HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU



Similar documents
HP PCM Plus v4 Network Management Software Series

HP E-PCM Plus Network Management Software Series

QuickSpecs. HP PCM Plus v4 Network Management Software Series (Retired) Key features

HP PCM Plus v3 Network Management Software Series Overview

ProCurve Mobility Manager 1.0

HP S Intrusion Prevention System (IPS) Series

QuickSpecs. Models HP S Mbps IPS

HP Intelligent Management Center Enterprise Software. Platform. Key features. Data sheet

HP CloudSystem Enterprise

HP Identity Driven Manager Software Series Overview

Mitigating Information Security Risks of Virtualization Technologies

HP Intelligent Management Center Standard Software Platform

How To Manage A Network With An Ipc (Ipc) And Ipc V2 (Ipv) On An Ipa (Ipa) On A Network On An Hp Zl (Ips) And V2 On A Pc (

ProCurve Manager Plus 2.2

QuickSpecs. Models HP MSR Open Application Platform (OAP) with VMware vsphere MIM Module

QuickSpecs. HP Virtual Desktop Infrastructure with VMware View Overview

HP Private Cloud Solutions

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments

HP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

QuickSpecs. HP Virtual Desktop Infrastructure with VMware Overview

Managing storage in the virtual data center. A white paper on HP Storage Essentials support for VMware host virtualization

HP Intelligent Management Center Standard Software Platform

Network Access Control in Virtual Environments. Technical Note

HP Data Protector software Zero Downtime Backup and Instant Recovery. Data sheet

Secure Cloud-Ready Data Centers Juniper Networks

Table of contents. Matching server virtualization with advanced storage virtualization

simplify monitoring Environment Prerequisites for Installation Simplify Monitoring 11.4 (v11.4) Document Date: January

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

HP StorageWorks MPX200 Simplified Cost-Effective Virtualization Deployment

Effective End-to-End Cloud Security

HP Server Automation Standard

Installing and Configuring Windows Server 2012 (20410) H4D00S

HP Intelligent Management Center Enterprise Software Platform

What s New with VMware Virtual Infrastructure

QuickSpecs. Models. Features and benefits Application highlights. HP 7500 SSL VPN Module with 500-user License

Quick Start Guide for VMware and Windows 7

EMC Data Domain Management Center

HP Networking Mobility Security IDS/IPS Series

How to configure Failover Clustering for Hyper-V hosts on HP ProLiant c-class server blades with All-in-One SB600c storage blade

5 Best Practices to Protect Your Virtual Environment

HP Intelligent Management Center Basic WLAN Manager Software Platform

Meeting the Challenges of Virtualization Security

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Product Description. Product Overview

HP Virtualized Network Protection Service

Shavlik NetChk Protect 7.1

Secure Administration of Virtualization - A Checklist ofVRATECH

Aerohive Networks Inc. Free Bonjour Gateway FAQ

Integrated Data Protection for VMware infrastructure

Models HP IMC MPLS VPN Software Module with 50-node E-LTU

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

HP VMware ESXi 5.0 and Updates Getting Started Guide

Goliath Performance Monitor Prerequisites v11.6

PHD Virtual Backup for Hyper-V

VMware vcloud Networking and Security Overview

HP OpenView Service Desk Process Insight 2.10 software

Data Center Manager (DCM)

Why Choose VMware vsphere for Desktop Virtualization? WHITE PAPER

How To Make A Virtual Machine Aware Of A Network On A Physical Server

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

HP Converged Infrastructure Solutions

Integrating HP Insight Management WBEM (WMI) Providers for Windows with HP System Insight Manager

Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments

EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management

Radia Cloud. User Guide. For the Windows operating systems Software Version: Document Release Date: June 2014

Endpoint protection for physical and virtual desktops

Deploying and updating VMware vsphere 5.0 on HP ProLiant Servers

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

HP Application Security Center

HP and Mimosa Systems A system for archiving, recovery, and storage optimization white paper

Devising a Server Protection Strategy with Trend Micro

QuickSpecs. Models HP TippingPoint S8010F Next Generation Firewall Appliance

Drobo How-To Guide. Use a Drobo iscsi Array as a Target for Veeam Backups

HP ProCurve Identity Driven Manager 3.0

Customer Service Description Next Generation Network Firewall

1518 Best Practices in Virtualization & Cloud Security with Symantec

HP TippingPoint Security Management System User Guide

Devising a Server Protection Strategy with Trend Micro

Cloud and Data Center Security

Endpoint protection for physical and virtual desktops

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Migrating to ESXi: How To

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

Veeam Backup Enterprise Manager. Version 7.0

Remote PC Guide Series - Volume 1

Core Protection for Virtual Machines 1

Identify and control performance and capacity risks. Introduction... 2

About the VM-Series Firewall

Installing and Configuring Windows Server Module Overview 14/05/2013. Lesson 1: Planning Windows Server 2008 Installation.

Managing Microsoft Hyper-V Server 2008 R2 with HP Insight Management

Microsegmentation Using NSX Distributed Firewall: Getting Started

White Paper. Protect Your Virtual. Realizing the Benefits of Virtualization Without Sacrificing Security. Copyright 2012, Juniper Networks, Inc.

