Industry’s First Distributed Security SystemBuilt for the Multi-Cloud World.
vArmour DSS Distributed Security System was built from the ground-up to scale security across multi-cloud environments. Distributed sensors are connected by an intelligent fabric and managed as a single, logical entity – no individual agents or single-instance policies to manage. By moving security controls from the perimeter down next to each workload, vArmour provides deep, Layer 7 visibility and global policy management across private and public cloud infrastructures.
vArmour Distributed Security System
Extensible architecture provides scalable security across private and public cloud infrastructure
Contextual visibility and control of application traffic from Layer 2 to Layer 7
Micro-segment every workload to prevent and stop unwanted behaviors with inline policies
vArmour DSS is a distributed, software-driven security solution that consists of three primary components: vArmour Fabric, vArmour SharedDefense, and vArmour Analytics.
vArmour Fabric is connected together as one logical software system that deploys inline distributed sensors to perform deep packet inspection of all data center traffic, enforce application-layer security policies, and transparently route traffic to deception services. With fine-grained security controls next to each workload, vArmour micro-segments every communication within and between workloads on the same subnet, same VLAN, or same hypervisor. As traffic passes through the Fabric, it provides:
- Detailed Layer 7 metadata with customizable fields that feed vArmour Analytics as well as other third party visibility tools, such as SIEM, for contextual insight into all network, application, and user traffic
- A single point of security policy and deception management that controls every intra-application communication - no siloed hardware appliances to correlate and synchronize
- Distributed security processing that spins up additional sensors instantaneously to meet application demand, scaling out on-demand and minimizing the consumption of infrastructure resources
- Inline enforcement of application-layer security policies, to take swift action when malicious behaviors are detected
- Seamless integration of deception services to lure and identify attackers using an extremely small IT resource footprint
vArmour Analytics provides visualizations into all workload traffic collected by the Fabric. These traffic patterns are analyzed to detect and alert on potential threats. Analytics provide users with insights to inform policy changes based on unexpected application behaviors. These policies are implemented and enforced throughout the multi-cloud environment via the Fabric. Analytics provides:
- Continuous monitoring across networks, applications, workloads, and users for end-to-end visibility
- Out-of-the-box and custom trend visualizations to determine overall security posture
- Drill-downs into specific behaviors of workloads or users for further investigation
- Customizable dashboards that can be tailored to each Analytics user’s preferred view, from graphs to tables, to correlate a wide range of data (including source and destination IPs, application/workload details, and geo trends)
- Custom alerting for rapid investigation and response to compromised workloads
Key Design Principles for Distributed Security
vArmour DSS was designed for the modern data center that is software-driven and built on a range of infrastructures. vArmour DSS architecture leverages these key design principles for today’s multi-clouds.
|extensible||Security is automated, provisioned, and orchestrated through APIs to fit easily into existing cloud architectures.|
|Scalable||Security scales horizontally, expanding elastically based on demand.|
|independent||Security protects every workload independent of the underlying infrastructure.|
|actionable||Security enforces business policies, detects advanced attackers, and then takes swift action.|
Multi-Cloud Security Architecture
vArmour DSS leads organizations on their path to building a multi-cloud security architecture. vArmour, with our ecosystem of partners, provides customers an API-based security system that operates effectively and efficiently in multi-cloud environments.