Host Security Service
Host Security Service
All results for "
" in this service
All results for "
" in this service
What's New
Product Bulletin
[June 30, 2023] Huawei Cloud Host Security Service (New Version) Upgrade Notice
[September 1, 2022] Changes in the Free Trial Specifications of the HSS Basic Edition (Pay-per-use)
Service Overview
What Is HSS?
Advantages
Scenarios
Features
Provided Free of Charge
Personal Data Protection Mechanism
HSS Permissions Management
Constraints
Related Services
Basic Concepts
Billing
Billing Overview
Billing Modes
Overview
Yearly/Monthly Billing
Pay-per-Use Billing
Billing Items
Billing Examples
Changing the Billing Mode
Overview
Pay-per-Use to Yearly/Monthly
Yearly/Monthly to Pay-per-Use
Renewing Subscriptions
Overview
Manually Renewing HSS
Auto-renewing HSS
Bills
Arrears
Billing Termination
Cost Management
Billing FAQ
If I Unsubscribe from HSS and Purchase It Again, Do I Need to Install Agents and Configure Server Protection Settings from Scratch?
How Do I Disable Auto-Renewal?
Getting Started
Free Trial of HSS Basic Edition for 30 Days
Purchasing and Enabling HSS
Purchasing and Enabling WTP
Purchasing and Enabling Container Security
Quickly Viewing ECS Security Situation
Getting Started with Common Practices
User Guide
Using IAM to Grant Access to HSS
Creating a User and Granting Permissions
HSS Custom Policies
HSS Actions
Accessing HSS
Access Overview
Purchasing an HSS Quota
Installing the Agent on Servers
Agent Overview
Checking the Installation Environment
Installing the Agent on Huawei Cloud Servers
Enabling Protection
Enabling Alarm Notifications
Common Security Configuration
Configuring Server Login Protection
Isolating and Killing Malicious Programs
Enabling 2FA
Checking the Dashboard
Asset Management
Asset Overview
Server Fingerprints
Collecting Server Asset Fingerprints
Viewing Server Asset Fingerprints
Viewing the Operation History of Server Assets
Container Assets
Collecting Container Assets
Viewing Container Assets
Server Management
Enabling Server Protection
Viewing Server Protection Status
Viewing the Assets and Risks of a Server
Exporting the Server List
Switching the HSS Quota Edition
Deploying a Protection Policy
Managing Server Groups
Servers Importance Management
Ignoring a Server
Disabling HSS
Container Management
Enabling Container Protection
Viewing the Container Node Protection Status
Exporting the Container Node List
Viewing Container Information
Handling Unsafe Containers
Uninstalling the Agent from a Cluster
Disabling Container Protection
Protection Quota Management
Viewing Protection Quotas
Binding a Protection Quota
Unbinding a Protection Quota
Upgrading a Protection Quota
Exporting the Protection Quota List
Risk Management
Vulnerability Management
Vulnerability Management Overview
Vulnerability Scan
Viewing Vulnerability Details
Exporting the Vulnerability List
Handling Vulnerabilities
Managing the Vulnerability Whitelist
Viewing Vulnerability Handling History
Baseline Check
Baseline Check Overview
Performing a Baseline Check
Viewing and Handling Baseline Check Results
Exporting a Baseline Check Report
Managing Manual Baseline Check Policies
Container Image Security
Container Image Security Overview
Enabling Pay-per-use Container Image Scan
CI/CD Image Security Scan
CI/CD Image Security Scan Overview
Viewing and Handling CI/CD Image Scan Results
Exporting CI/CD Image Scan Results
Repository Image Security Scan
Repository Image Security Scan Overview
Synchronizing Repository Images
Scanning Repository Images
Viewing and Handling Repository Image Scan Results
Exporting Repository Image Scan Results
Managing the Repository Image Vulnerability Whitelist
Local Image Security Scan
Local Image Security Scan Overview
Scanning Local Images
Viewing and Handling Local Image Scan Results
Exporting Local Image Scan Results
Managing the Local Image Vulnerability Whitelist
Server Protection
Application Protection
Application Protection Overview
Enabling Application Protection
Viewing Application Protection
Managing Application Protection Policies
Disabling Application Protection
WTP
WTP Overview
Enabling Web Tamper Protection
Configuring Remote Backup
Modifying WTP Configuration
Manually Enabling or Disabling Directory Protection
Deleting WTP Configuration
Viewing WTP Events
Ransomware Prevention
Ransomware Prevention Overview
Enabling Ransomware Prevention
Enabling Backup
