Architecture and Principle Introduction
UHIDS (UCloud Host-based Intrusion Detection System) is a server security product launched by UCloud Security Center. UHIDS is primarily composed of two parts: the UHIDS-Server and the UHIDS-Agent. By installing a lightweight Agent on the cloud host and linking it with the cloud-based UHIDS-Server through rule logs and event interactions, it provides real-time monitoring of the cloud host’s security to ensure its protection.
The server types supported by UHIDS include:
- CentOS
- Ubuntu
- Debian
- RedHat
- Open Suse
- Gentoo
- Rocky
By transmitting the relevant data of the server to the interface server in an encrypted manner, the interface server filters risk data and intrusion data into different clusters for analysis. The results of the analysis are stored in the database. All data in the database are integrated into a portal database for console page invocation. If user configured alert prompts, the data of alerts will be sent to the user in real-time through email or SMS.