Asset fingerprints accurately identify IT resource characteristics, allowing users to understand asset status, locate security vulnerabilities, and block intrusion threats. Security Center offers the asset fingerprints feature, which collects various fingerprints from server assets, including accounts, ports, and processes. This topic explains how to use the asset fingerprints feature to collect and view server fingerprints.
Limits on editions
Subscription: You must purchase a subscription instance and select the Edition as Ultimate or Enterprise.
Pay-as-you-go: You must purchase a feature (pay-as-you-go) and set Host and Container Security as Yes. Bind the Ultimate or Enterprise edition quota to at least one server.
This feature is available only for servers bound to the Ultimate or Enterprise edition.
Collection methods
Security Center does not automatically collect server fingerprints. You must configure automatic periodic collection tasks or run manual tasks to gather the latest fingerprints.
Collection method | Description |
Security Center supports the automatic collection of fingerprints from all servers. You can configure the collection frequency according to your business needs. | |
To view the fingerprints of all servers, click Collect Latest Data to gather the latest fingerprints with just a few clicks. | |
Manually collect the latest fingerprints of a specific server | To view the fingerprints of a specific server, click Collect Data Now to gather the latest fingerprints with just a few clicks. |
Collect the fingerprints of servers
Prerequisites
The server from which you want to collect data has Security Center Agent installed and the agent is online.
Configure periodic automatic collection
Log on to the Security Center console. In the upper-left corner of the console, select the region where your assets are located: China or Outside China.
In the left-side navigation pane, choose .
On the
tab, click Configuration Management.In the Configuration Management dialog box, set the collection frequency for each type of fingerprint, and click OK.
ImportantSecurity Center does not automatically collect the latest fingerprints of any type; the default collection frequency for all types is set to Disable. You can configure different collection frequencies for each type of fingerprint.
The collection frequencies for Middleware, Database, Web Service, and AI Component fingerprints are based on the frequency for the Middleware.
After configuring the collection frequencies, Security Center automatically runs collection tasks and synchronizes the collected fingerprints to the corresponding tabs for viewing.
Manually collect the latest fingerprints of all servers
On the
tab, click Collect Latest Data.In the Collect Latest Data dialog box, select the asset fingerprints that you want to collect and click OK.
NoteThe system requires approximately 1 to 5 minutes to collect the fingerprints.
Manually collect the latest fingerprints of a specific server
In the server list of the
tab, find the server whose fingerprints you want to collect and click View in the Actions column.On the details page, click the Asset Fingerprints tab. Then, click the tab of the required fingerprint type.
ImportantThe Asset Fingerprints tab is displayed in the Security Center console only if the edition of your Security Center is Enterprise or Ultimate.
In the upper-right corner, click Collect Data Now. In the Collect data message, click OK.
The system requires approximately 1 to 5 minutes to collect the fingerprints.
View the fingerprints of servers
Log on to the Security Center console. In the upper-left corner of the console, select the region where your assets are located: China or Outside China.
In the left-side navigation pane, choose .
On the Host page, view fingerprints.
View the fingerprints of all servers
On the Host page, click the tab of the required fingerprint type, such as the Account tab.
Section 1 provides a fingerprint list. The list includes all fingerprints and the number of servers related to each fingerprint.
Section 2 provides a list of fingerprint details. In the fingerprint list of the section 1, you can click a fingerprint such as an account name to view the details of the fingerprint in this section.
Section 3 provides a filter and a search box. You can configure the filter and enter search conditions in the search box to search for a fingerprint. Fuzzy match is supported.
View the fingerprints of a specific server
In the server list of the Server tab, find the server whose fingerprints you want to view and click View in the Actions column.
On the details page, click the Asset Fingerprints tab, and then click the tab of the required fingerprint type. On the tab, view the fingerprints.
ImportantThe Asset Fingerprints tab is displayed in the Security Center console only if the edition of your Security Center is Enterprise or Ultimate.
Fingerprints that the feature collects
Fingerprint type | Description |
Account | The information about the account of your server. Security Center periodically collects information about the account of your server. The information includes the following items:
|
Port | The information about the listener port of your server. Security Center periodically collects information about the listener port of your server. The information includes the following items:
|
Process | The information about the process that runs on your server. Security Center periodically collects information about the process that runs on your server. The information includes the following items:
|
Middleware | The information about the middleware that runs on your server. Security Center periodically collects information about the middleware of your server. The middleware refers to system components that can independently run, such as MySQL databases and Docker. Docker is a container component. The information includes the following items:
|
AI Component | The information about the AI components on your server. AI components refer to the basic functional modules that constitute an artificial intelligence system, such as data modules, model modules, and inference modules. The information includes the following items:
|
Database | The information about the database that runs on your server. Security Center periodically collects information about the database that runs on your server. The information includes the following items:
|
Web Service | The information about the web service of your server. Security Center periodically collects information about the web service of the server. The information includes the following items:
|
Software | The information about the software that is installed on your server. Security Center periodically collects information about the software that is installed on your server. The information includes the following items:
|
Scheduled Task | The information about the scheduled task on your server. Security Center periodically collects information about the path of the scheduled task that is run on your server. The information includes the following items:
|
Startup Item | The information about the startup item of your server. Security Center periodically collects information about the startup item of your server. The information includes the following items:
|
Kernel Module | The information about the kernel module of your server. Security Center periodically collects information about the kernel module of your server. The information includes the following items:
|
Website | The information about the website on your server. Security Center periodically collects information about the website on your server. The information includes the following items:
|
References
If you want to view detailed information about the security status of an asset, view it on the Assets page.
To use IDC probe, see Add assets in data centers to Security Center.