtt.aliyuncs.com

hbr.us-west-1.aliyuncs.com

hbr.us-west-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-us-west-1.aliyuncs.com

*.oss-us-west-1-internal.aliyuncs.com

US (Virginia)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-oew1qqlw309.mqtt.aliyuncs.com

post-cn-oew1qqlw309-internal-vpc.mqtt.aliyuncs.com

hbr.us-east-1.aliyuncs.com

hbr.us-east-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-us-east-1.aliyuncs.com

*.oss-us-east-1-internal.aliyuncs.com

UAE (Dubai)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-oew1tb52204.mqtt.aliyuncs.com

post-cn-oew1tb52204-internal-vpc.mqtt.aliyuncs.com

hbr.me-east-1.aliyuncs.com

hbr-vpc.me-east-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-me-east-1.aliyuncs.com

*.oss-me-east-1-internal.aliyuncs.com

SAU (Riyadh)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

mqtt-cn-7pp2urf8g04.mqtt.aliyuncs.com

mqtt-cn-7pp2urf8g04-internal-vpc.mqtt.aliyuncs.com

hbr.me-central-1.aliyuncs.com

hbr-vpc.me-central-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-me-central-1.aliyuncs.com

*.oss-me-central-1-internal.aliyuncs.com

China East 2 Finance

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-nif1osdrt09.mqtt.aliyuncs.com

post-cn-nif1osdrt09-internal.mqtt.aliyuncs.com

hbr.cn-shanghai-finance-1.aliyuncs.com

hbr-vpc.cn-shanghai-finance-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

None

*.oss-cn-shanghai-finance-1-internal.aliyuncs.com

China South 1 Finance

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-n6w1pij7y0b.mqtt.aliyuncs.com

post-cn-n6w1pij7y0b-internal.mqtt.aliyuncs.com

hbr.cn-shenzhen-finance-1.aliyuncs.com

hbr-vpc.cn-shenzhen-finance-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

None

*.oss-cn-shenzhen-finance-1-internal.aliyuncs.com

China North 2 Ali Gov

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

post-cn-v0h1cmsrj01.mqtt.aliyuncs.com

post-cn-v0h1cmsrj01-internal.mqtt.aliyuncs.com

hbr.cn-north-2-gov-1.aliyuncs.com

hbr-vpc.cn-north-2-gov-1.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-north-2-gov-1.aliyuncs.com

*.oss-cn-north-2-gov-1-internal.aliyuncs.com

Servers that are not deployed on Alibaba Cloud

Region

Purpose

Endpoint

China (Hangzhou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.8.175

post-cn-mp90rcien05-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hangzhou-internal.aliyuncs.com

China (Shanghai)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.83.79

post-cn-4590rcihm02-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shanghai-internal.aliyuncs.com

China (Qingdao)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.0.111

post-cn-n6w1oj5j506-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-qingdao-internal.aliyuncs.com

China (Beijing)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.83.105

post-cn-mp90rcibd04-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-beijing-internal.aliyuncs.com

China (Zhangjiakou)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.1.236

post-cn-45917akja09-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-zhangjiakou-internal.aliyuncs.com

China (Hohhot)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.0.123

post-cn-0pp1epkb50h-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-huhehaote.aliyuncs.com

China (Shenzhen)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.31.50

post-cn-v0h0rcijv04-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-shenzhen-internal.aliyuncs.com

China (Chengdu)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.0.12

post-cn-st21piid30e-internal-vpc.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-chengdu-internal.aliyuncs.com

China (Hong Kong)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.30.213

mqtt-cn-v0h1cmss401-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-cn-hongkong-internal.aliyuncs.com

Singapore

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.103.10.114

post-cn-4590unarx01-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-1-internal.aliyuncs.com

Australia (Sydney) (Closing down)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.0.221

mqtt-cn-v641asd4403-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-2-internal.aliyuncs.com

Malaysia (Kuala Lumpur)

For management. The endpoints are used to transfer control signals between the anti-ransomware agent and Cloud Backup.

100.100.0.225

mqtt-cn-v0h1k5d7707-internal.mqtt.aliyuncs.com

For data transmission. The endpoints are used to transfer backup data.

*.oss-ap-southeast-3-internal.aliyuncs.com

References