Updated on 2024-11-15 GMT+08:00

Enabling Protection

To enable protection, allocate a quota to a server or a container. After protection is disabled or the protected server or container is removed, the quota can be allocated to another server or container.

Prerequisites

  • Server
    • Choose Asset Management > Servers & Quota. The Agent Status of a server is Online, and the Protection Status of the server is Unprotected.
    • You have purchased required edition quotas in your region.
  • Container
    • Choose Asset Management > Containers & Quota. The Agent Status of the node is Online and the Protection Status is Unprotected.
    • You have purchased required edition quotas in your region.

Constraints and Limitations

  • Server

    Authorize the Windows firewall when you enable protection for a Windows server. Do not disable the Windows firewall while you use HSS. If the Windows firewall is disabled, HSS cannot block the source IP addresses of brute-force attacks. This problem may persist even if the Windows firewall is enabled after being disabled.

  • Container

    Currently, HSS can only protect Docker and Containerd running containers.

Enabling Protection

Perform the following operations to enable protection based on the edition you need.

Viewing Detection Details

After server protection is enabled, HSS will immediately perform comprehensive detection on the server. The detection may take a long time.

  1. In the navigation tree on the left, choose Asset Management > Servers & Quota.
  2. On the left of the protection list, click Unsafe Servers.

    Figure 3 Viewing risky items

  1. Click a server name to go to the details page. On this page, you can quickly check the detected information and risks of the server.

    Figure 4 Viewing the detection result

Follow-up Procedure

HSS provides server and container defense functions for you to enable as needed. For more information, see Manual configurations.

Table 1 Manual configurations

Category

Function

Reference

Security Configurations

  • Common login location/IP address
  • SSH login IP address whitelist
  • Isolate and kill malicious programs

Common Security Configuration

Server Protection

  • Application protection
  • Ransomware prevention
  • Application process control
  • File Integrity Monitoring (FIM)
  • Virus scan
  • Dynamic port honeypot

Server Protection

Container Protection

  • Container firewall
  • Container cluster protection

Container Protection