Symantec Data Center Security

Offers comprehensive security coverage for all servers, whether they are physical machines in on-premises data centers or virtual workloads in private or public cloud environments.

Provides granular control over network traffic between individual workloads, reducing the attack surface by isolating applications and services.

Helps to reduce the risk associated with elevated administrative privileges by allowing administrators to perform tasks with the minimum necessary permissions.

Provides security controls that can mitigate vulnerabilities in systems, even if patches are not yet available or cannot be immediately applied, crucial for legacy systems.

Defends against previously unknown threats and exploits using advanced techniques, without relying solely on signature updates.

Integrates industry-leading Symantec anti-malware technologies, including signature-based detection, file reputation, and machine learning algorithms, to discover and remediate malicious software.

Allows only authorized applications to execute in production environments, effectively blocking unauthorized software and reducing the attack surface.

Provides host-based intrusion prevention system capabilities to monitor and block suspicious activity at a detailed level on servers.

Continuously monitors critical files and configurations for unauthorized changes, alerting administrators to potential tampering.

Delivers comprehensive security, visibility, compliance, hardening, and management for Docker containers without requiring an agent to be installed inside each container.

Specifically secures OpenStack deployments, including full hardening of the Keystone identity service module to protect authentication and authorization.

Extends protection to end-of-life (EOL) operating systems like Windows Server 2008 and other legacy Windows, Linux, and UNIX platforms that may no longer receive security updates.

Utilizes a policy-driven approach with host-based agents for monitoring and protection across diverse platforms (Windows, UNIX, Linux).

Employs a least privilege containment approach to proactively prevent attacks by restricting operating system and application behavior.

Protects and hardens heterogeneous virtual and physical server environments by restricting operating system behavior, locking down binaries, and securing configuration settings.

Provides granular control over inbound and outbound network traffic at the application or host level, limiting intruder presence and reducing the attack surface.

Performs real-time monitoring of critical file changes and identifies unauthorized configuration changes or system access, providing early visibility and response capabilities.

Offers a unified web-based management console for comprehensive control over the entire data center security environment, simplifying workflows and enhancing user experience.

The management infrastructure supports load balancing of container assets, enabling greater container management scalability.

Helps monitor and mitigate risks from inactive user accounts by tracking last login times and allowing for automatic disabling of users.

Allows administrators to prioritize and manage relevant objects within the console by applying custom tags, tailoring user management to organizational needs.

Provides Quick Filters and Custom Granular Filters for searching assets, alerts, and incidents based on specific criteria like timeframes, policies, and more, for better-informed reports.

Simplifies compliance processes by allowing for certificate viewing and downloading directly within the console's settings.

Specifically for virtualized environments (VMware), it delivers anti-malware protection and network IPS without needing agents on each guest VM, optimizing performance and host density.

Provides seamless orchestration of security policies through integration with VMware NSX and VMware vShield, automating security workflows in virtualized data centers.

Automatically deploys and provisions a single Security Virtual Appliance per ESX host, offloading security scanning and consolidating security functionality.

Utilizes Symantec's Insight reputation technology for files and URLs, enhancing the accuracy of malware detection.

Enables policies for isolating suspected malware files within guest VMs and managing their remediation.

Features a fully instrumented REST API for all console activities, enabling full internal and external cloud automation and integration into DevOps routines.

Offers capabilities for detecting intrusions on hosts through policy-based monitoring.

Secures workloads regardless of their underlying virtualization technology or platform.

Provides out-of-the-box recipes to automatically protect against critical vulnerabilities and unauthorized application configuration changes.

Continuously monitors the security and compliance posture of the data center infrastructure.

Includes out-of-the-box monitoring and hardening policies for common data center applications, simplifying initial deployment.

Reduces operational costs and simplifies management by organizing security policies around applications.

Supports smart card authentication for secure user access.

Allows integration with SNMP servers for sending alerts and traps.