To quickly protect cloud-native applications, you need to purchase a CSG instance and configure the protection policy. After the protection is enabled, view access statistics and attack protection records through the dashboard, and learn the security status of the service.
Configuration Flow:
Step I: Purchasing a CSG Instance
For details, see Purchasing CSG.
Step II: Installing a Sever/Agent
For details, see Installing a Sever/Agent.
Step III: Configuring Protection Policy
After the Server/Agent installation is complete, the system defaults to enable default policy to protect all containers and switches the status to be enabled.
You can also customize the protection policy. Details are as follows:
1. Log in to the CSG Console. On the left navigation bar, select Container security > Policy Management to go to the policy Management page.
2. On the Intrusion detection policy page, you can add a protection policy and switch the enable status of the policy to be enabled.
3. On the Intrusion detection rules page, you can manage command execution, read/write files, network activities, file contents, and other detection rules.
Step IV: Viewing Event Reports
After the protection is enabled for the container, the protection event information is recorded, including alarm name, alarm level, alarm type, cluster name, affected node, affected namespace, affected container, status, first discovery time, last discovery time, etc.
1. Log in to the CSG Console.
2. Select Alrm > Intrusion detection on the left navigation bar.
3. You can view the protection records of the container in the protection alarm list.
4. Click"Handle" in the list operation column to select how to process the event, such as Mark as resolved,
5. Join the whitelist, Isolate the Pod, Restart the Pod, 
Paused container, etc.