|
VirtualShield Features and Benefits
- Protects virtual servers regardless of physical location or patch-level
- Eliminates remote threats without blocking legitimate application requests or requiring server reboots
- Up-to-date protection with no configuration changes and no agent installation on the host operating system
- Delivers appropriate protection for specific applications without requiring any manual tuning
VirtualShield Dynamic Content ensures up-to-date virtual server protection without interruption to availability.
Dynamic Protocol Handlers
- Full context decoding within and across sessions for over 70 protocols
- Eliminates exploit-bypass situations and false-negatives
- Addresses IP-, TCP- and UDP-level evasion techniques such as IP fragmentation and TCP segmentation
Inline Patches
- Individual inline patches correlate one-to-one with the software vendor security patch
- Preserves application availability by emulating the corrective action of the vendor patch, rather than employing signatures that are subject to false-positives
- Vulnerability-specific, rather than attack-specific, so current and future attack variants and vectors are addressed in a single instance
Inline Application Policies
- Enforces good server hygiene by preventing prohibited activities and disabling services
- Provides remediation for a class of vulnerabilities that software patches do not address
The Core Platform provides the unique capabilities for VirtualShield to track virtual server inventory, monitor traffic within the hypervisor, and correct vulnerabilities on the fly with insignificant latency.
Session & Asset Manager
- Manages inventory of virtual servers, applications, ports and protocols
- Maintains full session context of all relevant server transactions
Inline Correction Engine
- Complete repository of callable functions common to inline patches
- Can modify traffic, such as truncating strings or converting Unicode to ASCII
- Enables Inline Patches to accurately emulate software patches
Transparent TCP/IP Transformer
- Provides the ability to modify data in midstream without disrupting server sessions
- Inserts transparently into ESX Server without impact to guest VMs
- High throughput and low latency, scaling proportionately with ESX Server resource controls
VirtualShield Feature and Benefit Summary
Purpose-built ESX Server 3 Plug-in
- Integrates seamlessly with the hypervisor
- No physical appliance placement needed or hardware assist required
Virtual Server Discovery
- Continually detects and catalogs applications, services and operating system versions to accurately account for all virtual servers, including those just loaded from a SAN or physically relocated by VMotion
- Eliminates configuration and tuning burden of traditional security solutions
End-point Awareness
- Complete server asset inventory is mapped to application-specific protection profiles
- Server-bound traffic is checked only within appropriate application protocols, ensuring precise detection and correction logic
- 100% accuracy—no false positives, no false negatives
Automated Provisioning
- Newly detected servers are automatically protected, ensuring a secure virtual environment regardless of unpatched vulnerabilities
- Reduces operational costs associated with physical patch management
Dynamically Loadable Content
- New inline patches, policies, and application coverage can be added to the core platform on the fly without restarting any service
Zero Footprint
- Up-to-date protection with no configuration changes and no agent installation on the host operating system
Zero Downtime
- Eliminates remote threats without blocking legitimate application requests or requiring server reboots
Zero Tuning
- Delivers appropriate protection for specific applications without requiring any manual tuning
|
|
