Information Symantec

Symantec™ Data Center Security: Server &
Server Advanced

Maximum Protection for Virtual and Physical Servers

Data Sheet: Data Protection and Security Management

Solution Description Key capabilities include:

Symantec Data Center Security: Server & Server Advanced represent new Symantec Virtual Data Center Strategies
offerings providing security for servers in the data center.
• Agentless malware protection,
• Symantec Data Center Security: Server delivers agentless malware protection for powered by Symantec
VMware® infrastructures via a security virtual appliance, and enables security Insight™, for virtual servers in
policy orchestration and automated workflows for the software-defined data VMware infrastructures,
center (SDDC).
• Automated provisioning of
• Symantec Data Center Security: Server Advanced extends Symantec Data Center security virtual appliances to
Security: Server by incorporating technologies previously known as Critical System hosts, and orchestration of
Protection. Server Advanced provides granular, policy-based controls via a low security policies across the
impact in-guest agent to monitor and protect heterogeneous physical and virtual software defined data center
server environments.
• Automated security workflows
across collaborative
ecosystem of VMware Partners

Server Prevention Strategies

• Application-centric security

Overview of Symantec Data Center Security: Server & Server Advanced model: Transition from policy-
by-technology approach to
To secure physical and virtual servers, IT professionals have relied on traditional simplify server hardening
protection technologies such as antivirus. While these remain essential layers of • Protected application white
defense and hygiene, today’s threat landscape warrants augmenting with real-time listing: Pre-built application
and proactive security to provide sufficient protection for servers to address greater profiles enhance strict default
confidentiality, integrity, and availability requirements of each system. Without a way deny controls
to optimize security for each unique server—Web, file, application, or • Sandboxing and Process
database—organizations will continue to expose data centers to risk. Access Control: Apply

Make security responsive to SDDC architectures additional controls over a

Virtual data centers are highly elastic and the associated virtual machines are running process to protect
constantly in motion. To make sure that security controls function properly in this against new classes of threats

environment, Data Center Security: Server & Server Advanced leverage VMware NSX

platform extensibility with Service Composer integration to provide malware protections from the fabric of the infrastructure,

i.e. a single-instance security virtual appliance per host, which enforces security policy specific for each guest virtual server. As

that virtual machine moves across hosts, its security policy follows automatically.

1

Data Sheet: Data Protection and Security Management Server Prevention Strategies
Symantec™ Data Center Security: Server & Server Advanced
• Targeted prevention policies:
Stop zero-day exploits and targeted attacks against servers One-click prevention policy
that can be applied in a
Servers are frequently targeted by cybercriminals during the incursion, discovery, and breach scenario, or as a way to
capture phases of a data breach. The techniques used against servers today range move from monitoring to
from sophisticated penetration techniques to unintentional configuration mistakes by prevention
Admins. Data Center Security: Server Advanced allows organizations to harden
servers, sandbox applications, mitigate patching and vulnerability exploits, in addition • Host firewall: Control inbound
to controlling malicious insider abuse and system mis-configurations. By hardening and outbound network traffic
the data center, customers can stop further penetration and prevent the loss of to and from servers
sensitive information.
• File and system tamper
Mitigate patching for new and legacy operating systems prevention: Lock down
configuration, settings, and
Applying software patches to new and legacy operating systems improves security files
postures, but also causes system downtime. In addition, paying for extended support
for end of life operating systems can be costly and unsustainable. With Data Center • Application and device
Security: Server Advanced, the maintenance costs associated with legacy system control: Lock down
support can be reduced, and systems can be protected between patch cycles. By configuration settings, file
hardening the applications and operating systems of new and legacy systems, systems, and use of removable
customers can maximum security of data centers and maximize system availability. media

Gain real-time visibility into IT compliance posture • Compensating HIPS controls:
Restrict application and
To comply with external regulations such as PCI Data Security Standard 3.0 (PCI DSS) operating system behavior
and others, organizations must routinely monitor their environment for policy using policy-based least
violations and implement compensating controls. In a single solution, Data Center privilege access control
Security: Server Advanced enables customers to perform real-time monitoring,
consolidate event logs for reporting and analysis, while preventing further policy Server Detection Strategies
violations with granular policy-based controls thereby demonstrating compliance with
a centralized solution. • Real-time file integrity
monitoring: Identify changes
Provide comprehensive protection for VMware environments to files in real-time including
who made the change and
In a virtual environment, applications and operating systems are subject to the same what change occurred
cyber-attacks that are present in a physical environment. Additionally, risk at the
hypervisor and management server level warrants protection and monitoring. When • Configuration monitoring:
considering security in virtual environments it is important to select a technology that Identify policy violations and
will defend against external threats and insider risk across the virtual fabric without suspicious activity in real-time
compromising performance. Data Center Security: Server is optimized to protect and
monitor VMware vSphere 5.x. Leveraging out-of-the box policies based on the latest
vSphere hardening guidelines customers are able to completely protect their
environment at the management server, hypervisor, and guest.

2

Data Sheet: Data Protection and Security Management • Consolidated event logging:
Symantec™ Data Center Security: Server & Server Advanced Consolidate and forward logs
for long term retention,
More Information reporting, and forensic
Visit our website analysis
http://enterprise.symantec.com
Assessment & Compliance
To speak with a Product Specialist in the U.S.
Call toll-free 1 (800) 745 6054 • IT analytics (ITA) cube
integration: Leverage flexible
To speak with a Product Specialist outside the U.S. and enhanced dash boarding
For specific country offices and contact numbers, please visit our website. capabilities augmenting
existing reporting for
About Symantec increased visibility
Symantec protects the world’s information, and is a global leader in security, backup,
and availability solutions. Our innovative products and services protect people and • Symantec Control Compliance
information in any environment – from the smallest mobile device, to the enterprise Suite: Compatibility with
data center, to cloud-based systems. Our world-renowned expertise in protecting Symantec’s unified IT
data, identities, and interactions gives our customers confidence in a connected compliance solution
world. More information is available at www.symantec.com or by connecting with
Symantec at go.symantec.com/socialmedia.

Symantec World Headquarters
350 Ellis St.
Mountain View, CA 94043 USA
+1 (650) 527 8000
1 (800) 721 3934
www.symantec.com

Copyright © 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S.
and other countries. Other names may be trademarks of their respective owners.

21328888 03/14

3