HSS

What Is HSS?

Host Security Service (HSS) is designed to protect server workloads in hybrid clouds and multi-cloud data centers. It integrates server security, container security, and web tamper protection capabilities. HSS protects your system integrity, enhances application security, monitors user operations, and detects intrusions.

HSS is designed to enhance server security through diverse functions, including server management, risk prevention, intrusion detection, security operations, and web tamper protection (WTP). HSS can comprehensively identify and manage information assets on servers, detect server risks in real time, and prevent intrusions. This helps companies build a server security system and reduce threats. For more information about how HSS works, see What Is HSS?

After installing the HSS agent on your ECSs, you will be able to check the ECS security status and risks in a region on the HSS console.

How Do I Enable HSS?

For existing ECSs without host protection enabled, you can enable HSS as follows.

**Table 1** Process of enabling HSS
Step	Step	Description
1	Purchasing HSS	HSS provides the basic, professional, enterprise, premium, web tamper protection, and container editions. Each edition supports different functions and features. You need to purchase the corresponding edition based on your protection requirements for servers. For details about the differences between HSS editions, see Features.
2	Installing the Agent on Huawei Cloud Servers	The agent is a piece of software provided by HSS. It is installed on cloud servers to interact with the HSS cloud protection center, performing security checks and protection for servers. You can enable HSS only after the HSS agent is installed on your servers.
3	Enabling Protection	You need to enable protection for your ECSs.
4	(Optional) Enabling Alarm Notifications	By default, security risks detected by HSS are displayed on the management console. You need to log in to the console and view the risks. If you want to know the security risks of servers or containers in a timely manner, you can enable the alarm notification function. After the function is enabled, HSS will send security risks to you by SMS or email.
5	(Optional) Security Configurations	To improve ECS security, you can configure the following ECS security protection items based on your service requirements: Host login protection: You can configure common login locations, common login IP addresses, and SSH login IP address whitelists. If a login is made from an uncommon location or IP address, an alarm will be generated. If the login IP address is not in the whitelist, the login will be rejected. Two-factor authentication: The two-factor authentication mechanism is used together with the SMS or email verification code to perform secondary authentication on ECS login. Isolation and killing of malicious programs: HSS automatically isolates and kills identified malicious programs, such as backdoors, Trojans, and worms.

How Do I Check Host Security Statuses?

On the Server tab, you can view the ECS security statuses in the current region.

Choose Asset Management > Servers & Quota > Servers to view the security statuses of target servers.

**Table 2** Statuses
Parameter	Description
Agent Status	Not installed: The agent has not been started or even has not been installed. Online: The agent is running properly. Offline: The agent fails to communicate with the HSS server. Therefore, HSS cannot protect your ECS. Click Offline. Then, the ECSs with agent being offline and the offline reasons are displayed.
Protection Status	Enabled: The ECS is properly protected using HSS. Disabled: HSS has been disabled on the ECS. If an ECS does not need protection, disable HSS on it to reduce its resource consumption.
Detection Result	Risky: The ECS is risky. Safe: No risks are detected. Pending risk detection: HSS is not enabled for the ECS.

For more details, see What Is HSS?

Parent Topic: Security

Previous topic: Changing a Security Group

Next topic: Project and Enterprise Project

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.