Catbird vSecurity®: Comprehensive Security and Compliance for Virtual and Cloud Data Centers

Catbird’s award-winning vSecurity is the industry’s only comprehensive security and compliance solution for virtualized data centers. Fully leveraging virtualization’s architectural elegance, Catbird vSecurity offers the broadest set of security controls for network infrastructure and most cost-effective security protection for virtual systems of all sizes.Learn more about why you need Virtualization Security.

The New Catbird Seat: Complete Coverage for Virtualized and Cloud-based Data Centers

vSecurity is built on industry standard, network-based, security technologies for the most comprehensive set of services protecting virtual, cloud and physical networks. Catbird does more than simply “virtualize” existing network security. Instead, vSecurity integrates the full complement of auditor-required network security controls with the hypervisor itself, correlating terabytes of data from all of the controls against information only available from virtual infrastructure APIs and slow-path introspection to deliver the most accurate, flexible and cost-effective security available to virtual, physical or hybrid data centers.

Catbird’s multi-function network security for virtualized infrastructure includes:

  • IPS/IDS
  • Network Access Control
  • Vulnerability Monitoring
  • Compliance Enforcement
  • Policy Management
  • Configuration Management
  • Access Control

Deploying multiple devices for each point solution is cumbersome and ineffective in the virtual world. Virtualization represents an opportunity to do security differently. Catbird vSecurity takes this approach, bringing nearly one-stop shopping for network security for virtualized data centers.

Catbird consists of the following elements:

vCompliance®

The multi-award winning vCompliance is the industry’s only virtualization security technology that offers automated mapping of security policies to industry-standards, best practices, and regulatory requirements with integrated workflow and reporting. vCompliance® is a real time system that enforces PCI, FISMA and COBIT among other important 3rd party standards. With predefined templates for easy configuration, ensuring virtual data center compliance with a standard of choice is as simple as a button-click.

Catbird vCompliance is comprehensive: it monitors and audits more controls required by the leading regulatory standards organizations and supports the widest array of common security frameworks. vCompliance includes default policies for SOX, HIPAA, DIACAP and PCI; each policy is built upon Catbird controls which map to the appropriate compliance framework.

 

VMshield®

Protects virtual machines by applying policies to protect individual assets, ensuring these policies follow virtual machines across the data center and monitors their activity. VMshield deploys advanced VM tracking capabilities and correlates hundreds of virtual machine attributes with in-depth monitoring of suspect activity on the network itself. VMShield applies specific IDS/IPS rules to detect and enforce protocol and port level controls to block malicious network activity directed at the specific asset from any source, logs activity pertaining to the specific asset and provides audit trails independent of virtual host logs

VMShield Features Include:

  • Real-time intelligent state and VM activity monitoring that detects off-policy changes
  • Intelligent packet filtering and deep packet inspection to detect suspect communication with VMs anywhere on the network or to ferret out contact with external risks such as malware and botnet command and control centers.
  • Automatic quarantine and virtual infrastructure controls to prevent rogue or misconfigured VMs from breaching data center security or leaking data to the Internet.
  • Policy audit and validation of guest VM configuration, including automated, continuous vulnerability monitoring and credentialed scanning
  • Network Access Control (NAC) monitoring and quarantine for unauthorized devices on guest virtual network(s)

 

TrustZones®

Catbird pioneered logical zoning in virtual infrastructure to deliver a level of automation and orchestration previously unseen in any type of data center. Defined as a logical group of assets that share a common security policy envelope, Catbird TrustZones ensure that security policies associated with a particular virtual machine are enforced and monitored. TrustZones can be used to segment the network. They can span multiple port groups within a switch, VLANs, multiple switches, multiple hosts and even multiple clusters–and still maintain the policy envelope through vmotion events. TrustZones automatically quarantine assets or zones that violate policy.

 

Hypervisor Shield®

Monitors and controls access to the hypervisor management network and other hypervisor management components, detects malicious network activity directed at the hypervisor from virtual machines and validates that the hypervisor network is configured according to best practices and site security policy.

 

Figure 1: Hypervisor & Management Network Exposed. Enforcement of security of the management network is essential. While many enterprises follow policy most fail to monitor and enforce it.

 

Figure 2: HypervisorShield Policy Enforcement. Catbird vSecurity can enforce controls to ensure that only authorized devices & traffic can gain access to the management network.

 

VMware Recommends Catbird for VDI

Download VMware Security Solution Architecture for VDI.

 

Awards

 

For more information

Please visit https://www.catbird.com/ or contact us by phone at 02-210-0969 , by email at info@throughwave.co.th