Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

2/28/2012
09:54 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Symantec And VMware Partner To Deliver Extensive Protection For Virtual And Cloud Environments

Companies announce five new security integrations with the VMware cloud infrastructure suite

Click here for more articles.

SAN FRANCISCO, CA, Feb 28, 2012 (MARKETWIRE via COMTEX) -- RSA Conference 2012 - Symantec Corp. SYMC -0.11% and VMware VMW -0.18% today announced five new security integrations with the VMware cloud infrastructure suite, designed to deliver extensive protection for virtual and cloud environments along with operational cost savings. With new VMware integrations, Symantec enables joint customers to protect their virtual infrastructure and business-critical applications with data loss prevention, IT risk and compliance, data center protection, security information and event management (SIEM) and endpoint protection solutions -- delivering stronger security, scalability and cost reductions for rapid services delivery and enhanced business agility for the cloud.

Click to Tweet: Symantec and VMware Partner to Deliver Extensive Protection for Virtual Environments. http://bit.ly/yQ6dxH

"Companies today face an increasingly toxic threat landscape. True information protection is more than antivirus. With our new VMware integrations, we're enabling customers to proactively protect their information whether it's in a physical or virtual environment," said Francis deSouza, group president, enterprise products and services, Symantec. "Together, Symantec and VMware are taking protection to the next level to give companies confidence to fully embrace virtualization and realize the cost savings and efficiency it brings."

"The unique security concerns of the cloud extend well beyond malware protection," said Raghu Raghuram, senior vice president and general manager, Cloud Infrastructure and Management, VMware. "The integration of Symantec products with the VMware cloud infrastructure suite will offer fundamentally new security capabilities to accelerate the ability of customers to quickly and safely realize the benefits of cloud computing."

Symantec and VMware will continue to collaborate to ensure customers have both the security and compliance controls necessary for cloud deployments, both on- and off-premises. In addition to integration between Symantec endpoint security offerings with VMware vShield(TM) Endpoint expected to be available later in 2012, Symantec is introducing five new integrations with the VMware cloud infrastructure suite:

Orchestrated Data Loss Prevention Symantec Data Loss Prevention, available now, addresses the growing challenge organizations face in finding and protecting their intellectual property wherever it resides. Integration with VMware vShield App enables Symantec customers to more easily find and locate their most valuable information across their virtual environments. Symantec Data Loss Prevention makes it easier for customers to identify and remediate potential data loss in their virtual environments by automatically separating virtual machines that contain sensitive information from those that do not.

Reduced Compliance Deficiencies Across Converged Infrastructure

Symantec Control Compliance Suite, available now, uses centralized vulnerability and control assessments to provide seamless discovery of unknown or unauthorized virtual machines to reduce security risk in the physical and virtual infrastructure. Leveraging VMware-published security standards, Control Compliance Suite is also able to assess virtual settings to identify areas of risk and help prioritize remediation efforts. This helps prevent application failure or data corruption on virtual machines, while facilitating compliance with mandates such as PCI or HIPAA. In addition, Control Compliance Suite can ensure that the VMware process guidelines are being followed with procedural questionnaires while automatically reporting on configuration changes, patch levels and critical policy violations on VMware vSphere(R).

Protect Virtual Data Centers Against Advanced Threats Symantec Critical System Protection currently protects ESX(R) guest and hypervisors with granular, policy-based controls. Symantec plans to add support for VMware vSphere 5 in Spring 2012, leveraging out-of-the-box VMware-prescribed server security policies for ESXi and VMware vCenter(TM) that will enable organizations to identify server compliance violations and suspicious activity in real-time, limit administrative control, restrict network communications and prevent file and configuration tampering of the virtual infrastructure. Because Symantec Critical System Protection is a non-signature, policy-based technology it also allows organizations to stop unauthorized services from running on servers and protect against zero-day attacks, without impacting system performance.

Integrated Threat Intelligence Symantec Security Information Manager (SSIM), available in Summer 2012, will enable organizations to seamlessly identify and respond to security threats that impact business critical applications across both their physical and virtual infrastructures. Through integration with the VMware vShield log management collector, SSIM will correlate virtual machine activity with events from the physical environment as well as the Symantec's global intelligence network to give a holistic view of an organization's security posture. Customers will be able to perform malicious activity assessments for their entire environment -- physical and virtual -- gaining immediate insight into malicious activity and threats inside their virtual infrastructure.

Symantec's Managed Security Service (MSS) will also offer a VMware vShield log management collector to allow customers who prefer a cloud-based service delivery model to benefit from a seamless view of security threats across both their physical and virtual environments. The addition of the vShield log management collector to already broad array of devices and applications MSS monitors, will further extend MSS edge-to-endpoint visibility and when combined with global threat intelligence and 7x24 access to GIAC-certified Security Analysts will allow organizations to reduce exposure to threats and business disruption. The vShield log management collector is expected to be available in Summer 2012.

Optimized Endpoint Protection for High-density Virtual Environments

Symantec plans to leverage VMware vShield Endpoint with its endpoint security offerings to maximize performance in Virtual Desktop Infrastructure (VDI) and virtual server environments without sacrificing powerful security. Available in the second half of 2012, these solutions will offload critical security analysis from protected virtual machines to a dedicated security virtual appliance resulting in optimized scan performance, reduced resource utilization, and increased management visibility. Built upon Symantec Insight, these solutions will provide fast and effective endpoint security for VMware environments, offering unique protection against modern polymorphic malware, zero-day attacks and rootkits.

For More Information

-- Blog: Orchestration and Automation Enable Security in the Virtual Data Center -- SlideShare: Symantec and VMware Partner to Deliver Extensive Protection for Virtual and Cloud Environments -- Symantec Data Loss Prevention -- Symantec Control Compliance Suite -- Symantec Critical System Protection -- Symantec Security Information Manager -- Symantec's Managed Security Service -- Symantec Insight -- VMware Security and Compliance microsite -- VMware vShield

Connect with Symantec

-- Follow Symantec on Twitter -- Join Symantec on Facebook -- View Symantec's SlideShare Channel -- Subscribe to Symantec News RSS Feed -- Visit Symantec Connect Business Community

Connect with VMware

-- @VMware on Twitter -- Join VMware on Facebook

About Business Solutions from Symantec Symantec helps organizations secure and manage their information-driven world with endpoint security, messaging security.

About Symantec Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com .

About VMware VMware is the leader in virtualization and cloud infrastructure solutions that enable businesses to thrive in the Cloud Era. Customers rely on VMware to help them transform the way they build, deliver and consume Information Technology resources in a manner that is evolutionary and based on their specific needs. With 2011 revenues of $3.77 billion, VMware has more than 350,000 customers and 50,000 partners. The company is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com .

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Kelly Sheridan, Staff Editor, Dark Reading,  8/22/2019
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
Kelly Sheridan, Staff Editor, Dark Reading,  8/21/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-6154
PUBLISHED: 2019-08-23
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-5594
PUBLISHED: 2019-08-23
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-6695
PUBLISHED: 2019-08-23
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVE-2019-12400
PUBLISHED: 2019-08-23
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this im...
CVE-2019-15092
PUBLISHED: 2019-08-23
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.