Alibaba Cloud Security Center provides Elastic Compute Service (ECS) with basic security services such as unusual logon detection, vulnerability scan, and baseline check. You can check the security status of your ECS instances in the ECS console or the Security Center console.
Background information
Alibaba Cloud Security Center collects and virtualizes security logs and fingerprints of ECS assets. Basic security services such as vulnerability detection, security alerts, and baseline check are provided free of charge. You can view security information about ECS assets on the Overview page of the ECS console or in the Security Center console. For more information, see What is Security Center?
Billing methods
Basic security services support the following billing methods:
If you use Security Center Basic Edition, basic security services for ECS are provided free of charge.
If you want to upgrade to Security Center Advanced or Enterprise Edition, log on to the Security Center console for a free trial or purchase of Security Center Advanced or Enterprise Edition. For information about the billing methods of Security Center Advanced Edition and Enterprise Edition, see Billing overview.
Use the Security Center agent
The Security Center agent is a lightweight security control that can be installed on ECS instances. If the Security Center agent is not installed on your ECS instance, your ECS instance is not protected by Security Center. The security data of the instance, such as vulnerabilities, alerts, baseline vulnerabilities, and asset fingerprints, is not displayed in the ECS console. For information about the installation paths of the Security Center agent, see Operating systems supported by the Security Center agent.
Perform the following operations to install or uninstall the Security Center agent.
Configure automatic installation of the Security Center agent when you create an ECS instance
Log on to the ECS console.
In the left-side navigation pane, choose
.In the top navigation bar, select a region.
Create an ECS instance. Select Free Security Hardening in the Image section. The system automatically installs the Security Center agent on the ECS instance. For more information, see Create an instance on the Custom Launch tab.
NoteIf you call the RunInstances operation to create an ECS instance, set
SecurityEnhancementStrategy
to Active to automatically install the Security Center agent on the instance.Manually install the Security Center agent on an existing ECS instance
For more information, see Install the Security Center agent.
Uninstall the Security Center agent
For more information, see Uninstall the Security Center agent.
Check the security status of your ECS instance
Perform the following steps to check the security status of your ECS instance.
Log on to the ECS console.
In the left-side navigation pane, choose .
In the top navigation bar, select the region and resource group to which the resource belongs.
Use one of the following methods to check the security status of your ECS instance:
Method 1: On the Instance page, view the Alibaba Cloud Security icon in the Monitoring column corresponding to your ECS instance.
Move the pointer over the icon to view the security status of the instance. You can click Process Now for an unhandled task to go to the Security Center console and view the alert details.
NoteYou can also click View Security Details to go to the Instance Details page and view the status of basic security services in the Security Protection section.
Method 2: Click the instance ID to go to the Instance Details page. In the Security Protection section, view the status of basic security services.
You can click the numbers in the Cloud Security Center alert section or the icon on the right side of Cloud Security Center to go to the Security Center console and view the alert details.
Configure alert notifications
Basic security services allow you to configure alert notifications for security alert items. The alert notifications can be sent by internal message. Perform the following steps to configure alert notifications.
Log on to the ECS console.
On the Overview page, click Handle below the unhandled tasks in the Security Protection section to go to the Security Center console.
In the left-side navigation pane, choose
.Scroll down to the Alert row, specify the severities for alerts, and then select the method and time period for sending alert notifications.
NoteIf you upgraded Security Center to Security Center Advanced or Enterprise Edition, see Overview for information about other methods for sending alert notifications.