Virtualization security beyond the firewall
Catbird announced the release of VMShield 2.0 with V-Tracker. VMShield 2.0 leapfrogs legacy virtual firewall technology to enforce compliance and policy of both network and VM state, regardless of location or movement of VMs.
Catbird’s encyclopedic Virtual Infrastructure Security Engine correlates hundreds of machine attributes with access control, network segmentation, vulnerability and IDP security events for both virtual and physical machines, across multiple clusters and data centers, to deliver broad asset awareness and defense-in-depth. Moreover, VMShield’s internal or external cloud-based platform with stateless monitoring enables unprecedented visibility and control to track virtual machines across clusters and detect and thwart potential security and policy violations before they escalate to a breach.
Catbird V-Tracker uniquely fingerprints each VM it tracks, even through virtual machine mobility. In combination with Catbird’s TrustZone policy enforcer, these machines stay monitored and protected via the Catbird Control Center, validating and enforcing policies for all VMs within a given TrustZone. Catbird’s automated quarantine mechanism instantly shuts down non-compliant virtual machines.
VMShield 2.0 delivers a highly-correlated approach to virtualization security, a key capability for TrustZoneTM enforcement and data protection. At its heart is the Catbird VISE, enabling intelligence and protection not possible with simple virtual firewall technology and which goes well beyond simple segmentation and ACLs, including:
- Real-time intelligent state and VM activity monitoring that detects off-policy changes from both VMware-specific controls and network sources based on user-defined policies.
- Intelligent packet filtering and deep packet inspection to detect suspect communication with VMs anywhere on the network or to ferret out contact with external risks such as malware and botnet command and control centers.
- Automatic quarantine and virtual infrastructure controls to prevent rogue or misconfigured VMs from breaching data center security or leaking data to the Internet.
VMShield 2.0 with V-Tracker utilizes hypervisor APIs to be VM aware and is also designed for compatibility with Citrix Xenserver and Microsoft Hyper-V. VMShield 2.0 leverages Catbird’s fully SOA and cloud-based stateless architecture and is 100% plug-and-play, web-enabled, and architected to have minimal impact on the virtual environment itself.