{{ $t('productDocDetail.updateTime') }}: 2026-01-08

Prerequisite

Complete the deployment of aSEC platform.

Precautions

1. Specification adjustment may generate the following impacts on your business: For access to services with cyber attack protection enabled, a small number of packets (one or two) may be lost, and a network jitter of no more than 10 seconds may occur. We recommend that you perform the operation during off-peak hours.
2. After modifying the cyber attack protection configurations, the cyber attack protection module will take effect after the restart, and the communication will become disconnected for a short time period. The restart can be completed within 1 minute. If any troubleshooting task exists, it will also be automatically closed.
3. If cyber attack protection is enabled, it occupies the CPU and memory resources of each physical host, which can be 1 CPU core, 1 GB memory by default and 8 CPU cores, 8 GB memory at maximum.

Steps:

Step 1.Log in to the SCP platform, select Compute > Image > Advanced Service Image, and click the Upload button (the image file can be downloaded from the Sangfor community).

Step 2.Select the local advanced service image file (vma format) to be uploaded, select the service type and the resource pool, and click the Upload button.

Type: cloud service security protection

Resource pool: The resource pool is run by the virtual machine of the Cloud Security Center.

Step 3.After the upload is complete, click the View Image button to return to the Advanced Service Image page, or click the Close button.

Step 4.After completing the aSEC installation, enter the aSecurity Center page and click Go Now on the pop-up message box to enable the cloud host security protection.

Step 5.Go to the Security Settings > Security Capabilities page, and click the Enable button of VM Security Protection.

Step 6.Configure and deploy the EDR_MGR management platform.

• Basics

Resource Pool: cluster running on the virtual machine of the priority cloud security center.

VM Image: The virtual machine security protection image imported from the advanced service image.

Datastore: Prefer virtual storage volume.

Run location: keep the default.

• Management interface configuration: connect to a physical edge (the physical edge must be able to access the HCI and SCP management interfaces, and it is recommended to plan the same network segment as the SCP management network).

• Edge-Connected Interface configuration (optional): It is connected to the physical edge of the service network, which is used to connect to the security servers such as virus databases and cloud search service, and it must be ensured that the interface can be connected to the following servers:

Virus database: http://download.sangfor.com.cn/download/product/edr

Vulnerability patch:

Step 7.After successful deployment, go back to the Security Capabilities page and click Add Resource Pool to enable VM security protection and cyber attack protection for a resource pool.

• Cyber attack protection specifications: Select the specifications as needed. If the specifications do not match the remaining resources of the physical host, that is, resources are insufficient, enablement may fail.

• Processing for performance overload:

Passthrough: The platform automatically enables the policy passthrough mode if it is detected that the traffic limit is exceeded. This helps avoid business interruption.

Packet loss: The platform directly drops excessive packets if it is detected that the traffic limit is exceeded, which may cause business interruption.

[5]