VMware Compliance Center

Compliance to PCI DSS, SOX, HIPAA, and other regulatory standards requires separation of data into highly trusted and less trusted zones via a firewall. As the physical network in the data center becomes virtualized inside ESX servers, a virtual firewall is required to implement compliance. Altor Networks makes the first purpose-built virtual firewall - a software security appliance that runs in a virtualized environment and enforces security policy on a per virtual machine basis to address compliance requirements for firewalls in virtualized environments.

The Centrify Suite addresses an organization's need to secure the data center no matter what hybrid state it is in along the path from physical to virtual by giving IT security managers a single point of administration for all their heterogeneous systems and applications, including VMware ESX Server, VMA, and vStudio. By enabling administrators to secure the hypervisor platform and guest operating systems using the same Active Directory-based tools and skill sets already in place, Centrify is enabling organizations to embrace virtualization through a cost-effective solution that actually helps them simplify their environment while strengthening security and streamlining processes.

Check Point VPN-1 VE (Virtual Edition) is a security gateway that is pre-packaged and pre-configured for fast and easy deployment on VMware ESX or ESXi servers. VPN-1 VE provides best-in-class security with firewall, VPN, IPS, as well as full UTM capabilities including anti-virus, anti-spam, url filtering and web security, within the virtualized environment to secure virtual machines of any kind from external threats as well as from each other. Where separation of servers and data is required for compliance, VPN-1 VE protects segregated applications and information from one another without the use of physical security appliances, while enabling users to report on their regulatory compliance posture, with dedicated Compliance Reports that are mapped to relevant requirements within the PCI, SOX, HIPAA, COBIT, and ISO 17799 regulations and standards.

Configuresoft’s Enterprise Configuration Manager (ECM) for Virtualization solution provides VMware customers a central console to view the security posture of their virtual environments and ensure compliance with various regulations and industry standards including PCI DSS, Sarbanes-Oxley, GLBA, HIPAA, Center for Internet Security (CIS) benchmarks for VMware ESX server, and VMware hardening guidelines to name a few. Configuresoft’s ECM for Virtualization helps IT to automate their common IT tasks and achieve a more efficient IT operational state.

HyTrust™ offers IT managers and administrators of virtual infrastructure a centralized, single point of control for hypervisor configuration, compliance, and access management. HyTrust Appliance addresses four key areas of concern, which are critical for virtualization infrastructure that’s subject to compliance: access control to the host, separation of administrator duties, log collection, and configuration assessment/remediation. By combining best practices, processes, and controls of physical infrastructure security into a comprehensive solution for virtual infrastructure, HyTrust enables virtual infrastructure to achieve the same level of operational readiness as that of existing physical infrastructure.

LogLogic is the leader in log management, compliance management and security management solutions designed to improve accountability and lower costs for organizations of all sizes. LogLogic's unique open log management platform enables customers to collect, search and store 100 percent of IT log data for a comprehensive fingerprint of past and current activity across any organization. Powered by the industryís leading open log management platform, LogLogic's business applications correlate user activities and event data in real-time for a unique integrated approach to security event management, database security management and compliance management with industry and government regulations. LogLogic has developed a package of searches, reports and alerts to analyze logs from virtual environments running on VMWare ESX platform. The package contains a set of reports, real-time alerts and saved search queries, useful for security, compliance and operations in VMWare -powered virtual environment and is free to LogLogic customers on open.loglogic.com.

Reflex, VMworld2008 Best of Show winner, is the industry leader in virtualization management and security. Reflex Virtualization Management Center (VMC) is purpose-built and designed to help organizations address unique virtualization challenges, such as monitoring the dynamic environment, maintaining secure configuration, cross-functional management, and regulatory compliance while capitalizing on the virtualization investment. Reflex VMC provides a comprehensive solution that combines key management features with the necessary enforcement and change management controls for customers to visualize, monitor and enforce policies across the virtual infrastructure and to meet compliance regulations including those mandated by Payment Card Industry (PCI).

Symantec Endpoint Protection 11.0 combines Symantec AntiVirus with advanced threat prevention to deliver unmatched defense against malware for laptops, desktops and servers. It seamlessly integrates essential security technologies in a single agent and management console, increasing protection and helping lower total cost of ownership.

Third Brigade best-of-breed host intrusion defense systems protect critical data and applications—including those on virtual machines—from attacks that bypass or penetrate network defenses, and target vulnerabilities in operating systems, and enterprise and web applications. Third Brigade Deep Security brings proven network defense mechanisms to individual virtual machines to help enable compliance with 6 of the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS) as well as other standards. A best-of-breed intrusion defense system for virtual environments, Third Brigade Deep Security enables isolation of systems processing cardholder data and prevents attacks designed to compromise systems and obtain cardholder data.

Tripwire Enterprise 7.5V is the industry’s most comprehensive purpose-built configuration compliance solution for VMware Infrastructure 3. With full VC integration, auto-discovery of all VI objects, it enables proactive configuration assessment and validation against out-of-the box policies such as PCI, SOX, COBIT, FISMA, FDCC, CIS, VMware Infrastructure 3 Security Hardening guide, the DISA STIG for ESX, and easily-created custom policies and internal ‘golden’ configuration standards. Users can quickly achieve and continuously maintain a known, trusted state and easily provide ample proof of compliance to even the most exacting auditor, across the entire VMware virtual infrastructure.

VMinformer is a unique dedicated security, compliance and audit assessment tool for your virtual infrastructure. Using Policy Templates based on our own security research, CIS Benchmarks, DISA ESX STIG and VMware's own security hardening guides you are able to rapidly audit your virtual environment against security and compliance benchmarks. A comprehensive dashboard provides you with a snapshot of your entire Virtual Infrastructure, covering your VC, ESX hosts and Virtual Machines. Full reporting and remediation is provided within the tool and the reports can easily be used for auditing requirements such as PCI and SOX