Viewing and Handling Ransomware Prevention Events
Managing Ransomware Protection Policies
Restoring Server Data
Managing Server Backup
Disabling Ransomware Prevention
Application Process Control
Application Process Control Overview
Creating a Whitelist Policy
Confirming Learning Outcomes
Enabling Application Process Control
Checking and Handling Suspicious Processes
Extending the Process Whitelist
Start Learning on Servers Again
Disabling Application Process Control
File Integrity Monitoring
File Integrity Management Overview
Viewing File Change Records
Virus Scan
Virus Scan Overview
Scanning for Viruses
Viewing and Handling Viruses
Managing Custom Antivirus Policies
Managing Isolated Files
Dynamic Port Honeypot
Dynamic Port Honeypot Overview
Creating a Protection Policy for a Dynamic Honeypot Port
Viewing and Handling Honeypot Protection Events
Managing Dynamic Port Honeypot Protection Policies
Managing Associated Servers
Container Protection
Container Firewalls
Container Firewall Overview
Configuring a Network Defense Policy (for a Container Tunnel Network)
Configuring a Network Defense Policy (for a VPC Network)
Configuring a Network Defense Policy (for Cloud Native Network 2.0)
Configuring a Network Defense Policy (for a Native Kubernetes Network)
Container Cluster Protection
Container Cluster Protection Overview
Enabling Container Cluster Protection
Configuring a Container Cluster Protection Policy
Checking Container Cluster Protection Events
Disabling Container Cluster Protection
Detection and Response
HSS Alarms
Server Alarms
Viewing Server Alarms
Handling Server Alarms
Exporting Server Alarms
Managing Isolated Files
Container Alarms
Container Alarm Events
Viewing Container Alarms
Handling Container Alarms
Exporting Container Alarms
Whitelist Management
Managing the Login Whitelist
Managing the Alarm Whitelist
Managing the System User Whitelist
Security Operations
Policy Management
Policy Management Overview
Configuring Policies
Configuring the Policy Group Protection Mode
Creating a Custom Policy Group
Deleting a Custom Policy Group
Handling History
Container Audit
Container Audit Overview
Viewing Container Audit Logs
Security Report
Security Report Overview
Creating a Security Report
Checking a Security Report
Managing Security Reports
Free Health Check
Monthly Operation Summary
Installation and Configuration on Servers
Agent Management
Agent Release Notes
Viewing Agent Status
Upgrading the Agent
Uninstalling the Agent
Security Configurations
Installation and Configuration on Containers
Installing an Agent in a Cluster
Overview of Agent Installation in a Cluster
Installing the Agent in a Huawei Cloud CCE Cluster
Installing an Agent in a User-built Cluster on Huawei Cloud
Installing the Agent in a Third-Party Public Network Cluster
Installing the Agent on an Independent Container Node
Modifying Cluster Agent Installation Information
Managing Cluster Agents
Viewing the Cluster Node List and Permission List
Managing Agents on Independent Nodes
Connecting to a Third-party Image Repository
CI/CD Image
Accessing CI/CD
Editing the Blacklist or Whitelist
Plug-in Settings
Plug-Ins Overview
Viewing Plug-in Information
Installing a Plug-in
Uninstalling a Plug-in
Authorization
Monitoring and Auditing
Cloud Eye Monitoring
HSS Metrics
Configuring a Monitoring Alarm Rule
Viewing Monitoring Metrics
CTS Auditing
HSS Operations Supported by CTS
Viewing CTS Traces in the Trace List
Best Practices
Suggestions on How to Fix Official Disclosed Vulnerabilities Provided by HSS
Git Credential Disclosure Vulnerability (CVE-2020-5260)
SaltStack Remote Command Execution Vulnerabilities (CVE-2020-11651 and CVE-2020-11652)
OpenSSL High-risk Vulnerability (CVE-2020-1967)
Adobe Font Manager Library Remote Code Execution Vulnerability (CVE-2020-1020/CVE-2020-0938)
Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-1027)
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)
Third-Party Servers Accessing HSS Through a Direct Connect and Proxy Servers
Overview
Resources and Costs
Process Flow
Process
Creating a Direct Connect
Creating a Proxy Server
Installing an Agent on the Proxy Server
Installing and Configuring Nginx on the Proxy Server
Creating an Agent Installation Package or Installation Commands Using a Proxy Server
Installing an Agent for a Third-Party Server
Installing the HSS Agent Using CBH
Using HSS to Improve Server Login Security
Using HSS and CBR to Defend Against Ransomware
