Enabling Container Node Protection

Before enabling protection for a container node, you need to allocate quota to a specified node. If the protection is disabled or the node is deleted, the quota can be allocated to other nodes.

Check Frequency

HSS performs a full check in the early morning every day.

If you enable server protection before the check interval, you can view check results only after the check at 00:00 of the next day is complete.

Prerequisite

The Agent Status of a server is Online. To check the status, choose Host Security Service > Asset Management > Containers & Quota.
You have created nodes on CCE.
The Protection Status of the node is Unprotected.

Procedure

Log in to the management console.
In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service (New).

Figure 1 Accessing HSS
In the displayed dialog box, click Try the new edition to switch to the HSS (New) console.
- Currently, HSS is available in the following regions: CN South-Guangzhou, CN-Hong Kong, AP-Bangkok, and AP-Singapore.
- On the HSS (New) console, you can click Back to Old Console in the upper left corner to switch to the HSS (Old) console.
In the navigation pane, choose Asset Management > Containers & Quota.

Figure 2 Accessing the container node management page
In the Operation column of the node list, click Enable Protection.

Figure 3 Enabling container protection
You can buy quota in pay-per-use or yearly/monthly mode.
- Yearly/Monthly
  In the displayed dialog box, select Yearly/Monthly, read the Container Guard Service Disclaimer, and select I have read and agreed to Container Guard Service Disclaimer
  Figure 4 Enabling yearly/monthly protection
  The quota can be allocated in the following ways:
  - Select Select a quota randomly. to let the system allocate the quota with the longest remaining validity to the server.
  - Select a quota to allocate.
- On-demand
  In the displayed dialog box, select pay-per-use, read the Container Guard Service Disclaimer, and select I have read and agreed to Container Guard Service Disclaimer
  
  Figure 5 Enabling pay-per-use protection
Click OK. If the Protection Status of the server changes to Protected, protection has been enabled.
- During purchase, set Node Quantity to the number of nodes you want to protect.

Follow-Up Procedure

Disabling protection for a node

Choose Asset Management > Containers & Quota, click the Container Nodes tab, and click Nodes. In the Operation column, click Disable Protection.

If protection is disabled, the quota status will change from occupied to idle. You can allocate the idle quota to another node or unsubscribe unnecessary quota to avoid quota waste.

Before disabling protection, perform a comprehensive detection on the container, handle detected risks, and record operation information to prevent O&M errors and attacks on the container.
After protection is disabled, clear important data on the container, stop important applications on the container, and disconnect the container from the external network to avoid unnecessary loss caused by attacks.

Parent topic: Enabling HSS

Previous topic: Enabling the WTP Edition

Next topic: (Optional) Switching the HSS Edition

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with GUI

Incorrect steps

Lack of examples

Missing parameter descriptions

Unclear descriptions

Function issues

Other

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot