Server Security Defender

Server Security Defender protects server security through continuous monitoring and analysis of server status and behavior. Through intelligent integration and collaboration of four major functions, namely asset stocktaking, risk discovery, intrusion detection, and compliance baseline management, Server Security Defender quickly and accurately detects security threats and intrusion events, implements unified security policy management, and responds rapidly to intrusion incidents.
  • Product Advantages
  • Features
  • Scenarios

Product Advantages

Fast | Rapid Scanning

Agent-based simultaneous scanning of multiple servers enables faster asset stocktaking and system tasks.

Multi-dimensional | Accurate Detection

Sets up thousands of monitoring indicators to establish a multi-dimensional, multi-level, in-depth detection system, realizing accurate detection and uninterrupted monitoring of file processes, server access, and more.

Efficient | Low Resource Consumption

The resource consumption is extremely low with CPU usage less than 1% and memory usage less than 40 MB. The function actively degrades and limits resource occupancy strictly when the system load is too high.

Professional | Comprehensive Anti-Virus Check

Provides comprehensive anti-virus capabilities, bringing users a secure, professional, and effective anti-virus experience by integrating mainstream anti-virus engines such as AVIRA and ClamAV.

Features
Asset Stocktaking Counts key assets of more than ten types of servers, realizes automatic identification of more than 800 types of applications, and boasts good scalability to help users automatically build fine-grained asset information from a security perspective. It also supports accurate identification and dynamic perception of assets.
Risk Assessment Accurately discovers internal risks, quickly locates and effectively resolves security problems, and provides detailed asset information and risk information for analysis, including discovering uninstalled patches, application configuration defects, new vulnerabilities, unauthorized operations of O&M personnel, asset exposure risks, and weak password detection.
Intrusion Detection Quickly discovers and handles hacker attacks through continuous monitoring and analysis of intrinsic indicators.
Compliance Baseline Management Establishes baseline requirements according to the regulations of CIS, covering multiple versions of mainstream operating systems, web applications, databases, and more, based on which you can quickly conduct a self-assessment of internal risks, discover problems and fix them in time, and customize security baselines.
Anti-Virus Features By integrating mainstream anti-virus engines, the product discovers the virus process on the server in real time, provides analysis results from multiple perspectives, and processes the virus accordingly, effectively closing the loop from detection, analysis to processing and recovery.

Scenarios

< >
  • Server Security Protection
  • Discovery of New Vulnerabilities
Applicable Scenario
  • Server security is critical to enterprise network security, directly affecting the enterprise services once attacked. Laws and regulations on server intrusion detection and malicious Trojan horse protection also stipulate that server intrusion detection is indispensable.
Issues to Address
  • Brute Force Attack
  • Monitors brute force behavior on servers in real time and provides the capability to block the source IP of brute force attempts, which can be realized through automatic and manual blocking or a trustlist function.
  • Abnormal Login
  • Monitors abnormal logins in real time, and discovers abnormal login IP addresses, regions, times, and more. You will need to establish normal login rules before enabling this function. Blocking and unblocking is also supported.
  • Reverse Shell
  • Monitors reverse connection behavior on servers in real time and generates detailed attack records, and supports trustlist rule settings and blocking of reverse shell behaviors.