Overview
Resources and Costs
Defense Measures
Identifying and Fixing Ransomware
Enabling Ransomware Prevention and Backup
Restoring Backup Data
Combining WAF and HSS to Improve Web Page Tampering Protection
API Reference
Before You Start
Calling APIs
Making an API Request
Authentication
Response
API Description
Asset Management
Collecting Asset Statistics, Including Accounts, Ports, and Processes
Asset Fingerprint - Account Information
Asset Fingerprint - Process Information
Asset Fingerprint - Software Information
Asset Fingerprint - Auto-Started Item Information
Querying the Server List of an Account
Asset Fingerprint of a Server - Open Port Information
Asset Fingerprint of a Server - Software
Asset Fingerprint of a Server - Auto-Started Items
Obtaining the Account Change History
Asset Fingerprint - Software Information - Change History
Asset Fingerprint - Open Port Information
Asset Fingerprint - Auto-started Item - Change History
Ransomware Prevention
Querying the Protection Policy List of Ransomware
Modifying Ransomware Protection Policies
Disabling Ransomware Prevention
Modifying the Backup Policy Bound to HSS Protection Vault
Baseline Management
Querying the Weak Password Detection Result List
Querying the Password Complexity Policy Detection Report
Querying the Result List of Server Security Configuration Check
Querying the Check Result of a Security Configuration Item
Querying the Checklist of a Security Configuration Item
Querying the List of Affected Servers of a Security Configuration Item
Querying the Report of a Check Item in a Security Configuration Check
Quota Management
Querying Quota Details
Intrusion Detection
Querying the Detected Intrusion List
Querying the Alarm Whitelist
Handling Alarm Events
Server Management
Querying ECSs
Changing the Protection Status
Querying Server Groups
Creating a Server Group
Editing a Server Group
Deleting a Server Group
Policy Management
Querying the Policy Group List
Applying a Policy Group
Vulnerability Management
Querying the Vulnerability List
Querying the Servers Affected by a Vulnerability
Changing the Status of a Vulnerability
Web Tamper Protection
Querying the Protection List
Enabling or Disabling WTP
Enabling or Disabling Dynamic WTP
Querying the Status of Static WTP for a Server
Querying the Status of Dynamic WTP for a Server
Tag Management
Creating Tags in Batches
Deleting a Resource Tag
Appendixes
Status Code
Error Codes
Obtaining a Project ID
Obtaining an Enterprise Project ID
Obtaining Region ID
FAQs
About HSS
What Is Host Security?
What Is Container Security?
What Is Web Tamper Protection?
What Are the Relationships Between Images, Containers, and Applications?
How Do I Use HSS?
Can HSS Protect Local IDC Servers?
Is HSS in Conflict with Any Other Security Software?
What Are the Differences Between HSS and WAF?
Can HSS Be Used Across Accounts?
What Is the HSS Agent?
Can HSS Be Used Across Clouds?
Does HSS Support Version Upgrade?
Can HSS Automatically Detect and Remove Viruses?
Agent
Is the Agent in Conflict with Any Other Security Software?
How Do I Uninstall the Agent?
What Should I Do If Agent Installation Failed?
How Do I Fix an Abnormal Agent?
What Is the Default Agent Installation Path?
How Many CPU, Memory, and Disk Resources Are Occupied When the Agent Is Running?
Do Different HSS Editions Share the Same Agent?
How Do I View Servers Where No Agents Have Been Installed?
What Resources Will Be Accessed by the Agent After It Is Installed on a Server?
How Do I Use Images to Install Agents in Batches?
What Do I Do If I Cannot Access the Download Link of the Windows Or Linux Agent?
What Do I Do If Agent Upgrade Fails and the Message "File replacement failed" Is Displayed?
Protection
Protection Interrupted
Protection Degraded
Vulnerability Management
How Do I Fix Vulnerabilities?
What Do I Do If an Alarm Still Exists After I Fixed a Vulnerability?
Why a Server Displayed in Vulnerability Information Does Not Exist?
Do I Need to Restart a Server After Its Vulnerabilities Are Fixed?
Can I Check the Vulnerability and Baseline Fix History on HSS?
What Do I Do If Vulnerability Fix Failed?
Why Can't I Select a Server During Manual Vulnerability Scanning or Batch Vulnerability Fixing?
What Do I Do If a Vulnerability Scan Failed?
Do I Need to Subscribe to Ubuntu Pro to Fix Ubuntu Vulnerabilities?
Detection & Response
How Do I View and Handle HSS Alarm Notifications?
