Abstract: With the acceleration of enterprise cloud migration, the security risks caused by unreasonable cloud service configuration and non-compliance are increasing day by day. If you don't pay attention to it and make timely diagnosis and treatment, it will bring huge security risks to the enterprise cloud business.
This article is shared from the Huawei Cloud Community " Cloud Small Lesson丨Security Lesson 11 SA Baseline Check: A Comprehensive "Physical Examination" for Cloud Services ", author: cloud security talent.
With the acceleration of the process of enterprises going to the cloud, the security risks caused by unreasonable cloud service configuration and non-compliance are increasing day by day. If you don't pay attention to it and make timely diagnosis and treatment, it will bring huge security risks to the enterprise cloud business.
Recently, the cloud service baseline check function of HUAWEI CLOUD SA has been fully upgraded. It supports the detection of security configurations such as identity authentication, access control, log auditing, etc. of cloud services (such as IAM, OBS, ELB, etc.), and can conduct a comprehensive "physical examination" of cloud services to understand the location and risks of cloud service risk configuration at the first time Number, and provide the test results, and provide reinforcement suggestions and help guidance for the existing risk configuration. Help users eliminate security risks in advance and ensure the security of business on the cloud.
Cloud service baseline inspection refers to the detection of key configuration items of the cloud service, by performing scanning tasks, checking the risk status of the baseline configuration, and disposing of the configuration with hidden security risks. Just like the health check necessary for the human body, the cloud service baseline check is a key link for enterprises to go to the cloud.
So, how to start a comprehensive "physical examination" of risks on the cloud? How to judge whether the cloud service configuration is compliant? How to deal with unreasonable configuration?
Next, follow the steps of the small class, three steps to teach you to discover cloud service risk configuration items through the HUAWEI CLOUD baseline check, and respond to the check results to easily meet security compliance~~~
Before using SA, you need to buy SA here
Step 1: Set up the inspection plan
The default inspection schedule is to inspect every 3 days, every time from 00:00 to 06:00. If you do not use the default plan, you can customize the inspection plan according to business needs.
On the "Baseline Inspection" page, click "Set Inspection Plan" in the upper right corner of the page to enter the inspection plan setting page.
Click "Create Plan" and the New Inspection Plan page will pop up on the right side of the system.
On the new inspection plan page that pops up, configure the inspection plan and click OK.
SA will perform a cloud service baseline scan at a specified time, and the scan results can be viewed in the "baseline check".
Step 2: Implement the inspection plan
After the inspection plan is set, the system will perform inspections according to the designated inspection time. At the same time, it also supports the immediate implementation of the inspection plan.
Check all inspection specifications immediately
SA can immediately execute the configured inspection specifications according to the inspection specifications you set.
The "Check Now" task can only be executed once within 10 minutes.
1. On the "Baseline Check" page, click "Check Now" in the upper right corner of the page.
2. Refresh the page and check the "Last Check Time" to confirm whether it is the latest scan result.
Execute an inspection plan immediately
SA can immediately execute an inspection plan you set manually. After configuration, the system will immediately execute the selected baseline inspection plan.
The manual immediate execution of the "periodical automatic inspection plan" can only be executed once within 10 minutes.
1. In the left navigation bar, select "Settings> Detection Settings" to enter the detection settings page.
2. Click "Check Now" above the column of the inspection plan to be manually checked immediately.
The system will immediately execute the selected baseline inspection plan.
Step 3: View inspection results
View an overview of inspection results
After the inspection plan is executed, wait a while, and you can view the summary data of the baseline inspection results detected in the current area on the baseline inspection page.
Table 1 Summary of inspection results
View "inspection specification" details
- On the "Baseline Inspection" page, the "Inspection Specification" list page is entered by default.
The inspection specification page will display all baseline inspection specifications, including information such as inspection items, inspection status, risk resources, description, and the last inspection time.
- Click "View Details" to jump to the details page of the corresponding check item.
The baseline inspection provides the ability to query the details of the risk item inspection. After the inspection action is performed on a certain inspection item, the inspection status, time, risk level, description, and inspection process are clear at a glance, and support to view the name of the resource covered by the inspection item, Type, inspection result, etc. The overall information and details of the cloud service baseline check are all at a glance.
View "Check Resources" details
- On the "Baseline Check" page, select the "Check Resources" tab.
The inspection resources aggregate the results of all risk resources in a list form, and sort them according to the risk level. The high-quality display shows the cloud resources with a large number of risks and high risk levels, so that you can view the details and make timely response and disposal according to the guidance and suggestions.
- Click "View Details" to jump to the details page of the corresponding resource.
For a certain check resource, the list details of all check items under the resource are presented. You can check the status of the risk check comprehensively based on the aggregate check items, and then do the corresponding check or detailed view operation.
View "Check Results" details
- On the "Baseline Check" page, select the "Check Results" tab.
- Click "View Details" to jump to the check result details page of the corresponding check item.
You can view the inspection status, latest inspection time, inspection method, risk level, inspection description and inspection process of the inspection item, as well as related materials to provide you with guidance and suggestions for response and disposal, and you can also view the resources covered by this inspection item Aggregated details such as name, resource type, etc. can be checked for a certain resource.
Face up to the "sickness" caused by non-compliant and unreasonable configuration on the cloud, and timely investigate hidden dangers through the cloud service baseline check "safety check", prevent problems before they occur, and treat them at the root. Escort!
For more about the functions of SA, here to learn more about 16172688126a01~~
Click to follow and learn about Huawei Cloud's fresh technology for the first time~
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。