Deep Security

Integrates new VMware vShield Endpoint APIs to provide agentless anti-malware protection for VMware virtual machines with zero in-guest footprint. Helps avoid security brown-outs commonly seen in full system scans and pattern updates. Also provides agent-based anti-malware to protect physical servers, Hyper-V and Xen-based virtual servers, public cloud servers as well as virtual desktops in local mode. Coordinates protection with both agentless and agent-based form factors to provide adaptive security to defend virtual servers as they move between the data center and public cloud.

Detects malicious and unexpected changes. Leverages an agentless configuration to add greater security to virtual machines without additional footprint. Also protects the hypervisor from exploits with the innovative new hypervisor integrity monitoring using Intel TPM/TXT technology. Event tagging and cloud-based whitelisting reduce the complexity of administrative operations. Also includes real-time, on-demand, or scheduled detection of change and provides auditable reports.

Helps achieve timely protection against known and zero-day attacks. Uses vulnerability rules shield a known vulnerability—for example those disclosed monthly by Microsoft—from an unlimited number of exploits. Offers out-of-the-box vulnerability protection for over 100 applications, including database, web, email and FTP servers. Automatically delivers rules that shield newly discovered vulnerabilities within hours, and can be pushed out to thousands of servers in minutes, without a system reboot.

Enables compliance with PCI Requirement 6.6 for the protection of web applications and the data that they process. Defends against SQL injections attacks, cross-site scripting attacks, and other web application vulnerabilities. Shields vulnerabilities until code fixes can be completed.

Increases visibility into, or control over, applications accessing the network. Identifies malicious software accessing the network and reduces the vulnerability exposure of your servers.

Centralizes management of server firewall policy using a bi-directional stateful firewall. Supports virtual machine zoning and prevents Denial of Service attacks. Provides broad coverage for all IP-based protocols and frame types as well as fine-grained filtering for ports and IP and MAC addresses.

Optimizes the identification of important security events buried in multiple log entries across the data center. Forwards suspicious events to a SIEM system or centralized logging server for correlation, reporting and archiving. Leverages and enhances open-source software available at OSSEC.

• NEW: Strengthens security without additional footprint through agentless integrity monitoring, intrusion prevention and anti-malware
• Frees staff from continually configuring, updating, and patching agents
• Protects virtual servers and virtual desktops as they move between data center and public cloud

• Allows greater machine consolidation in virtual environments with agentless configuration for anti-malware and other security
• Eliminates the cost of deploying multiple software clients with a centrally managed, multi-purpose agent or virtual appliance
• Provides vulnerability protection to prioritize secure coding and cost-effective implementation of unscheduled patching
• Reduces security management costs by automating repetitive and resource intensive security tasks

• Detects and removes malware from virtual servers in real time
• Shields known and unknown vulnerabilities in enterprise applications and operating systems
• NEW: Leverages one of the world’s largest domain-reputation databases to protect systems from accessing compromised websites

• Provides detailed, auditable reports that document prevented attacks and policy compliance status
• Reduces the preparation time and effort required to support audits
• Supports internal compliance initiatives to increase visibility

This virtual appliance provides agentless integrity monitoring, anti-malware, IDS/IPS, web application protection, application control, and firewall protection—coordinating with Deep Security Agent, if desired, for log inspection and defense in depth.

This small software component is deployed on the server or virtual machine being protected to help enforce security policies. Enables anti-malware, IDS/IPS, web application protection, application control, firewall, integrity monitoring, and log inspection.

This powerful management system has a centralized console for monitoring alerts and preventive actions taken in response to threats. The Manager can be configured to automate or distribute security updates to servers on demand. It also generates reports to gain visibility into activity and meet compliance requirements. Event Tagging functionality streamlines the management of high-volume events and enables workflow of incident response.