Logo of Trend Micro

Enable Asset Fingerprints Data Collection

Trend Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 1000 automated best practice checks.

Risk Level: Medium (should be achieved)

Ensure that Alibaba Cloud Security Center utilizes the Asset Fingerprints feature to automatically gather fingerprint data for all your servers, aiding in the investigation of potential security risks within your cloud account. To make use of this feature, you must configure the fingerprint collection frequencies for your servers to automate collection tasks. Only the Enterprise and Ultimate editions of Security Center support Asset Fingerprints.

Security

Enabling Asset Fingerprints in Alibaba Cloud Security Center unlocks deep asset understanding. It scans ports, software, tasks, and processes, revealing potential vulnerabilities like open backdoors. The resulted fingerprint data enables you to quickly investigate and address security risks, keeping your cloud environment safer.

Audit

To determine if the automatic collection of server fingerprints is enabled in the Security Center settings, perform the following operations:

Getting the Asset Fingerprints feature configuration information via Alibaba Cloud CLI (aliyun) is not currently supported.

Using Alibaba Cloud Console

01 Sign in to your Alibaba Cloud account.

02 Navigate to Security Center console available at https://yundun.console.aliyun.com/?p=sas#/overview/home.

03 In the top navigation bar, select the region where your servers reside (China or Outside China).

04 In the left navigation panel, under Assets, choose Host.

05 Select the Account tab and choose Settings to access the Asset Fingerprints feature settings. If the Asset Fingerprints settings are not available, instead a Buy Now page is displayed, your current Security Center plan does not support the feature. If the feature settings are available, check the Middleware attribute value to determine the frequency configured for the automatic periodic collection task. If the Middleware parameter is not configured, the automatic collection of server fingerprints is not enabled within your Alibaba Cloud account.

Remediation / Resolution

To ensure that the automatic collection of server fingerprints is enabled in the Security Center settings, perform the following operations:

Configuring the Asset Fingerprints feature via Alibaba Cloud CLI (aliyun) is not currently supported.

Using Alibaba Cloud Console

01 Sign in to your Alibaba Cloud account.

02 Navigate to Security Center console available at https://yundun.console.aliyun.com/?p=sas#/overview/home.

03 In the top navigation bar, select the region where your servers reside (China or Outside China).

04 In the left navigation panel, under Assets, choose Host.

05 Select the Account tab and choose Settings to access the Asset Fingerprints feature settings.

06 Set the Middleware value to Collected once a day to configure the collection frequency required for the new automatic periodic collection task. Choose OK to apply the changes. Once the collection frequency is set, Security Center runs the new collection task based on the configured frequency, and synchronizes the gathered fingerprints to respective tabs corresponding to various fingerprint types, facilitating easy viewing.

07 If the Asset Fingerprints settings are not available, instead a Buy Now page is displayed, your current Security Center plan does not support the feature and you must upgrade your plan to Enterprise Edition or Ultimate. On the Select a product version panel, select the Basic Services tab, and choose the necessary plan for upgrade. On the selected plan page you can configure quotas, advanced features, or auto-renewal settings. Once all the necessary settings are configured, select Buy Now, agree to terms and conditions, and choose Pay to finish the payment and upgrade your Security Center plan.

References

Publication date Apr 30, 2024

Related AlibabaCloud-SLS rules