Security Protection
  • Anti-DDoS Service uses dedicated anti-DDoS devices to provide refined anti-DDoS capabilities for customer Internet applications, defending against all DDoS attacks, such as CC, SYN flood, and UDP flood. Users can configure parameters to specify the threshold for DDoS prevention based on the rented bandwidth. When the system detects a DDoS attack, it defends against the attack and notifies the user.
  • Security Index Service evaluates security of the user cloud environment to quickly identify security vulnerabilities and threats. The service also provides security configuration check as well as the optimal security practice suggestions, effectively reducing or eliminating user loss caused by network viruses and attacks.
  • Key Management Service provides easy-to-use and secure cloud-based encryption and key management on a simple key management user interface. The service also supports the encryption feature for other cloud services, eliminating the data security worries.
  • SSL Certificate Service provides one-stop life-cycle management of Secure Sockets Layer (SSL) certificates and Transport Layer Security (TLS) certificates. It is developed by Huawei and globally renowned digital certificate service institutes to offer reliable identity authentication and secure data transmission for web sites.
  • Host Intrusion Detection uses security detection clients deployed on ECSs and works with the anti-intrusion control center of HUAWE CLOUD to provide real-time and visualized intrusion trace detection. In addition, the service uses security scanning to identify system vulnerabilities and web page backdoors in ECSs, thereby effectively protecting the ECS security and reducing intrusion risks.
  • Host Vulnerability Detection provides security detection specified for ECSs. The agents installed on ECSs periodically scan the OSs to help users timely learn the OS security vulnerabilities so that users can take measures to fix these vulnerabilities before they are used to attack the system.
  • Web Scan is used to detect ECS vulnerabilities. It provides various scanning services, including general web vulnerability scanning, third-party application vulnerability scanning, port detection, and fingerprint identification.
  • Web Application Firewall uses Agent installed on ECSs to protect web applications on the ECSs from common web attacks, including SQL injection and cross-site scripting attacks (XSS attacks) and provides webshell uploading protection, anti-leeching, and IP whitelists/blacklists.
  • Web Application Firewall uses the DNS resolution mode. Specifically, the service changes record type A RecordSet in the DNS configuration into CNAME RecordSet and points it to the specified CNAME address to protect web applications. Web Application Firewall filters out attacks to prevent them, thereby hiding and protecting the elastic IP address of ECSs.
  • Penetration Test Service is a management platform of penetration test service orders. Users can create a penetration test service order on the platform. Then, the platform will automatically forward the order to a third-party security company using emails.
  • Application Recognition Service is an intelligent process management process. Based on a customized whitelist, the service automatically prohibits execution of unauthorized programs, thereby ensuring the ECS security.
  • Security Situation Awareness uses big data mining and machine learning to comprehensively analyze users' security status, helping users to accurately obtain the ECS security information.
  • Web Tamper Protection uses file drives to comprehensively protect a specified user directory from hackers and viruses which tamper or destroy files such as web pages, digital documents, photos, and databases in the directory.

Provides Scalable, On-demand Computing Resources

Learn More