How do I view the security information about ECS instances? - Security Center

After you purchase an Elastic Compute Service (ECS) instance, the ECS instance is automatically protected by Security Center Basic. You can use Security Center to detect risks in your assets and obtain the status of your ECS instances in a quick manner.

Background information

Security Center is a centralized security management system that identifies and analyzes security threats, and generates alerts when threats are detected. Security Center provides multiple features to ensure the security of cloud resources and servers in data centers. The features include anti-ransomware, virus detection and removal, web tamper proofing, and compliance check. This allows you to automate security operations, responses, and threat tracing, and meet regulatory requirements.

The Anti-virus, Advanced, Enterprise, and Ultimate editions of Security Center automatically block viruses, and proactively prevent and block common ransomware and DDoS trojans. The ransomware includes WannaCry and Globelmposter, and the DDoS trojans include XOR DDoS and BillGates. We recommend that you enable the malicious host behavior prevention feature of Security Center to protect the security of your assets. For more information about how to enable the malicious host behavior prevention feature, see Use proactive defense.

For more information about the features that are supported by each edition of Security Center, see Functions and features.

Prerequisites

Security Hardening is selected when you purchase ECS instances. This way, Security Center protects your ECS instances.

View the risks of ECS instances

You can use one of the following methods to view the risks of ECS instances. You can identify and handle potential risks at the earliest opportunity.

Log on to the ECS console. On the Overview page, click Handle in the security status section on the right to go to the Host page of the Security Center console. On the page, you can view and handle existing risks. For more information, see Manage servers.
Log on to the Security Center console. In the Security Score section of the Overview page, click Process Now. In the Security Risk Handling panel, you can view and handle existing security risks. For more information, see Overview.

View the security information about an ECS instance

You can use one of the following methods to view the risk details of an ECS instance:

Log on to the ECS console and click Instances. On the Instance page, find the ECS instance that you want to manage and click the icon in the Monitoring column to view the security status of the ECS instance. If high-severity risks exist, we recommend that you handle the risks as prompted to prevent your workloads from being affected.
Note
The color of the icon varies based on the status. The icon displayed on the page prevails.
Log on to the Security Center console. In the top navigation bar, select China or Outside China as the region of the asset that you want to protect. In the left-side navigation pane, choose Assets > Host. Then, find the ECS instance and view the security details of the ECS instance. For more information, see View the information about a server.

Note

In the server list of the Host page, if the icon in the Agent column of an ECS instance indicates offline, the Security Center agent is disconnected from Alibaba Cloud, and the ECS instance is not protected by Security Center. In this case, you must reinstall the Security Center agent. For more information, see Install and uninstall the Security Center agent.