VMware vCNS Integration
Strengthening virtual security with VMware vCNS App Firewall
Catbird and VMware have collaborated for many years and have a strong technical partnership. One of the most significant instantiations of our work together is the integration of VMware vCloud® Networking and Security (vCNS) App Firewall (formerly vShield) with Catbird vSecurity.
As a multi-functional security solution, Catbird vSecurity offers firewalling amongst its broad range of controls. Indeed, one of the most important functions of security architecture is firewalling. When configured according to a strong security policy or compliance framework (e.g. PCI DSS 2.0), firewalling dramatically strengthens security posture. Catbird vSecurity integrates with and enhances the native stateful firewall technology on VMware, vCNS App per the diagram below.
The integration of vCNS with vSecurity brings powerful additional capabilities to the firewall. Via logical zoning implemented with Catbird TrustZones, the vCNS App firewall is audited, automated, and validated. TrustZones abstract complexity from the configuration process, allowing security architects to focus on the logical relationships between virtualized workloads. Once a trust model is implemented with TrustZones, the vCNS App firewall is automatically configured and constantly maintained as virtual machines move and change configurations.
Integration Highlights:
- vSecurity customers can set up and deploy VMware vCNS Security Groups to dynamically control network access between virtual machines in a virtual data center.
- Catbird’s vCompliance® engine now measures and monitors the application of VMware vCNS App controls to popular compliance standards including PCI, NIST, FISMA, DIACAP and HIPAA
- Catbird’s TrustZones™ policy enforcer includes full VMware vCNS controls to monitor and quarantine out of compliance assets, reducing the risk of security breach and data loss.
- Catbird customers can now leverage the firewall features of VMware vCNS App to automatically and dynamically segment the virtual switching fabric
vSecurity can manage multiple vCNS App firewall domains with a single policy framework based on TrustZones. As with all other technical security controls, vCNS App, when orchestrated through Catbird vSecurity, is monitored with vCompliance to measure compliance with the most popular compliance frameworks such as PCI, HIPAA or FISMA.
