VMShield® 2.0 is Proactive Data Protection for Virtual Environments
Catbird leapfrogs legacy virtual firewall technology for comprehensive virtualization security
We cool cats at Catbird knew the world was ready for something new. Virtualization, which has the power to actually transform security, was being hamstrung by legacy ideas and legacy technology. It was time for a game-changer: VMShield 2.0.
VMShield 2.0 takes virtualization security beyond simple firewalls, ACLs and basic network segmentation:
- VMShield 2.0’s Virtual Infrastructure Security Engine (VISE™) correlates hundreds of machine attributes along with many hundreds of network events to visualize the big picture–and deliver comprehensive defense-in-depth.
- VMShield’s V-Tracker uniquely fingerprints each VM it tracks, even through virtual machine mobility, across hosts, clusters, data centers and vendor platforms.
- Catbird’sTrustZones automatically enforces policy across all virtual machine assets, regardless of location, virtual and physical.
VMShield 2.0 will automatically block out of policy or compromised VMs from breaching data center security.
Combining the proven virtual machine tracking capabilities of V-Tracker with in-depth monitoring of suspect activity on the network itself, including vulnerability and IDP events, correlated with data on the virtual machine state, VMShield 2.0 has encyclopedia-like visibility into the security posture of the entire virtual data center and can instantly take action when violations risk escalating to a breach.
VMShield 2.0 uses Catbird’s virtual Network Access Control (NAC) to keep those out-of-control VMs in check: Only NAC that resides inside the virtual network itself is capable of taking action across the entire virtual data center, both virtual and physical.
- Protects VMs from network attack
- Protects the guest virtual network from unauthorized access–and automatically blocks unauthorized virtual machines
- Ensures compliance with established security policies for VMs
- Validates secure configuration of guest systems and services
- Prevents VMware server sprawl
VMShield Features Include:
- Real-time intelligent state and VM activity monitoring that detects off-policy changes
- Intelligent packet filtering and deep packet inspection to detect suspect communication with VMs anywhere on the network or to ferret out contact with external risks such as malware and botnet command and control centers.
- Automatic quarantine and virtual infrastructure controls to prevent rogue or misconfigured VMs from breaching data center security or leaking data to the Internet.
- Policy audit and validation of guest VM configuration, including automated, continuous vulnerability monitoring and credentialed scanning
- Network Access Control (NAC) monitoring and quarantine for unauthorized devices on guest virtual network(s)