Anti-Ransomware for MSSP
The Security Center Anti-Ransomware for MSSP (Managed Security Service Provider) helps organizations address challenges such as limited security personnel, technical constraints in handling ransomware incidents, and the need for expert consultation. Our experts assist with pre-incident prevention, configure optimal anti-ransomware policies based on your business needs, and monitor your protection status. If a threat is detected, we provide timely response and support to deliver end-to-end protection against ransomware.
Billing
Anti-Ransomware for MSSP is priced at CNY 0.15 per GB per month. This service cannot be purchased independently. You must first enable the core anti-ransomware feature of Security Center.
Service scope
Anti-Ransomware for MSSP covers servers that have the Security Center client installed. The specific services provided are as follows:
Service item |
Delivery method |
SLA |
|
Anti-ransomware policy configuration |
Our experts help you design an anti-ransomware backup policy tailored to your business needs. |
Online configuration |
5×8 support on business days (09:30–12:00 and 13:00–18:30, UTC+8). |
Anti-ransomware consultation |
Consult our security experts on any anti-ransomware topics, including product usage, policy adjustments, and optimization. |
One-on-one DingTalk group support |
5×8 support on business days (09:30–12:00 and 13:00–18:30, UTC+8) with a response within 30 minutes. |
Anti-ransomware backup status monitoring |
We continuously monitor the status of your backup tasks. If an anomaly occurs, we will notify you and help you resolve the issue. |
Online monitoring |
5×8 online monitoring on business days (09:30–12:00 and 13:00–18:30, UTC+8). You will be contacted within 30 minutes if an anomaly is detected on a business day. |
Ransomware incident emergency response |
If a ransomware attack occurs, we provide immediate support after you contact us to help you restore your systems and data. |
Online recovery |
5×8 support for remote recovery on business days (09:30–12:00 and 13:00–18:30, UTC+8), with 7×24 emergency phone support for backup restoration. |
Before you begin
Ensure your servers are healthy when you enable Anti-Ransomware for MSSP. If a server is already compromised by ransomware, you must purchase the emergency response service for assistance. Click here to purchase the emergency response service.
After you enable the service, you must grant permissions on the Security Center console by authorizing the
AliyunServiceRoleForAntiRansomwareMsspandAliyunServiceRoleForSasservice-linked roles. Alternatively, you can scan any of the DingTalk QR codes below to contact a managed service expert for assistance.Managed Service Expert: Lian Xusheng
Managed Service Expert: Xiao Min
Managed Service Expert: Mao Ji
You are responsible for any losses resulting from a ransomware attack if you fail to grant the required permissions or cooperate with our service team.
After your purchase, we will proactively contact you to confirm your protection policy requirements. If we cannot reach you, we will be unable to create a custom policy. We will also notify you of any service anomalies. If we are unable to contact you or do not receive a timely response, our service may be disrupted, and you will be responsible for any resulting losses from a ransomware attack.
Purchase Anti-Ransomware for MSSP
Anti-Ransomware for MSSP cannot be purchased separately and must be bundled with anti-ransomware backup capacity. You can purchase the service when you buy a new Security Center instance or upgrade an existing one:
Anti-Ransomware for MSSP will no longer be available for new purchases after November 30, 2025. Only existing customers can renew their subscriptions. If your service is discontinued due to a missed renewal, you will be considered a new customer and will be unable to purchase or renew the service.
New purchase:
Go to the Security Center Purchase Page and log on with your Alibaba Cloud account.
After selecting your desired Security Center edition and other features, select your Anti-ransomware capacity, set Managed Anti-ransomware to Yes, and click Create Service-linked Role.
For more information about purchase parameters, see Purchase Security Center.
Click Buy Now and complete the payment.
Upgrade:
Log on to the Security Center console.
In the left-side navigation pane, choose . In the upper-left corner of the console, select the region where your assets are located: Chinese Mainland or Outside Chinese Mainland.
If you have not granted the required permissions, on the Anti-ransomware page, click Authorize Now to allow the anti-ransomware feature to access other cloud services.
If you have already granted permissions, skip this step. This authorization automatically creates the
AliyunServiceRoleForSasandAliyunServiceRoleForAntiRansomwareMsspservice-linked roles. For more information, see Security Center service-linked roles.Click Buy Now. On the purchase page, select your anti-ransomware capacity, set Anti-ransomware for MSSP to Yes, and click Create service-linked role.
Click Buy Now and complete the payment.
Anti-Ransomware for MSSP is designed to provide comprehensive support, including creating data backup policies, offering expert anti-ransomware consultation, and delivering emergency response. Purchasing the service is only the first step. After your purchase, you must actively engage with our service team to activate and use these services. To take full advantage of Anti-Ransomware for MSSP, we recommend you continue to the next section and follow the instructions.
Use Anti-Ransomware for MSSP
Log on to the Security Center console.
In the left-side navigation pane, choose . In the upper-left corner of the console, select the region where your assets are located: Chinese Mainland or Outside Chinese Mainland.
If you have not granted the required permissions, on the Anti-ransomware page, click Authorize Now to grant the permissions required for the anti-ransomware feature to access other cloud services.
If you have already granted permissions, skip this step. For more information about the service-linked roles you must authorize, see Security Center service-linked roles.
On the Anti-ransomware page, in the Managed Anti-ransomware dialog box, scan the QR code with DingTalk to contact a managed service expert.
After you contact a managed service expert, the expert will invite you to join an exclusive DingTalk service group. If a dialog box does not appear on the console, you can click Managed Anti-ransomware Purchased to open the Managed Anti-ransomware dialog box.
In the Managed Anti-ransomware dialog box, choose one of the following options: Protect All Servers Now, Specify Protection Scope, or Do Not Remind Me Again.
Protect All Servers Now: If you select this option, Security Center automatically creates a full protection policy in batches for all servers with the Security Center client installed. There is a 10-minute interval between the creation of each batch.
This option is available only if your Alibaba Cloud account meets both of the following conditions:
At least one server under your Alibaba Cloud account has an online Security Center client.
No anti-ransomware policies are configured for your Alibaba Cloud account.
Specify Protection Scope: If you select this option, the panel for creating an anti-ransomware policy for servers opens. You can consult with a managed service expert for configuration advice and create a custom policy based on your business requirements.
Anomaly notifications
To ensure your anti-ransomware measures remain effective, Security Center notifies you of issues such as insufficient backup capacity or other backup failures. You will receive alerts based on your configured notification settings on the console. Additionally, our managed service experts will report any anomalies in your dedicated DingTalk group.
Closely monitor messages in the DingTalk group and ensure your notification settings are configured correctly to avoid missing critical alerts. For more information about notification settings, see Notification settings.
Stop the service
If you no longer need Anti-Ransomware for MSSP, you can stop it and receive a prorated refund. After the service is stopped, the dedicated DingTalk service group is disbanded. Your existing backup policies are not affected. To stop the service, perform the following steps:
Log on to the Security Center console.
In the left-side navigation pane, choose . In the upper-left corner of the console, select the region where your assets are located: Chinese Mainland or Outside Chinese Mainland.
On the Anti-ransomware page, click Managed Anti-ransomware Purchased.
In the Managed Anti-ransomware dialog box, click Stop Service.
On the Order Downgrade page, set Managed Anti-ransomware to No.
Click Order Now.
Related documents
If you do not purchase Anti-Ransomware for MSSP, you are responsible for monitoring the status of anti-ransomware tasks. For more information, see Anti-Ransomware Daily Operations Guide.