Functions and Features
HSS provides asset management, vulnerability management, intrusion detection, baseline inspection, and web tamper protection (WTP) functions.
Asset Management
Deeply scan the accounts, ports, processes, web directories, software information, and auto-started tasks on your servers. You can manage all your information assets on the Assets page.
Function |
Description |
Check Mode |
---|---|---|
Account information management |
Check and manage all accounts on your servers to keep them secure. You can check real-time and historical account information to find suspicious accounts.
|
Real-time check |
Open port check |
Check open ports on your servers, including risky and unknown ports. You can check Port Type, Servers, Risk Level, Status, Port Description, and the specific Server, Bound IP Address, Status, PID, and Program File of a port. |
Real-time check |
Process check |
Check processes on your servers and find abnormal processes. You can check Process Name, Servers, Total Number of Processes, Total Number of File Names, and the specific Server, Process Path, File Permission, User, PID, and startup time of a process. |
Real-time check |
Web directory management |
Check and manage directories used by web services on your servers. You can check the File Path, Application Type, Local Port, URL, PID, and Program File. |
Real-time check |
Software information management |
Check and manage all software installed on your servers, and identify insecure versions. You can check real-time and historical software information to determine whether the software is risky.
|
|
Auto-startup |
Check and list auto-started services, scheduled tasks, pre-loaded dynamic libraries, run registry keys, and startup folders. You can get notified immediately when abnormal automatic auto-start items are detected and quickly locate Trojans. |
Real-time check |
Vulnerability Management
The vulnerability management function detects vulnerabilities and risks in Linux OSs, Windows OSs, and Web content management systems (Web-CMSs).
Function |
Description |
Check Mode |
---|---|---|
Software vulnerability detection |
Check vulnerabilities in Linux and Windows OSs. Check and handle vulnerabilities in your system and the software (such as SSH, OpenSSL, Apache, and MySQL) you obtained from official sources and have not compiled. |
|
Web-CMS vulnerability detection |
Check and handle vulnerabilities found by scanning web directories and files in your Web-CMS. |
Baseline Inspection
The baseline check function detects risky configurations of server systems and key software.
Function |
Description |
Check Mode |
---|---|---|
Password policy check |
|
|
Common weak password detection |
|
|
Unsafe configuration item check |
Check for unsafe Tomcat, Nginx, and SSH login configurations. On the Configure Detection page, you can view the description, matched detection rule, threat level, and status of a configuration.
|
|
Intrusion Detection
The intrusion detection function identifies and prevents intrusion to servers, discovers risks in real time, detects and kills malicious programs, and identifies web shells and other threats.
Advanced Protection
Function |
Description |
Check Mode |
---|---|---|
Application recognition service (ARS) |
Set whitelist policies, and determine whether applications are Trusted, Untrusted, or Unknown. The applications that are not whitelisted are not allowed to run. This function protects your servers from untrusted or malicious applications, reducing unnecessary resource usage. |
Real-time check |
File integrity monitoring (FIM) |
Check the files in the Linux OS, applications, and other components to detect tampering. |
Real-time check |
Ransomware prevention |
Analyze operations on servers, identify trusted applications, and report alarms on untrusted applications, depending on your settings. |
Real-time check |
WTP
Web Tamper Protection (WTP) can detect and prevent tampering of files in specified directories, including web pages, documents, and images, and quickly restore them using valid backup files.
Function |
Description |
Check Mode |
---|---|---|
Static WTP |
Prevents static web page files on website servers from being tampered with. |
Real-time check |
Dynamic WTP |
Prevents dynamic web page content in website databases from being tampered with. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot