Help Center> Host Security Service (New)> User Guide> Asset Management> Server Management> Enabling Protection> Basic/Professional/Premium Edition
Updated on 2023-01-20 GMT+08:00
View PDF

Basic/Professional/Premium Edition

The basic, enterprise, and premium editions provide different levels of protection for your servers. You can purchase and enable them as needed.

Precautions

The enterprise edition can be paid after use. To enable other editions, purchase their quotas first. For more information, see Purchasing an HSS Quota and Purchasing a CGS Quota.

Check Frequency

HSS performs a full scan in the early morning every day.

After you enable server protection, you can view scan results after the automatic scan in the next early morning, or perform a manual scan immediately.

Prerequisite

The agent has been installed on the servers to be protected, the agent status is Online, and the protection status is Unprotected.

Restrictions

  • Linux

    On servers running the EulerOS with ARM, HSS does not block the IP addresses suspected of SSH brute-force attacks, but only generates alarms.

  • Windows
    • Authorize the Windows firewall when you enable protection for a Windows server. Do not disable the Windows firewall during the HSS in-service period. If the Windows firewall is disabled, HSS cannot block brute-force attack IP addresses.
    • If the Windows firewall is manually enabled, HSS may also fail to block brute-force attack IP addresses.

Procedure

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.

    Figure 1 Accessing HSS

  3. In the displayed dialog box, click Try the new edition to switch to the HSS (New) console.

    • Currently, HSS is available in the following regions: CN South-Guangzhou, CN-Hong Kong, AP-Bangkok, and AP-Singapore.
    • On the HSS (New) console, you can click Back to Old Console in the upper left corner to switch to the HSS (Old) console.

  4. In the navigation pane, choose Asset Management > Servers & Quota. Click the Server tab.

    If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

  5. Enable protection for one or multiple servers.

    Figure 2 Enabling protection
    • Enabling protection for a server
      1. Click Enable in the Operation column of a server. In the dialog box that is displayed, confirm the server information and select the billing mode, edition, and quota.
        Figure 3 Confirming the protection information about a server
        Table 1 Protection parameters

        Parameter

        Description

        Example Value

        Billing Mode
        • Yearly/Monthly
          • Select the basic, enterprise, or premium edition.
          • No free trial is available here. You will be billed by the required duration you selected.
          • A yearly/monthly package provides a higher discount than the pay-per-use mode does, and is recommended for long-term users.
        • On-demand
          • Only the enterprise edition is supported.
          • You pay for the duration you use the resources. Prices are calculated by hour, and no minimum fee is required.

        Yearly/Monthly

        Edition

        Select the basic, enterprise, or premium edition.

        • Basic edition: It protects test servers or individual users' servers. It can protect any number of servers, but only part of the security scan capabilities are available. This edition does not provide protection capabilities, nor does it provide support for the DJCP Multi-level Protection Scheme (MLPS) certification. The basic edition is free of charge for 30 days if it was enabled for the first time.
        • Enterprise edition: It provides support for the DJCP MLPS certification. Main features include asset fingerprint management, vulnerability management, malicious program detection, web shell detection, and abnormal process behavior detection. For details, see Editions and Features.
        • Premium edition: It helps you with the DJCP MLPS certification and provides advanced features, including application protection, ransomware prevention, high-risk command detection, privilege escalation detection, and abnormal shell detection. For details, see Editions and Features.

        Enterprise

        Select Quota

        Select a quota for the server.

        • If you do not want to specify a quota, select Select a quota randomly.
        • You can also select a quota. If you are enabling protection for multiple servers, only one of them will be bound to the selected quota, and the rest of the servers will be bound to randomly allocated quotas.
        NOTE:

        If the system displays a message indicating that there are no available quotas, you need to purchase quotas first.

        Select a quota randomly
      2. Confirm the information and click OK. If the Protection Status of the server is Protected, it indicates protection has been enabled.
    • Enabling protection in batches
      1. Select multiple servers and click Enable above the server list. In the dialog box that is displayed, confirm the server information and select the billing mode, edition, and quota.
        Figure 4 Confirm information about multiple servers
        Table 2 Protection parameters

        Parameter

        Description

        Example Value

        Billing Mode
        • Yearly/Monthly
          • Select the basic, enterprise, or premium edition.
          • No free trial is available here. You will be billed by the required duration you selected.
          • A yearly/monthly package provides a higher discount than the pay-per-use mode does, and is recommended for long-term users.
        • On-demand
          • Only the enterprise edition is supported.
          • You pay for the duration you use the resources. Prices are calculated by hour, and no minimum fee is required.

        Yearly/Monthly

        Edition

        Select the basic, enterprise, or premium edition.

        • Basic edition: It protects test servers or individual users' servers. It can protect any number of servers, but only part of the security scan capabilities are available. This edition does not provide protection capabilities, nor does it provide support for the DJCP Multi-level Protection Scheme (MLPS) certification. The basic edition is free of charge for 30 days if it was enabled for the first time.
        • Enterprise edition: It provides support for the DJCP MLPS certification. Main features include asset fingerprint management, vulnerability management, malicious program detection, web shell detection, and abnormal process behavior detection. For details, see Editions and Features.
        • Premium edition: It helps you with the DJCP MLPS certification and provides advanced features, including application protection, ransomware prevention, high-risk command detection, privilege escalation detection, and abnormal shell detection. For details, see Editions and Features.

        Enterprise

        Select Quota

        Select a quota for the server.

        • If you do not want to specify a quota, select Select a quota randomly.
        • You can also select a quota. If you are enabling protection for multiple servers, only one of them will be bound to the selected quota, and the rest of the servers will be bound to randomly allocated quotas.
        NOTE:

        If the system displays a message indicating that there are no available quotas, you need to purchase quotas first.

        Select a quota randomly
      2. Confirm the information and click OK. If the Protection Status of the server is Protected, it indicates protection has been enabled.

Parent topic: Enabling Protection