Security for virtualized and cloud computing

Catbird announced vSecurity 5.0 that integrates directly with the hypervisor to provide automated control, visibility and efficiency.

Its vCompliance engine monitors and enforces virtualized data center compliance with PCI, FISMA, NIST, HIPAA and other standards for regulated industries looking to take advantage of virtualized infrastructure for their mission-critical computing.

“Virtualization has revolutionized all aspects of data center computing, including security. With Catbird’s vSecurity 5.0, our customers benefit from the economic and technical advantages of virtualization,” said Edmundo Costa, CEO of Catbird. “From the U.S. Department of Defense to some of the largest credit card processors in North America, vSecurity automates the security and compliance process, enabling broader and deeper use of virtualization and cloud computing. Catbird customers can virtualize more assets, virtualize more quickly and improve virtualization ROI.”

Catbird’s approach weaves together access control, intrusion detection, secure auditing and automated protection for virtual machines, virtual networks, hypervisor management and associated physical assets. vSecurity 5.0 incorporates features such as:

Event viewer – Orchestrates and displays data culled from a range of controls, including nprobe, firewall, NAC, IDS/IPS and other sources, to paint a detailed picture of what each control is detecting in real-time. A key tool of IT security and operations people alike, the event viewer provides detailed analysis of the security posture of each asset, as well as the inter-relationships between assets, to determine risks and vulnerabilities.

Compliance radar graph – A graphical gauge of a data center’s current compliance status against a particular standard that is automatically updated in real time, the compliance radar graph automates the validation of compliance while instantly alerting organizations to noncompliance.

Automated asset inventory – Automatic, accurate inventories of the IT environment to populate a comprehensive, reliable asset catalog for security monitoring and enforcement.

Network flow mapping – Network flows illustrate the communication paths between objects and groups of objects, providing a comprehensive view of protocols, connections, access lists, and more. Because the netflow mapping is integrated with Catbird’s automated inventory, organizations can more effectively regulate access controls and mitigate risks from suspicious communication.

Policy automation – Organizations can set policies and automatically administer and enforce those policies via vSecurity TrustZones, logical groupings of assets that share a pre-defined, common set of policy and compliance rules. In this way, IT teams can be assured of the compliance of their own virtualized data centers against 3rd party standards or their own corporate governance.

Support for syslog CEF, the Common Event Format, an open log management standard enabling Catbird vSecurity data to be collected and aggregated for analysis by the leading enterprise management systems, including ArcSight, Splunk, and RSA enVision.