Server Guard protects Elastic Compute Service (ECS) instances by providing security features such as vulnerability management , baseline check, intrusion detection, and asset management. To do this, the module performs operations such as log monitoring, file analysis, and signature scanning.

• Baseline check

Performs security baseline checks for Elastic Compute Service (ECS) instances. The baseline checks ensure that the ECS instances comply with the security standards for enterprise servers.

• Vulnerability management

Scans ECS instances for software vulnerabilities, and provides suggestions on vulnerability fixes. Provides quick fixes for critical vulnerabilities in applications and operating systems on your ECS instances.

• Webshell detection and removal

Detects and removes webshells based on specified rules, and allows you to manually quarantine webshells.

• Brute-force attack blocking

Detects and blocks brute-force attacks in real time by monitor a system for any suspicious activity.

• Unusual logon alerting

Detects unusual logons based on the approved logon settings and generates alerts.

• Suspicious server detection

Detects suspicious activities such as reverse shells, Java processes running CMD commands, and unusual file downloads by using Bash.

• Asset fingerprints

Collects up-to-date information about the servers, such as ports, accounts, processes, and applications, to perform event tracking

• Log retrieval

Centrally manages server logs of processes, networks, and system logons. This helps you to use logs to locate the cause of an issue.

• Threat management for your entire network

Server Guard automatically collects various log data from your services on the cloud, and implements control over found security threats.

• Server guard management on different platforms in one console

Multi-OS: Security Center is compatible with multiple operating systems (OSs).

Centralized control: You can view information and perform operations in the unified web console

• Anti-virus and anti-ransomware

Security Center supports the proactive detection and termination of mainstream ransomware, mining programs, backdoor programs, worms, malicious programs, DDoS trojans, and trojan programs.

• Automated attack traceability

Security Center automatically traces the sources and causes of attacks. This helps you understand the ins and outs of intrusion threats and make quick responses.