Sangfor Cloud Platform (SCP)

Enterprise Cloud Computing Platform Built on Business-Centric HCI.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
6.11.3
Sangfor Cloud Platform (SCP) {{ breadTitle }} Security Service Virtual Machine aSEC Deployment Steps Settings
{{sendMatomoQuery("Sangfor Cloud Platform (SCP)","Settings")}}

Settings

{{ $t('productDocDetail.updateTime') }}: 2025-12-22

Alerts Options

Function Description

aSecurity detects security events on VMs in real time, such as brute-force attacks, WebShell backdoors, ransomware, and Trojans. Then, it sends emails to the email address you specified to notify you of the detected security events.

Prerequisites:

You have configured the Simple Mail Transfer Protocol (SMTP) server (configuration path System > System > SMTP Server).

Precautions

aSecurity does not support alert notifications via SMS.

Steps

  1. Go to Settings > Alert Settings and click Change Email Address. On the page that appears, click New and select aSecurity Alert. For more information about alert settings, see section 4.12.4.2 "Alerts."
  2. If the platform detects a security or a vulnerability event, it sends an alert email to the email address you specified according to the set alert condition.

Security event alerts: You can set the maximum number of alert emails, which range from 1 to 1,000.

Vulnerability alerts: You can set Vulnerability Type and Alert Frequency. If you select Real-Time for Alert Frequency, you can set the maximum number of alert emails, which ranges from 1 to 1,000.

  1. Click Save.

Signature Database Update

Function Description

aSecurity supports the automatic and manual updates of the web vulnerability signature database and IPS database, ensuring that new threats are identified and blocked in a timely manner and enhancing system security.

Steps

Go to Settings > Signature Database Update. On the page that appears, you can view the information of current signature databases, including Signature Database, Current Version, Latest Version, and Update Time. You can perform operations such as online updates, manual import, and rollback.

Blacklist/Whitelist

Function Description:

aSecurity supports blacklist management for attack protection or brute-force attack events and whitelist management for IP addresses, VMs, security policies, or threat events.

Prerequisites

Allocate a quota and enable aSecurity for a tenant before creating a blacklist and whitelist for the tenant.

Precautions

  1. For the permanent blacklist, you can configure up to 2,048 items.
  2. For the rule whitelist, you can configure up to 2,048 items.
  3. For the VM/IP whitelist, you can configure up to 2,048 items.
  4. When creating a blacklist or whitelist, you can specify the impact scope, resource pool, and tenant VPC network.

Steps

  1. On the global Blacklist tab, add or remove source IP addresses related to attack protection events and remove those related to brute-force attack events as needed.
  2. On the Rule Whitelist tab, add, remove, enable, or disable the enabled web vulnerability protection or IPS policies as needed.
  3. On the VM/IP Whitelist tab, add or remove source IP addresses and destination IP addresses/VMs related to attack protection events and remove those related to brute-force attack events as needed.
  4. On the File Whitelist tab, remove trusted threat events as needed, which will also remove files with the same MD5 value.

Troubleshooting

Function Description

This feature allows you to troubleshoot network disconnections or service or application inaccessibility on aSecurity. Currently, precise traffic analysis and global passthrough modes are supported.

Precise traffic analysis (Recommended): This option is recommended when individual users are disconnected from the network or when individual services or applications are inaccessible. By enabling this option, you can obtain packets that have been dropped due to cyber attack protection policies to analyze intercepted access requests. This option will be automatically disabled one hour after it is enabled.

Global Passthrough Analysis (operate with caution):

Within the specified scope, all cyber attack protection policies will not take effect. It is recommended to use this feature when precise traffic analysis on large-scale network interruptions cannot be performed.

Precautions

  1. Precise traffic analysis will be automatically disabled 1 hour after it is enabled.
  2. You can start only one precise traffic analysis task at a time.

Steps

  1. Precise traffic analysis (recommended): Go to Settings > Troubleshooting, select Precise Traffic Analysis for Method, set Source IP or Destination IP, select Protocol and Impact Scope, and click Enable.
  2. Global Passthrough Analysis (operate with caution): Go to Security Settings > Troubleshooting, select Global Passthrough for Method, select Impact Scope, and click Enable.

aSecurity Upgrade

This section provides guides on how to upgrade aSecurity.

Prerequisites

The latest service pack or upgrade package has been obtained.

Precautions

  1. You can install up to 10 service packs for a version.
  2. You can roll back one service pack at a time, in reverse order of the upgrade sequence.
  3. Cold start is used for upgrade and rollback, that is, aSecurity VM restart.
  4. If the upgrade or rollback is interrupted, the service pack is rolled back automatically.

Steps

  1. Download the upgrade package.
  2. Go to Settings > aSecurity Upgrade, click Upgrade after the environment check finished click next. Then upload the upgrade package, click next, wait for the package to check complete, click Next wait for the upgrade complete.

Remote Maintenance

Function Description

You can contact technical support for remote diagnostics, troubleshooting, and fixing to improve system performance or recover businesses.

Precautions

SSH Port will be automatically disabled 4 hours after it is enabled.

Steps

Go to Settings > Remote Maintenance and click Enable SSH Port. Then, aSecurity can be remotely maintained via SSH.