Blue Turtle provides the power and agility of the cloud to network security and compliance with a solution that orchestrates, validates and enforces against leading standards including PCI, FISMA and HIPAA.
We have partnered with Catbird Private Cloud Security to help you meet all you virtualisation needs, for automated protection that seamlessly integrates security into cloud operations by inserting controls into the virtual and software-defined network fabric delivering secure private clouds.
Catbird enables a secure and compliant virtual and private cloud infrastructure. This solution ensures IT can meet the full complement of auditor-required network security controls for virtualisation security with a set of features that encompass the following seven requirements common to all compliance standards:
- Auditing: Catbird captures a rich event stream from its broad offering of technical controls to confirm security posture, generate alerts and trigger workflow.
- Inventory Management: Catbird automatically detects VMs and then enforces security policy through immediate quarantine of any VM out of compliance.
- Access Control: Catbird ensures VMs are appropriately managed and isolated, irrespective of changes in VM or virtual network configuration.
- Configuration Management: Monitors network activity and enforces network configurations.
- Change Management: Monitors for changes that may compromise security and compliance posture. Provides manual and policy-based enforcement actions.
- Incident Response: Alerts for security policy violations and takes enforcement actions to mitigate and maintain compliance.
- Vulnerability Management: Provides network-based checks on the VM and hypervisor configuration, including credentialed checks against file formats.
Catbird features are built upon multi-function technical controls. Protection built on multifunction correlated controls will result in stronger security and compliance. For example, a firewall misconfiguration could be detected by IDS and the hypervisor, and then mitigated with IPS. Features are completely automated as is the orchestration of these controls at the TrustZone and VM level.
History has shown that disruptive technology can also bring complexity and risk. The best practice is to integrate with legacy controls, best-of-breed solutions and audit processes. Catbird and VMware are addressing these challenges by designing a security solution that addresses specific concerns around operational response, verification and compliance while making security as agile, aware and automated as other layers in the cloud stack.
The features of the Catbird Private Cloud Security are listed below:
Automated and Flexible Policy-Based on Best-of-Breed Solutions
Catbird will deliver policy-based security analytics, visualization and workflow to NSX. As one of the first to orchestrate VMware’s firewall, we understand third-party control policy instantiation, correlation and visualisation. By applying this knowledge to NSX security groups, policies, and tags, Catbird extends its policy management to include best-of- breed security products.
Controls Verification, Validation and Enforcement
The ability to provide controls verification, validation and enforcement is critical to bridging the gap between customers’ previous security investments and processes and new VMware NSX capabilities. Catbird provides a single pane of glass view with visualization and workflow of security controls and regulatory compliance posture.
Cross-Platform Policy Support
Enterprises demand consistent security and compliance across NSX and non-NSX platforms. As the first company to focus on delivering consistency across hypervisors and security vendors, Catbird will ease the transition for companies deploying NSX by unifying their network security tools and providing consistent policy, verified and enforced.
The Catbird Private Cloud Security solution offers the following benefits:
- Agile, automated security policy for visualisation and workflow based on best-of-breed controls.
- Policy-based controls validation and enforcement for operational response and regulatory compliance.
- Consistent security policy, which is verified and enforced across NSX and non-NSX platforms.