Access Guide

1

Purchasing Protection Quotas

HSS provides the basic, professional, enterprise, premium, web tamper protection, and container edition. Each edition supports different functions and features. You need to purchase the corresponding edition based on your protection requirements for servers or containers. For details about the differences between HSS versions, see Specifications of Different Editions.

2

Installing the Agent

The HSS agent is a piece of software installed on cloud servers to exchange data between the servers and HSS, implementing security detection and protection. You can use only after installing the agent.

3

Enabling Protection

You need to enable protection for your ECSs.

4

Enabling Alarm Notifications

By default, security risks detected by HSS are displayed on the management console. You need to log in to the console and view the risks. If you want to know the security risks of servers or containers in a timely manner, you can enable the alarm notification function. After the function is enabled, HSS will send security risks to you by SMS or email.

5

Common Security Configurations

To improve ECS security, you can configure the following ECS security protection items based on your service requirements:

• Common login locations: HSS allows users to log in to ECSs in common login locations and generates alarms when users log in to ECSs in non-common login locations.
• Common login IP address: HSS allows common login IP addresses to log in to ECSs and generates alarms for uncommon login IP addresses.
• SSH login IP address whitelist: HSS only allows IP addresses in the whitelist to log in to ECSs using SSH.
• Two-factor authentication: The two-factor authentication mechanism is used together with the SMS or email verification code to perform secondary authentication on ECS login.
• Isolation and killing of malicious programs: HSS automatically isolates and kills identified malicious programs, such as backdoors, Trojans, and worms.