Symantec Data Center Security: Monitoring Edition provides out-of-the-box host intrusion detection policies across physical and virtual servers. It also extends security monitoring into Amazon Web Services (AWS) and all modules of the Openstack cloud. With Monitoring Edition, customers can monitor the file integrity and configuration, consolidate event logs, as well as employ whitelisting and application controls across its on-premises and off-premises data centers with a single tool.
Customers of Symantec Data Center Security: Monitoring Edition also have access to the functionalities available in Symantec Data Center Security: Server such as:
• Agentless antimalware
• Agentless network IPS
• Out-of-the-box integration with VMware
• Operations Director
• Security Monitoring across physical and virtual servers including:
– Real-time file integrity monitoring: Identify changes to files in real-time including who made the change and what change occurred
– Configuration Monitoring: Identify policy violations and suspicious activity in real-time
– Consolidated Event Logging: Consolidate and forward logs for long term retention, reporting, and forensic analysis
– File and System Tamper Prevention: Lock down configuration, settings, and files
– Dashboards: Easily identify any abnormal event activity and monitor your key performance indicators
• Security monitoring of OpenStack Data center infrastructure including:
– Configuration Changes: configuration files changes are monitored using real-time file integrity monitoring
– Keystone Program files: Python files of modules are monitored to avoid file tampering of important system services.
– Keystone Data: Changes to user account, role and tenant data are monitored closely to be aware of changes to identify data.
– Access monitoring: Monitor user access through web interface
• Security monitoring of AWS public and hybrid clouds (VPCs) including:
– Security configuration monitoring
– File integrity monitoring,
– Whitelisting with application control for on-premises and off-premises data centers,
– Security automation across the cloud environment via REST API.
• Features and capabilities available in Symantec™ Data Center Security: Server including:
– Agentless antimalware, agentless network IPS and file reputation services.
– Auto-deployment and provision of Security Virtual Appliance to ESX host in a cluster.
– Network based threat detection and protection (Network IPS).
– Operations Director to automate and orchestrate security provisioning for newly created workloads.
– Unified Management Console (UMC) delivers a consistent management experience across Data Center Security products.
• Single tool to effectively identify policy violations and suspicious activities at an application or instance-level, in real-time, across the physical and virtual servers, as well as across AWS and OpenStack clouds.
• Simplify monitoring and compliance reporting of the security and compliance posture of AWS and Openstack cloud deployments at the application- and instance-level.
• Detect and identify changes to files in real-time across physical and virtual servers, as well as across AWS and OpenStack clouds.
• Optimize network and application performance of guest and hosts via agentless antimalware and agentless network IPS.
• Increase operational effectiveness by providing a singleinstance security service per host that protects all virtual machines.
• Enable always-on security during new workload provisioning, thus reducing the security tax
• Monitor and protect physical and virtual data centers.
• Fully instrumented REST API provides corresponding API for all console actions to enable full internal and external Cloud automation.
• Simplify continuous monitoring and compliance reporting of hybrid data center infrastructures for cybersecurity and compliance.