vSecurity Policy

Technical and security control templates

The Control Center utilizes Policy to define how the technical control components are orchestrated at both TrustZone-level and individual VM-level.

• Policy templates Monitoring and enforcement options are defined for each TrustZone via predefined templates and are configurable. These templates can be based on standard compliance frameworks, such as PCI, or configured in compliance with an organization’s own corporate policies.
• Network security controls Security monitoring and enforcement actions are automatically pushed to VMAs. Connections to VMAs are managed to assure successful execution of security tasks via a FIPS-validated encrypted channel.
• Orchestration Policies and events are correlated to the VM hypervisor ID. Due to the dynamic nature of virtual and cloud systems, IP and MAC can no longer be relied upon for consistent application of network controls in a virtual context. Catbird ensures unique ID’s are associated with virtualized assets for reliable tracking and monitoring.

The policies that configure the Control Components such as firewall or Intrusion Prevention System (IPS) are configured on the logical TrustZones. When information assets or virtual machines (VMs) are added to the TrustZones, either manually or via automated methods, all of the technical controls are configured according to those policies for those assets. This completely automates the configuration of multiple Control Components.