Alibaba Cloud Server Guard is a reliable and secure service offering real-time monitoring of your servers and databases. Around the clock monitoring of exposed vulnerabilities ensure optimal availability of your services and applications.
The product is easy to use and setup, and provides you with complete overview and analysis of your website and systems. This helps you increase the efficiency of your mission critical applications.
"Server Guard enhanced our server security so that we can dedicate more time to our business development."
The lightweight agent uses less than 1% of CPU and only 10MB of memory
Allows you to flexibly set resource usage limits.
As there is no software operating interface on the server, Alibaba Cloud Security Console displays server monitoring data and performs automatic operations.
Supports batch management operations automatically.
Supports all mainstream Linux and Windows operating systems, Alibaba Cloud network, VPC, hybrid cloud, and conventional IDC environments.
Big Data Defense
Intercepts hundreds of millions of attacks using a fast and accurate defense model.
Offers an integrated layer of defense against any potential risks on servers.
Maintains a library of malicious files, vulnerabilities and network-wide attack sources.
Server Guard maintains the healthy functioning of your servers and their operating environment. Server Guard provides real-time monitoring of exposed threats, batch repairing of vulnerabilities, as well as in-depth webshell scanning of your servers. It also acts as the last line of defense by preventing the leakage of data on the server.
Alibaba Cloud Server Guard protects servers from various malicious attacks by installing a lightweight agent on the server that provides cloud threat information linkage. It also provides real-time alerts in case of suspicious logins, and safeguards the servers from the website backdoor attacks.
Monitors generic web software vulnerabilities throughout the network in real time.
Allows users to access Alibaba Cloud Security's emergency vulnerability response capabilities, including vulnerability patches (available before the release of official patches).
Lets users repair vulnerabilities with one click and intercept hacker attacks between the duration when a vulnerability is exposed and an official patch is released.
Trojan Scanning and One-click Webshell Removal
Supports both local and cloud scanning and removal systems, powered by Alibaba Cloud’s powerful webshell scanning and removal engine.
Maintains a clean server environment through one-click webshell removal.
Maintains a library of full network malicious server files that supports all common webshell file types.
The basic version of Server Guard is currently free of charge. At the time of purchasing ECS, you simply need to agree to our license agreement, before then logging in to the Server Security Management Console.Get for free
Server Guard is designed to safeguard your servers and protect them from malicious attacks. Below are common Server Guard scenarios:
1. Server Security Monitoring Across Platforms
In case of different servers deployed on multiple platforms, same type of vulnerabilities are exposed on multiple servers. In case there is no centralized management to view the status of all the online servers across various platforms, manual effort is needed to mitigate individual threats for each of the servers.
Server Guard enables users to centralize security management to check the status as well as operate various functions collaboratively through its security console. This enhances security and gives you greater control over your servers. In the case of common vulnerabilities found in multiple servers, the patch repair can be applied at one time from the Alibaba Cloud Security Console so that resources are not wasted on managing each infected server individually.
The user accesses the Alibaba Cloud Security Console, where you can see the list of all online servers (servers are online only if the Server Guard agent is up and running). The service has its cloud control center to analyze the vulnerabilities of the online servers through the agents and offer patches based on its existing library of attack models, malicious files/IPs and other such libraries.
Server Guard maintains the security of your server and offers easy management of ECS instances through the Alibaba Cloud Security Console. You can use the Console for safety management and to access Document Center to view relevant instructions.
Admin Console Access
Alibaba Cloud Security Console provides a simple web based user interface that you can log on to check related server security information and security configurations.
You can access documentation to get a complete overview of how Server Guard works and protects the deployed ECS servers and also view related functions and instructions.
Click here to view the Server Guard Getting Started Guide.
1. How to install an agent on Server Guard?
1. Log into your Alibaba Cloud account and navigate to the Alibaba Cloud Security Console.
2. Install Server Guard page and find the latest version of the agent to download.
3. Run and install the agent on the server as an administrator. The installation process generally takes a few minute.
Click here to install the agent.
For non-Alibaba Cloud servers, you will be prompted to enter a verification key during the installation process. This key is used to associate the agent with your Alibaba Cloud account to use the relevant functions on the Server Guard Console. The verification key will be shown on the Install Page. This way the Server Guard agent will be installed on the specific server for both Alibaba Cloud and other cloud service providers.
The status will change from offline to online as soon as the Server Guard agent is installed and is up and running. The servers from other cloud services providers will also be added to the server list.
2. How to troubleshoot installation problems?
Check that the network is connected. You can try:
1. With public IP address:: ping update.aegis.aliyun.com or ping jsrv.aegis.aliyun.com
2. Without public IP address:: ping update2.aegis.aliyun.com or ping jsrv2.aegis.aliyun.com
Check that you have set ACL rules for the firewall. You must add the Server Guard's server IP address to the firewall whitelist to access network (port 80 and 443).
1. 22.214.171.124/24 80
2. 126.96.36.199/24 80
3. 188.8.131.52/24 80
4. 184.108.40.206/24 80
5. 100.100.25.0/24 80 443
Check for any third-party antivirus products as they may prevent the Server Guard agent from accessing the network. If any such product is found, turn it off and re-install the Server Guard agent.
3. Does the agent take up a lot of resources?
There are three processes provided by Alibaba Cloud Server Guard, Alibaba Cloud Anti-DDoS.
1. In a Linux system, these processes run under the root account while on a Windows system, they run under the system account.
2. The directory of process files is located at
C:\Program Files (x86)\Alibaba\Aegis\ (Windows 64-bit)
C:\Program Files\Alibaba\Aegis\ (Windows 32-bit)
3. Resource Usage:
Standby status: 1% CPU, about 10 MB of memory
Peak status: Up to 10% CPU and 80 MB memory (if these thresholds are crossed the Agent will suspend its work).
4. How to uninstall the Agent?
If you no longer wish to use Alibaba Cloud Server Guard, your can uninstall the agent by following these steps:
1. For Linux systems:
a) Download http://update.aegis.aliyun.com/download/uninstall.sh
b) chmod +x uninstall.sh
c) sh uninstall.sh
2. Windows systems:
a) Download http://update.aegis.aliyun.com/download/uninstall.bat
b) Click Execute.