Features
With SA, you can manage security posture of all your cloud assets in one place. SA provides many functional modules, including Security Overview, Resource Manager, Event Analyses, Threat Alarms, Baseline Inspection, Events, Logs, and Integrations.
Security Overview
The Security Overview page gives you a comprehensive overview of your asset security posture together with other linked cloud security services to collectively display security assessment findings.
Function Module |
Description |
---|---|
Security Score |
SA evaluates and scores your cloud asset security. You can quickly learn of unhandled risks and their threats to your assets. The lower the security score, the greater the overall asset security risk. |
Security Monitoring |
You can view how many threats, vulnerabilities, and compliance violations that are not handled and view their details. |
Your Security Score over Time |
You can view your security scores for the last 7 days. |
Threat Detection |
You can view how many alarms are detected for the last 7 days and their types. |
Resource Manager
SA displays the real-time security status of assets on the cloud.
Function Module |
Description |
---|---|
SA synchronizes the security status statistics of all resources in the current account. You can quickly locate unhealthy resources and find the solutions by viewing the resource name and security status as well as cloud services and regions involved. Currently, you can view the security status of the following resources: Elastic Cloud Server (ECS), Virtual Private Cloud (VPC), Object Storage Service (OBS), Elastic IP (EIP), Domain Name Service (DNS), Elastic Load Balance (ELB), Relational Database Service (RDS), Bare Metal Server (BMS), Cloud Container Engine (CCE), Cloud Container Instance (CCI), Web Application Firewall (WAF), SSL Certificate Manager (SCM), and Elastic Volume Service (EVS) |
Event Analyses
This module displays security status and potential security risks on your cloud assets.
Function Module |
Description |
---|---|
HSS |
SA aggregates alarms from HSS to centrally analyze security status and risks of your ECSs. To use this function, buy HSS first. |
WAF |
SA aggregates alarms from WAF to centrally analyze security status and risks of your web applications. To use this function, buy WAF first. |
DBSS |
SA aggregates alarms from DBSS to centrally analyze security status and risks of your databases. To use this function, buy DBSS audit first. |
Threat Alarms
In this module, SA reports alarms based on real-time monitoring, displays details of alarms for the last 180 days, and defends against typical threats by using varied preset protection policies.
SA can detect and display varied types of threats, including distributed denial of service (DDoS) attacks, brute-force attacks, web attacks, Trojans, zombie computers, Command-and-Control (C&C) attacks, abnormal behavior, and exploits. For details, see Threat Alarm Events.
Function Module |
Description |
---|---|
SA lists statistics on threat alarms. You can view details of threat alarms and details of threatened assets. You can also export all alarms. |
|
SA allows you to query threats or attacks by Attack source or Attacked asset. |
|
SA allows you to customize the threat list, alarm type, and risk severity to view only concerned threat alarms. |
|
SA allows you to customize alarm notifications. You can set scheduled daily alarm notifications and real-time alarm notifications to learn about threat risks in a timely manner. |
Threat Alarm Events
SA monitors your network in rea time and reports alarms when threats are detected. SA can detect varied types of threats, including DDoS attacks, brute-force attacks, web attacks, backdoor Trojans, zombies, abnormal behavior, exploits, and C&C attacks.
Baseline Inspection
SA can scan cloud baseline configurations to find out unsafe settings, report alarms for events, and offer hardening suggestions to you.
Function Module |
Description |
---|---|
You can start manual scans and configure periodic scans. SA will then display events by category, report non-compliant items, and offer hardening suggestions and guidance. SA can check your workloads based on three security standards, Cloud Security Compliance Check 1.0 and Network Security.
|
Events
SA aggregates detection data from a variety of related services so that you can monitor all events in one place.
Function Module |
Description |
---|---|
Multiple event types are included. You can mark and export events, and customize the event list. |
Logs
You can authorize Object Storage Service (OBS) to store SA logs in OBS buckets. This makes it easier for you to store and export SA logs securely and meet audit requirements for storing logs for 180 days.
Function Module |
Description |
---|---|
You can store SA logs in OBS to meet log audit and disaster recovery requirements. |
For SA log disaster recovery, you can use Data Ingestion Service (DIS) to transmit the logs dumped to OBS buckets to your offline security information and event management (SIEM) system. You can also upload logs in the offline SIEM system to the cloud through DIS for analysis and storage.
With DIS, you can use a wide range of data transmission tools, such as Kafka Adapter, DIS Agent, DIS Flume Plugin, DIS Flink Connector, DIS Spark Streaming, and DIS Logstash Plugin. For details, see Using DIS.
Integrations
SA integrates a variety of security products to aggregate their detection data and manage the data sources of events.
Function Module |
Description |
---|---|
By integrating other security services, SA makes it easy for you to aggregate detection results or events reported by different products, manage the sources of events, view the transmitted data volume, and manage the health status of reporting detection data to SA. SA can aggregate detection data from Huawei Cloud HSS, WAF, and Anti-DDoS. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot