Catbird V-Security : You Can t Protect What You Can t Detect

Size: px
Start display at page:

Download "Catbird V-Security : You Can t Protect What You Can t Detect"

Transcription

1 Catbird V-Security : You Can t Protect What You Can t Detect Tamar Newberger

2 What is a Catbird? Sitting high in the forest canopy, the catbird views all its surroundings from an unequalled vantage point, constantly monitoring for any threat. Dumetalla Carolinensis At Catbird we deliver network security everywhere Hundreds of customers

3 Catbird Awards and News One of 10 Companies to Watch in Tech Innovator Company of the Year Award Editors Choice Best Security Product of the Year 2008 SearchServerVirtualization.com's "Products of the Year Awards - Bronze Catbird Puts Security in Your Pocket Catbird extends security protections to the hypervisor layer in a virtual environment

4 Catbird In A Nutshell Security and Compliance for Virtual [and Physical!] Infrastructure Visibility Protection Compliance & Audit Control Segmentation Architecture (SOA and SAAS) Network Security Distributed Security Web Enabled & Managed Technology Hybrid Virtual Appliance (stateless) Network Security (agentless) Catbird Control Center

5 Virtualization Security: Protection Existing policies and practices stop at the host NAC, IDS/IPS, etc. do not operate beyond the virtual switch Physical Security only sees the interface Non-virtualized solutions do not see inside the Matrix Hypervisor and Virtual machines are open to attack by other virtual machines on the virtual network

6 Virtualization Security: Compliance and Audit VMware Virtual Console administrators have all the keys to the kingdom No enforcement of separation of duties No backup controls No change control Violation of industry best-practices Beware! Auditors waking up to this Say AAAUUDIT

7 Catbird V-Security V Architecture

8 Catbird Onsite Data Collector Catbird Update Service Catbird Control Center C2C Web Portal

9 Do I Get Fries With That? Services Interactive and Automated Discovery; Port and Vulnerability Scanning; Windows Policy Scans; Intrusion Detection and Prevention; Network Access Control; Manual Quarantine of any device; ESX and VirtualCenter Monitor; Virtual Switch TAP; More Distributed Security TLS VPN to Catbird Control Center; Appliance is Stateless; Appliance is not inline; Appliances may be meshed; Service updates centrally managed; Appliances may be local, remote or in-cloud Web Enabled Apache, AJAX, PHP, XML, SOAP, WSDL

10 Best Practice Documents VMware Best Practices DISA STIG Service Console Catbird Best Practices VMware Best Practice Catbird Virtual Appliance Technology If attackers gain access to the service console, they are free to reconfigure many attributes of the ESX Server host. For example, they could Configure NAC and IDP to restrict access to change the entire virtual switch configuration, authorized devices, protocols and applications Virtual Machines change authorization methods, and so forth. Configure SC and/or VDC monitors to validate Because the service console is the point of and report/alert for changes to configuration control for ESX Server, safeguarding it from VMware Best Practice Catbird Virtual Appliance Technology misuse is crucial. Secure Virtual Machines as You Would Secure Deploy and configure appliances Configure to enforce segmented network for service consoles, VDC and management traffic. Physical Machines Therefore, it is critical Isolate that the management SoD and dual network controls. This requires you employ the same security measures in configuring the VDC or SC monitors Configure for NAC all and ESX IDP to restrict access to authorized devices, protocols and applications virtual machines that you would for physical hosts and NAC for all sensitive virtual servers. Configure the networks. ESX firewall for maximum Configure IVM to perform a full port and security vulnerability scan for the ESX host interfaces In every virtual machine in your virtual Configure NAC to restrict access to authorized infrastructure, install antivirus agents, spyware Use VI Client Configure and VirtualCenter asset to groups administer and credentialed devices IVM filters, intrusion detection systems, and any the hosts Instead for all of virtual Service Console machines. Configure IDP to restrict access to authorized other security measures that you normally protocols and applications would install on a physical server. Configure IVM to monitor, alert and report on Make sure to keep all security measures up-todate, including applying appropriate patches. console It enabled services and changes to enabled Limit the services running in the service services Configure asset groups and credentialed Configure IDS or IVM is especially important to keep track of updates IPS templates to detect/block for all virtual machines. unauthorized services for dormant virtual machines that are powered off, because it could be easy to overlook ESX them. Server Host Configure IVM to monitor, alert and report on VMware enabled Best services Practice and changes to Catbird enabled Virtual Appliance Technology Disable unused services in the operating services Configure SC or VDC monitors to validate system Label virtual networks clearly virtual network configuration Configure IDS or IPS templates Configure to detect/block NAC to restrict access to authorized unauthorized services Configure the service console on a private port devices group Configure SC or VDC monitors Configure for all IDP ESX to restrict access to authorized Monitor the installation of VMware Tools. hosts protocols and applications Configure NAC to restrict access to authorized Use a dedicated, Configure isolated vswitch network for and VMotion port groups devices to segment and iscsi network traffic; configure service Configure console, IDP to restrict access to authorized vmkernel and vmotion traffic on protocols private and vswitch applications Do not use promiscuous mode on network Isolate virtual machine networks Required for agent to perform IDP interfaces Configure NAC with baselines to monitor and restrict access to authorized devices Protect against MAC address spoofing Configure NAC Enable IDP policies to prevent unauthorized use of networks Configure NAC devices approved for console Minimize the use of the VI console. access. Configure IDP to block unauthorized services.

11 Visibility See all virtual machines regardless of state See all virtual switch port groups/networks Three methods of automated device detection Monitor inter-vm traffic Scan complete network attack surface for ESX management and guest networks Dashboard, reports and alerts for events Automated reports Integration with ticketing systems

12 Control Device access to any vswitch, port group or VLAN Restrict traffic to service console Restrict traffic to VirtualCenter Device access to service console, VirtualCenter or storage networks Restrict traffic to public network Virtual network isolation Virtual machine isolation Restrict traffic to/from individual virtual machines Restrict traffic in/out TrustZones

13 Manage Secure virtual machine life-cycle Server and desktop sprawl Network services and defects Windows virtual machine policy Change Compliance VirtualCenter Administrator

14 Where To Begin? Comprehensive Assessment ISO Technical compliance Network security Vulnerability monitoring ITIL Change management Secure life-cycle Operations practices Data protection Network access control and auditing Performance and security monitoring Event management

15 Monitoring and Reports

16 Dashboard and Results Dashboard Results

17 Thank you Desperate to learn more? Tamar Newberger VP, Marketing Catbird

Dynamic Datacenter Security Solidex, November 2009

Dynamic Datacenter Security Solidex, November 2009 Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic

More information

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC Virtualization Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC jtannahi@rogers.com Session Overview Virtualization Concepts Virtualization Technologies Key Risk & Control Areas Audit Programs /

More information

Securing the Data Center against

Securing the Data Center against Securing the Data Center against vulnerabilities & Data Protection Agenda Virtual Virtualization Technology How Virtualization affects the Datacenter Security Keys to a Secure Virtualized Deployment and

More information

Real Security for Server Virtualization

Real Security for Server Virtualization Session D8 Real Security for Server Virtualization Wednesday, April 21, 2010 9:45 am Eric Schultze Independent Consultant eric@pureplaysecurity.com Key Points How to configure your virtual infrastructure

More information

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments

CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) Securing Virtual Environments CYBER SECURITY MALAYSIA AWARDS, CONFERENCE & EXHIBITION (CSM-ACE) 2010 October 25 29, 2010 Kuala Lumpur Convention Centre Securing Virtual Environments Raimund Genes CTO Trend Micro The Changing Datacenter

More information

Enterprise Guest Access

Enterprise Guest Access Data Sheet Published Date July 2015 Service Overview Whether large or small, companies have guests. Guests can be virtually anyone who conducts business with the company but is not an employee. Many of

More information

The threat landscape is constantly

The threat landscape is constantly A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions

More information

McAfee Cloud Workload Security Product Guide

McAfee Cloud Workload Security Product Guide Revision B McAfee Cloud Workload Security 5.1.0 Product Guide (McAfee epolicy Orchestrator) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection,

More information

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 SECURING THE NEXT GENERATION DATA CENTER Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 JUNIPER SECURITY LEADERSHIP Market Leadership Data Center with High-End

More information

Cisco Network Admission Control (NAC) Solution

Cisco Network Admission Control (NAC) Solution Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,

More information

Kaspersky Security for Virtualization Frequently Asked Questions

Kaspersky Security for Virtualization Frequently Asked Questions Kaspersky Security for Virtualization Frequently Asked Questions 1. What is Kaspersky Security for Virtualization, and how does it work with vshield technology? Kaspersky Security for Virtualization for

More information

Datacenter Security: Protection Beyond OS LifeCycle

Datacenter Security: Protection Beyond OS LifeCycle Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000

More information

Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition

Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition Securing the Virtualized Environment: Meeting a New Class of Challenges with Check Point Security Gateway Virtual Edition An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for Check Point

More information

1V0-642.exam.30q.

1V0-642.exam.30q. 1V0-642.exam.30q Number: 1V0-642 Passing Score: 800 Time Limit: 120 min 1V0-642 VMware Certified Associate 6 Network Visualization Fundamentals Exam Exam A QUESTION 1 Which is NOT a benefit of virtualized

More information

Product Description. Product Overview DATASHEET

Product Description. Product Overview DATASHEET DATASHEET VGW Gateway Product Overview Juniper Networks vgw Gateway is a comprehensive virtualization security solution that includes integrated stateful inspection firewalling, intrusion detection, compliance

More information

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder VMWARE SOLUTIONS AND THE DATACENTER Fredric Linder MORE THAN VSPHERE vsphere vcenter Core vcenter Operations Suite vcenter Operations Management Vmware Cloud vcloud Director Chargeback VMware IT Business

More information

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure 70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure Slide 1 Creating the Virtualization Infrastructure Slide 2 Introducing Microsoft System Center

More information

Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008

Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Securing your Virtualized Datacenter Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008 Agenda VMware Virtualization Technology How Virtualization Affects Datacenter Security Keys to

More information

Auditing Virtual Infrastructure: You can t protect what you can t detect

Auditing Virtual Infrastructure: You can t protect what you can t detect Auditing Virtual Infrastructure: You can t protect what you can t detect Michael Berman, CISSP, NSA-IAM CTO, Catbird August 8, 2008 Platforms 2 Virtualization will be everywhere Reduce hardware and operating

More information

W11 Hyper-V security. Jesper Krogh.

W11 Hyper-V security. Jesper Krogh. W11 Hyper-V security Jesper Krogh jesper_krogh@dell.com Jesper Krogh Speaker intro Senior Solution architect at Dell Responsible for Microsoft offerings and solutions within Denmark Specialities witin:

More information

Reference Architecture for Dell VIS Self-Service Creator and VMware vsphere 4

Reference Architecture for Dell VIS Self-Service Creator and VMware vsphere 4 Reference Architecture for Dell VIS Self-Service Creator and VMware vsphere 4 Solutions for Small & Medium Environments Virtualization Solutions Engineering Ryan Weldon and Tom Harrington THIS WHITE PAPER

More information

McAfee Public Cloud Server Security Suite

McAfee Public Cloud Server Security Suite McAfee Public Cloud Server Security Suite Comprehensive security for AWS and Azure cloud workloads As enterprises shift their data center strategy to include and often lead with public cloud server instances,

More information

Free Download BitDefender Client Security 1 Year 50 PCs softwares download ]

Free Download BitDefender Client Security 1 Year 50 PCs softwares download ] Free Download BitDefender Client Security 1 Year 50 PCs softwares download ] Description: The foundation of business security The security requirements for any new or existing company no matter how large

More information

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud Christopher Covert Principal Product Manager Enterprise Solutions Group Copyright 2016 Symantec Endpoint Protection Cloud THE PROMISE OF CLOUD COMPUTING We re all moving from challenges like these Large

More information

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012 SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD May 2012 THE ECONOMICS OF THE DATA CENTER Physical Server Installed Base (Millions) Logical Server Installed Base (Millions) Complexity and Operating

More information

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis Security Automation Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis Network Admission Control See Managed Unmanaged Computing

More information

ForeScout CounterACT. Configuration Guide. Version 1.1

ForeScout CounterACT. Configuration Guide. Version 1.1 ForeScout CounterACT Hybrid Cloud Module: VMware NSX Plugin Version 1.1 Table of Contents About VMware NSX Integration... 3 Use Cases... 3 Additional VMware Documentation... 3 About this Plugin... 3 Dependency

More information

Novell ZENworks Network Access Control

Novell ZENworks Network Access Control Brochure RESOURCE MANAGEMENT www.novell.com Novell ZENworks Network Access Control Novell and Your Strong Perimeter Fast pre-connect testing that does not interfere with the end user s logging on experience

More information

FIREFLY HOST. Product Description. Product Overview DATASHEET

FIREFLY HOST. Product Description. Product Overview DATASHEET DATASHEET FIREFLY HOST Product Overview Juniper Networks Firefly Host is a comprehensive virtualization security solution that includes integrated stateful inspection firewalling, intrusion detection,

More information

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance. Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do

More information

Internal Audit Report DATA CENTER LOGICAL SECURITY

Internal Audit Report DATA CENTER LOGICAL SECURITY Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory

More information

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric

More information

Cisco Identity Services Engine

Cisco Identity Services Engine Data Sheet Enterprise networks are more dynamic than ever before, servicing an increasing number of users, devices, and access methods. Along with increased access and device proliferation comes an increased

More information

Copyright 2011 Trend Micro Inc.

Copyright 2011 Trend Micro Inc. Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF

More information

White Paper. Comply to Connect with the ForeScout Platform

White Paper. Comply to Connect with the ForeScout Platform Comply to Connect with the ForeScout Platform ForeScout CounterACT can provide visibility, hygiene, mitigation and control across technical, management and operational assets in accordance with the U.S.

More information

Reviewer s guide. PureMessage for Windows/Exchange Product tour

Reviewer s guide. PureMessage for Windows/Exchange Product tour Reviewer s guide PureMessage for Windows/Exchange Product tour reviewer s guide: sophos nac advanced 2 welcome WELCOME Welcome to the reviewer s guide for NAC Advanced. The guide provides a review of the

More information

Unlocking the Power of the Cloud

Unlocking the Power of the Cloud TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.5.53 Manager-NS-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

SYMANTEC DATA CENTER SECURITY

SYMANTEC DATA CENTER SECURITY SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information

More information

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0 Product Guide Revision B McAfee Cloud Workload Security 5.0.0 COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee

More information

CS 356 Operating System Security. Fall 2013

CS 356 Operating System Security. Fall 2013 CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database

More information

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting

More information

Cloud Workload Discovery 4.5.1

Cloud Workload Discovery 4.5.1 Product Guide Cloud Workload Discovery 4.5.1 For use with McAfee epolicy Orchestrator COPYRIGHT 2017 Intel Corporation TRADEMARK ATTRIBUTIONS Intel and the Intel logo are registered trademarks of the Intel

More information

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client

More information

Securing Your Virtual World Harri Kaikkonen Channel Manager

Securing Your Virtual World Harri Kaikkonen Channel Manager Securing Your Virtual World Harri Kaikkonen Channel Manager Copyright 2009 Trend Micro Inc. Virtualisation On The Rise 16,000,000 Virtualized x86 shipments 14,000,000 12,000,000 10,000,000 8,000,000 6,000,000

More information

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Exam : Title : Security Solutions for Systems Engineers. Version : Demo Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized

More information

Shavlik Protect: Simplifying Patch, Threat, and Power Management Date: October 2013 Author: Mike Leone, ESG Lab Analyst

Shavlik Protect: Simplifying Patch, Threat, and Power Management Date: October 2013 Author: Mike Leone, ESG Lab Analyst ESG Lab Review Shavlik Protect: Simplifying Patch, Threat, and Power Management Date: October 2013 Author: Mike Leone, ESG Lab Analyst Abstract: This ESG Lab Review documents hands-on testing of Shavlik

More information

the SWIFT Customer Security

the SWIFT Customer Security TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This

More information

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of

More information

EMC Ionix IT Compliance Analyzer Application Edition

EMC Ionix IT Compliance Analyzer Application Edition DATA SHEET EMC Ionix IT Compliance Analyzer Application Edition Part of the Ionix Data Center Automation and Compliance Family Automatically validates application-related compliance with IT governance

More information

VMware ESX Server 3i. December 2007

VMware ESX Server 3i. December 2007 VMware ESX Server 3i December 2007 ESX Server 3i Exec Summary What is it? What does it do? What is unique? Who can use it? How do you use it? Next generation, thin hypervisor integrated in server hardware

More information

VMware vsphere Administration Training. Course Content

VMware vsphere Administration Training. Course Content VMware vsphere Administration Training Course Content Course Duration : 20 Days Class Duration : 3 hours per day (Including LAB Practical) Fast Track Course Duration : 10 Days Class Duration : 8 hours

More information

ForeScout Extended Module for Carbon Black

ForeScout Extended Module for Carbon Black ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent

More information

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2 Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.

More information

Quick Start Guide: TrafficWatch

Quick Start Guide: TrafficWatch Quick Start Guide: TrafficWatch Capture Type & Requirements 2 Overview 3 Downloading the RN50 virtual appliance 5 Deploying the RN50 virtual appliance 7 vsphere VSS Traffic Collection No VLANs (Promiscuous

More information

Secure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO

Secure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO Secure Esri Solutions in the AWS Cloud CJ Moses, AWS Deputy CISO Security in the cloud is a shared responsibility between AWS and the customer AWS Facilities Physical Security Physical Infrastructure Network

More information

VMware vsphere with ESX 6 and vcenter 6

VMware vsphere with ESX 6 and vcenter 6 VMware vsphere with ESX 6 and vcenter 6 Course VM-06 5 Days Instructor-led, Hands-on Course Description This class is a 5-day intense introduction to virtualization using VMware s immensely popular vsphere

More information

Administering VMware vsphere and vcenter 5

Administering VMware vsphere and vcenter 5 Administering VMware vsphere and vcenter 5 Course VM-05 5 Days Instructor-led, Hands-on Course Description This 5-day class will teach you how to master your VMware virtual environment. From installation,

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.3.39 Manager-M-series Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview Portnox CORE On-Premise Technology Introduction Portnox CORE provides a complete solution for Network Access Control (NAC) across wired, wireless, and virtual networks for enterprise managed, mobile and

More information

SoftLayer Security and Compliance:

SoftLayer Security and Compliance: SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers

More information

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our

More information

Enterasys. Design Guide. Network Access Control P/N

Enterasys. Design Guide. Network Access Control P/N Enterasys Network Access Control Design Guide P/N 9034385 Notice Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site

More information

Qualys Cloud Platform

Qualys Cloud Platform Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 Revision A McAfee Network Security Platform 8.3 (8.3.7.86-8.3.7.59 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolves issues Installation instructions Known

More information

Cracked BitDefender Client Security 2 Years 20 PCs lowest price software ]

Cracked BitDefender Client Security 2 Years 20 PCs lowest price software ] Cracked BitDefender Client Security 2 Years 20 PCs lowest price software ] Description: The foundation of business security The security requirements for any new or existing company no matter how large

More information

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology Behavior-Based IDS: Overview and Deployment Methodology Lancope 3155 Royal Drive, Building 100 Alpharetta, Georgia 30022 Phone: 770.225.6500 Fax: 770.225.6501 www.lancope.com techinfo@lancope.com Overview

More information

ITSM SERVICES. Delivering Technology Solutions With Passion

ITSM SERVICES. Delivering Technology Solutions With Passion ITSM SERVICES Delivering Technology Solutions With Passion 02 CONTENTS OVERVIEW CLIENTS SOLUTIONS WHAT WE DO PROFESSIONAL SERVICES Overview IT Pillars is a dynamic company, which has served, over the past

More information

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below

More information

epldt Web Builder Security March 2017

epldt Web Builder Security March 2017 epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication

More information

CLOUD WORKLOAD SECURITY

CLOUD WORKLOAD SECURITY SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly

More information

Table of Contents HOL-SDC-1415

Table of Contents HOL-SDC-1415 Table of Contents Lab Overview - - IT Outcomes Security Controls Native to Infrastructure. 2 Lab Guidance... 3 Module 1 - Policy-Based Compliance... 5 Introduction... 6 Manage vcenter Server Virtual Machines...

More information

Security Assessment Checklist

Security Assessment Checklist Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment

More information

Education Network Security

Education Network Security Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or

More information

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential

More information

Get BitDefender Client Security 2 Years 30 PCs software suite ]

Get BitDefender Client Security 2 Years 30 PCs software suite ] Get BitDefender Client Security 2 Years 30 PCs software suite ] Description: The foundation of business security The security requirements for any new or existing company no matter how large or small -

More information

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3 8.3.7.28-8.3.7.6 Manager-Virtual IPS Release Notes McAfee Network Security Platform 8.3 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known

More information

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Virtualization with VMware ESX and VirtualCenter SMB to Enterprise This class is an intense, five-day introduction to virtualization using VMware s immensely popular Virtual Infrastructure suite including

More information

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise

Virtualization with VMware ESX and VirtualCenter SMB to Enterprise Virtualization with VMware ESX and VirtualCenter SMB to Enterprise This class is an intense, four-day introduction to virtualization using VMware s immensely popular Virtual Infrastructure suite including

More information

VMware vsphere 6.0 / 6.5 Infrastructure Deployment Boot Camp

VMware vsphere 6.0 / 6.5 Infrastructure Deployment Boot Camp Title: Summary: Length: Overview: VMware vsphere 6.0 / 6.5 Infrastructure Deployment Boot Camp Class formats available: Live In-Classroom Training (LICT) Mixed class with Classroom and Online Instruction

More information

Security

Security Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from

More information

Networks with Cisco NAC Appliance primarily benefit from:

Networks with Cisco NAC Appliance primarily benefit from: Cisco NAC Appliance Cisco NAC Appliance (formerly Cisco Clean Access) is an easily deployed Network Admission Control (NAC) product that allows network administrators to authenticate, authorize, evaluate,

More information

Better Security with Virtual Machines

Better Security with Virtual Machines Better Security with Virtual Machines VMware Security Seminar Cambridge, 2006 Agenda VMware Evolution Virtual machine Server architecture Virtual infrastructure Looking forward VMware s security vision

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

Paperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201

Paperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201 Paperspace Security Primer & Architecture Overview Copyright 2017 Paperspace, Co. All Rights Reserved - 1 - Business Whitepaper Paperspace www.paperspace.com Paperspace Virtual Desktops: A foundation for

More information

Ensure Virtualization Security and Improve Business Productivity with Kaspersky

Ensure Virtualization Security and Improve Business Productivity with Kaspersky Ensure Virtualization Security and Improve Business Productivity with Kaspersky Kaspersky Security for Virtualization Agenda Virtualization Overview Kaspersky Virtualization Review New Virtualization Product

More information

CIS Controls Measures and Metrics for Version 7

CIS Controls Measures and Metrics for Version 7 Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update

More information

A comprehensive framework for securing virtualized data centers. Business white paper

A comprehensive framework for securing virtualized data centers. Business white paper A comprehensive framework for securing virtualized data centers Business white paper Contents Experiencing the virtualization wave...3 Addressing virtualization security challenges...3 Understanding security

More information

ForeScout Extended Module for Qualys VM

ForeScout Extended Module for Qualys VM ForeScout Extended Module for Qualys VM Version 1.2.1 Table of Contents About the Qualys VM Integration... 3 Additional Qualys VM Documentation... 3 About This Module... 3 Components... 4 Considerations...

More information

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access Klaudia Bakšová System Engineer Cisco Systems Cisco Clean Access Agenda 1. Securing Complexity 2. NAC Appliance Product Overview and In-Depth 3. NAC Appliance Technical Benefits The Challenge of Securing

More information

IBM BigFix Compliance

IBM BigFix Compliance IBM BigFix Compliance A single solution for managing endpoint security across the organization Highlights Ensure configuration compliance using thousands of out-of-the-box bestpractice policies with automated

More information

ForeScout Extended Module for Palo Alto Networks Next Generation Firewall

ForeScout Extended Module for Palo Alto Networks Next Generation Firewall ForeScout Extended Module for Palo Alto Networks Next Generation Firewall Version 1.2 Table of Contents About the Palo Alto Networks Next-Generation Firewall Integration... 4 Use Cases... 4 Roll-out Dynamic

More information

vshield Administration Guide

vshield Administration Guide vshield Manager 5.1 vshield App 5.1 vshield Edge 5.1 vshield Endpoint 5.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Huawei Agile Controller. Agile Controller 1

Huawei Agile Controller. Agile Controller 1 Huawei Agile Controller Agile Controller 1 Agile Controller 1 Product Overview Agile Controller is the latest user- and application-based network resource auto control system offered by Huawei. Following

More information

1 Data Center Requirements

1 Data Center Requirements 1 Data Center Requirements The following are MassDOT s standard Data Center requirements. 1.1 Data Center General Requirements 1.1.1 The CSC Operator shall furnish, or contract with a third-party provider

More information

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018 How-to Guide: Tenable.io for Microsoft Azure Last Updated: November 16, 2018 Table of Contents How-to Guide: Tenable.io for Microsoft Azure 1 Introduction 3 Auditing the Microsoft Azure Cloud Environment

More information

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2 Requirement Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence

More information

Security Architecture

Security Architecture Security Architecture RDX s top priority is to safeguard our customers sensitive information. Introduction RDX understands that our customers have turned over the keys to their sensitive data stores to

More information

Vmware VCP-310. VMware Certified Professional on VI3.

Vmware VCP-310. VMware Certified Professional on VI3. Vmware VCP-310 VMware Certified Professional on VI3 http://killexams.com/exam-detail/vcp-310 D. Only one VLAN can be specified in a port group. Answer: B, D Question: 423 What is a characteristic of a

More information