What Do I Do If My Servers Are Subjected to a Mining Attack?
Why a Process Is Still Isolated After It Was Whitelisted?
Why an Attack Is Not Detected by HSS?
Can I Unblock an IP Address Blocked by HSS, and How?
Why a Blocked IP Address Is Automatically Unblocked?
How Often Is Malware Scan and Removal?
What Do I Do If an IP Address Is Blocked by HSS?
How Do I Defend Against Ransomware Attacks?
How Do I Add High-risk Command Execution Alarms to the Whitelist?
Why Doesn't HSS Generate Alarms for Some Web Shell Files?
Abnormal Logins
Why Do I Still Receive Remote Login Alarms After Configuring the Login IP Whitelist?
How Do I Check the User IP address of a Remote Login?
How Do I Cancel the Alarm Notifications of Successful Server Logins?
Can I Disable Remote Login Detection?
How Do I Know Whether an Intrusion Succeeded?
Brute-force Attack Defense
How Does HSS Intercept Brute Force Attacks?
How Do I Handle a Brute-force Attack Alarm?
How Do I Defend Against Brute-force Attacks?
How Do I Unblock an IP Address?
What Do I Do If HSS Frequently Reports Brute-force Alarms?
What Do I Do If a Huawei Cloud IP Address Trigger a Brute-force Attack Alarm?
What Do I Do If the Port in Brute-force Attack Records Is Not Updated?
Baseline Inspection
Why Are Weak Password Alarms Generated After the Weak Password Detection Policy Is Disabled?
How Do I Install a PAM and Set a Proper Password Complexity Policy in a Linux OS?
How Do I Set a Proper Password Complexity Policy in a Windows OS?
How Do I Handle Unsafe Settings?
How Do I View Configuration Check Reports?
How Do I Handle a Weak Password Alarm?
How Do I Set a Secure Password?
Web Tamper Protection
What Should I Do If WTP Cannot Be Enabled?
How Do I Modify a File After WTP Is Enabled?
What Are the Differences Between the Web Tamper Protection Functions of HSS and WAF?
Container Security
How Do I Disable Node Protection?
How Do I Enable Node Protection?
How Do I Enable the API Server Audit for an On-Premises Kubernetes Container?
What Do I Do If the Container Cluster Protection Plug-in Fails to Be Uninstalled?
What Do I Do If the Cluster Connection Component (ANP-Agent) Failed to Be Deployed?
What Do I Do If Cluster Permissions Are Abnormal?
Failed to Upload the Image to the Private Image Repository
What Do I Do If a Repository Image Scan Failed?
Ransomware Prevention
What Are the Differences Between Ransomware Protection Backup and Cloud Backup?
Ransomware Protection Exception
Security Configurations
How Do I Clear the SSH Login IP Address Whitelist Configured in HSS?
What Can I Do If I Cannot Remotely Log In to a Server via SSH?
How Do I Use 2FA?
What Do I Do If I Cannot Enable 2FA?
Why Can't I Receive a Verification Code After 2FA Is Enabled?
Why Does My Login Fail After I Enable 2FA?
How Do I Add a Mobile Number or Email Address for 2FA?
Do I Use a Fixed Verification Code for 2FA?
Will I Be Billed for Alarm Notifications and SMS?
Why No Topics Are Available for Me to Choose When I Configure Alarm Notifications?
Can I Disable HSS Alarm Notifications?
How Do I Modify Alarm Notification Items?
How Do I Disable the SELinux Firewall?
Protection Quota
How Do I Extend the Validity Period of HSS Quotas?
How Do I Filter Unprotected Servers?
Why Can't I Find the Servers I Purchased on the Console?
What Do I Do If My Quotas Are Insufficient and I Failed to Enable Protection?
How Do I Allocate My Quota?
If I Change the OS of a Protected Server, Does It Affect My HSS Quota?
Why Doesn't an HSS Edition Take Effect After Purchase?
How Do I Change the Protection Quota Edition Bound to a Server?
Can I Bind a Server to an HSS Quota If They Are in Different Enterprise Projects?
Others
How Do I Use the Windows Remote Desktop Connection Tool to Connect to a Windows Server?
How Do I Check HSS Log Files?
How Do I Enable Logging for Login Failures?
Why Can't I View All Projects in the Enterprise Project Drop-down List?
How Do I Enable or Disable the Agent Self-protection Policy?
What Do I Do If Windows Self-Protection Cannot Be Disabled?
Why Is a Deleted Server Still Displayed in the HSS Server List?
Videos