Overview

SecMaster provides policy management for you to manage and maintain tasks across accounts and resources. With this function, you can view all policies centrally, manage policies for seven defense lines manually, and query manual and automatic block records quickly.

Adding a Security Policy: Security policies are used to quickly contain attacks. You can select a block type based on the alert source to block attackers.
Managing Security Policies: describes Viewing a Security Policy, Editing a Security Policy, and Deleting a Security Policy.

Limitations and Constraints

Currently, only the WAF blacklist policies and VPC security groups can be configured in this module.
In a workspace you have, you can add up to 300 security policies that support block aging, and a maximum of 2,500 security policies in total. Limits on blocked objects you can add are as follows:
- For a policy to be delivered to WAF, each time a maximum of 500 IP addresses can be added as blocked objects by each account.
- For a policy to be delivered to VPC, every minute a maximum of 500 IP addresses can be added once as blocked objects by each account.
If an IP address is added to the blacklist, VPC or WAF will block requests from that IP address without checking whether the requests are malicious.
To ensure system stability, a maximum of five security policy tasks can be executed at the same time. If there are already five ongoing tasks, no more security policies can be added, retried, or edited.

Basic Concepts

Operation connections are asset connections associated with emergency policy processes. An asset connection contains a domain name and authentication parameters used by the plug-in node in workflows. SecMaster use the domain names to access other cloud services or third-party services. For more details, see Managing an Asset Connection.

Parent topic: Security Policies

Previous topic: Security Policies

Next topic: Adding a Security Policy