HP NonStop Software Essentials

HP Intelligent Management Center v7.1 Virtualization Monitor Administrator Guide

Netzwerkvirtualisierung? Aber mit Sicherheit!

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Transcription:

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Data sheet Product overview The HP TippingPoint Virtual Controller + Virtual Firewall (vcontroller+vfw) extends our leading intrusion prevention system (IPS) platform for data center security from the physical to the virtual data center by enforcing security policies in virtual machines (VMs) and mobile VMs. The vcontroller+vfw and Virtual Management Center are purpose-built software solutions designed to enable and enforce full data center firewall segmentation and IPS inspection between trust zones for physical hosts, VMs, and even mobile VMs. vcontroller+vfw intercepts all packets within the hypervisor, and then based on user-defined policies, permits traffic, blocks traffic, or tunnels packets to an HP TippingPoint N-Platform IPS for inspection. Key features Single solution for physical, virtual data center Purpose built for virtualization security Real-time visibility of entire virtual data center VMware certified, VMsafe compatible Security policies follow VMs

Features and benefits Technical features Consolidated data center security and management: the HP TippingPoint Secure Virtualization Framework is designed to provide IT personnel with a single, yet flexible solution for extending the HP TippingPoint IPS Platform with its outstanding threat protection into the virtualized data center; the solution includes two components: Virtual Controller + Virtual Firewall (vcontroller+vfw) and Virtual Management Center (vmc); both vmc server and client are included with vcontroller+vfw Purpose-built data center security solution: the HP TippingPoint vcontroller+vfw and vmc are purpose-built software solutions designed to enable and enforce full data center firewall segmentation and IPS inspection between trust zones for physical hosts, virtual machines (VMs), and even mobile VMs; vcontroller+fw intercepts all packets within the hypervisor, and then based on user-defined policies, tunnels packets to a HP TippingPoint N-Platform IPS for inspection Extending IPS platform into the virtual data center: vcontroller+vfw extends the HP TippingPoint industry-leading IPS platform and Digital Vaccine Labs (DVLabs) security research capabilities into the virtual data center; vcontroller+vfw enables organizations to apply IPS security policies to all traffic from physical hosts and virtual machines; this enables IT administrators to extend their existing security processes, methodologies, tools, and knowledge to secure their virtual infrastructure Leveraging previous HP TippingPoint IPS platform investments: with the vcontroller+vfw solution, customers gain the peace of mind of continuing to use already-proven IPS platform technology; further, units that have been purchased for physical data center protection and segmentation can easily be utilized with the vcontroller+vfw to also protect their virtual data center infrastructure; this makes virtual data center protection much simpler and cost-effective for IT administrators Protecting the entire data center attack surface: the vcontroller+vfw as a component of the HP TippingPoint Secure Virtualization Framework can be used to protect the entire data center attack surface; this includes protection of or inspection of network infrastructure; host servers; virtualization tools, including the hypervisor, operating systems, enterprise applications, and Web applications; virtual desktop infrastructure (VDI); and VM traffic, mobile VM traffic, and VM-to-VM traffic Maintaining security separation of duties: one difficulty imposed on IT by virtualization deployments is the inherent challenge in maintaining necessary separation of duties between networking, security, and other IT responsibilities; the vcontroller+vfw security solution is completely managed by vmc, which is integrated with the HP TippingPoint Security Management System (SMS), making it easy to keep security management functions contained and available only to IT security personnel Proactive security policy enforcement: automated policy enforcement across physical and virtual data center infrastructure virtually eliminates the need to respond to myriad alerts, or to clean up after cyber attacks have compromised network resources; IT security costs are reduced by eliminating ad hoc patching and alert response while simultaneously increasing IT productivity and profitability through the elimination of emergency patching and protection of critical applications Single set of security policies: extending the HP TippingPoint IPS platform solution with vcontroller+vfw in to the virtual data center means that IT security personnel can maintain and enforce security across the entire data center, including physical hosts, VMs, and mobile VMs with a single set of security policies; the integration of SMS and vmc gives IT personnel a single console for data center security policy management Dynamic security policy enforcement: vmc is used to automatically discover every VM in the data center and deploy vcontroller+vfw on each virtualized physical host; this helps ensure that appropriate security policies are dynamically applied to and enforced by vcontroller+vfw and the IPS platform for all deployed and discovered VMs 2

