The Industry’s First Distributed Security SystemBuilt for the Multi-Cloud World.
The vArmour DSS Distributed Security System was built from the ground-up to scale security across multi-cloud environments. Distributed sensors are connected by an intelligent fabric and managed as a single, logical entity – no individual agents or single-instance policies to manage. By moving security controls from the perimeter down next to each workload, vArmour provides deep, Layer 7 visibility and global policy management across physical, virtual, and cloud infrastructures.
vArmour DSS is a platform of integrated security services including software-based segmentation, application-aware monitoring, and cyber deception. The three primary components include: vArmour Fabric, vArmour Analytics and vArmour SharedDefense.
vArmour Fabric is connected together as one logical software system that deploys inline distributed sensors to perform deep packet inspection of all data center traffic, enforce application-layer security policies, and transparently route traffic to deception services. With fine-grained security controls next to each workload, vArmour micro-segments every communication within and between workloads on the same subnet, same VLAN, or same hypervisor. As traffic passes through the Fabric, it provides:
- Detailed Layer 7 metadata with customizable fields that feed vArmour Analytics as well as other third party visibility tools, such as SIEM, for contextual insight into all network, application, and user traffic
- A single point of security policy and deception management that controls every intra-application communication - no siloed hardware appliances to correlate and synchronize
- Distributed security processing that spins up additional sensors instantaneously to meet application demand, scaling out on-demand and minimizing the consumption of infrastructure resources
- Inline enforcement of application-layer security policies, to take swift action when malicious behaviors are detected
- Seamless integration of deception services to lure and identify attackers using an extremely small IT resource footprint
vArmour Analytics provides visualizations into all workload traffic collected by the Fabric. These traffic patterns are analyzed to detect and alert on potential threats. Analytics provide users with insights to inform policy changes based on unexpected application behaviors. These policies are implemented and enforced throughout the multi-cloud environment via the Fabric. Analytics provides:
- Continuous monitoring across networks, applications, workloads, and users for end-to-end visibility
- Out-of-the-box and custom trend visualizations to determine overall security posture
- Drill-downs into specific behaviors of workloads or users for further investigation
- Customizable dashboards that can be tailored to each Analytics user’s preferred view, from graphs to tables, to correlate a wide range of data (including source and destination IPs, application/workload details, and geo trends)
- Custom alerting for rapid investigation and response to compromised workloads
Multi-Cloud Security Architecture
vArmour DSS leads organizations on their path to building a multi-cloud security architecture. vArmour, with our ecosystem of partners, provides customers an API-based security system that operates effectively and efficiently in multi-cloud environments. Get started by watching vArmour CTO Marc Woolward as he outlines the pathway to multi-cloud security.