Security policies follow VMs: virtualization of data center infrastructure creates new challenges for security personnel due to the ease with which VMs can move from host to host and even data center to data center; vcontroller+vfw and vmc give IT the tools to easily maintain visibility into the location and state of every VM and to help ensure that the appropriate security policies are applied regardless of the VM state (on, off, or in motion) Virtual patching: DVLabs delivers IPS filters to guard entire vulnerabilities, not just known exploits; these filters block all the various exploits for a given software vulnerability, creating in essence a virtual patch ; in the virtual data center, this virtual patching capability covers possible patch management issues created due to VM rollbacks and or server/vm shutdowns; vcontroller+vfw and the IPS platform protect the data center against these possible patch management issues Creating simple vcontroller+vfw policies: the Virtual Management Center (vmc) makes creation of vcontroller+vfw policies simple; within vmc, IT personnel create simple routing policies based on defined services, trust zones, traffic direction, and associated action sets; these policies are then deployed to all vcontroller+vfws on every virtualized physical host, helping to ensure that all VM traffic can be appropriately segmented and/or inspected on a physical or virtual IPS platform Easy-to-create list of services: vmc makes it easy to create a list of services to be monitored within vcontroller+vfw policies; examples of services include DNS, DHCP, NFS, and HTTP; these services then become one of the key building blocks for vcontroller+vfw policies Easy-to-create list of trust zones: vmc makes it easy to create a list of data center trust zones; these zones allow IT to keep data centers segmented for security purposes; trust zones are typically groups of similar machines and VMs such as lines of business (e.g., HR, finance), or different physical data centers (e.g., Dallas DC, London DC), or even different VM administrators or IT departments; these trust zones then become one of the key building blocks for vcontroller+vfw policies Default VM policy creation: virtualization makes the creation and replication of VM environments extremely easy; one of the key benefits of virtualization and the HP TippingPoint vcontroller+vfw solution is that it is designed to give IT personnel the ability to create default vcontroller+vfw policies that are applied to all newly created or untrusted VMs or zones, helping to ensure that security policies are applied to the entire data center as appropriate Cloned VMs inherit parent policies: the replication of VM environments can be extremely easy and for this reason the HP TippingPoint vcontroller+vfw solution is designed so that all cloned VMs can automatically inherit the policies associated with the parent VM, helping to ensure that security policies are applied to the entire data center as appropriate VMware certified: both vcontroller+vfw and vmc are certified by VMware, providing proper interoperability and integration; both products are also certified on VMware vsphere 4 update 1 (ESX4 and ESXi4) VMware vcenter integration: the HP TippingPoint vmc is integrated with VMware s vcenter management console for virtual data center discovery and visibility VMware hypervisor integration via VMsafe API: the HP TippingPoint vcontroller+vfw is integrated with the VMware hypervisor through the VMsafe API; VMsafe is an API developed by VMware that allows technology partners such as HP to develop tightly integrated security functionality at the hypervisor level Autodiscovery of VMs: once installed, the vmc, through integration with VMware s vcenter, provides for autodiscovery of all VMs in the virtualized data center, making it easy for IT security personnel to verify that the full scope of virtualization in the data center is contained; this capability allows security personnel to maintain visibility into and awareness of the virtualized data center environment, and to dynamically maintain enforcement of proper security policies for all VMs Auto-Deployment of vcontroller+vfw: the vmc makes it extremely easy for IT security personnel to automatically deploy vcontroller+vfw to all virtualized physical hosts after VM discovery, giving security teams the confidence that the entire physical and virtual data center is protected by the appropriate security levels and that all data center trust zones are appropriately segmented 3

Visibility to control VM sprawl: vmc gives IT security personnel complete visibility of the virtualized data center, helping them control and secure the sprawl of VMs; virtualization makes it easy to create, copy, and roll back VMs, creating an environment where VMs can propagate without proper oversight and security controls; the vmc/vcontroller+vfw solution gives IT security personnel the tools to properly control and secure these previously uncontrolled environments PCI-DSS requirements: Payment Card Industry Data Security Standard (PCI-DSS) does not specifically outline requirements for virtualized infrastructure, but the underlying security tenets still apply; the HP TippingPoint vcontroller+vfw solution is designed to enforce security policies for Cardholder Data Environments (CDE) in both physical and virtualized environments; this is critical where VMs containing cardholder data reside on the same host as VMs containing other applications Preparation for future PCI-DSS virtualization requirements: the next version of PCI-DSS is likely to include requirements or at least security guidance for CDE in virtualized data centers; the HP TippingPoint vcontroller+vfw solution helps businesses to stay ahead of the PCI-DSS curve, accelerating and simplifying future PCI-DSS audits 4

HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU Specifications HP Virtual Controller and Virtual Firewall for VMware vsphere 1-proc SW LTU (JC560A) Minimum system hardware 640 MB RAM memory 1 GB storage Supported platforms VMware ESX/ESXi 4.0 Notes Services vcontroller solution requirements: HP TippingPoint IPS running TOS v3.1.1 or later Network devices that support VLANs vmc requirements: Operation within a virtual machine Network communication with the VMware vcenter servers and with the ESX/ESXi hosts Minimum system requirements: single CPU, 2 GB of RAM, and 2 GB of disk space Client minimum system requirements: Windows XP or later, single CPU, 1 GB of RAM, and 200 MB of disk space Refer to the HP website at www.hp.com/networking/services for details on the service-level descriptions and product numbers. For details about services and response times in your area, please contact your local HP sales office. 5

To learn more, visit www.hp.com/networking Copyright 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Windows XP is a U.S. registered trademark of Microsoft Corporation. 4AA3-1695ENW, Created September 2010; Updated November 2010, Rev. 1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information