Hello,
Symantec Data Center Security: Server Advanced (DCS:SA) is a flexible, multi-layer security solution for servers that detects abnormal system activities. It prevents and blocks viruses and worms, hacking attacks, and zero-day vulnerability attacks. DCS:SA also hardens systems, enforcing behavior-based security policies on clients and servers.
DCS:SA includes a management console, server components, and agent components that enforce policies on computers. The management server and management console run on Windows operating systems. The agent runs on Windows and UNIX operating systems.
DCS:S entitles customers to agentless anti-malware protection for VMware guest VMs, via integration with the VMware NSX platform, as well as monitoring and hardening VMware infrastructure. In addition, DCS:S orchestrates security using Operations Director. By using the intelligence of Operations Director, customers can provision a vApp/VM with the right security policies.
DCS:SA extends DCS:S and allows customers to monitor and protect physical and virtual data centers using a combination of host-based intrusion detection (HIDS), intrusion prevention (HIPS), and least privilege access control. Fully instrumented REST API provides corresponding API for all console actions to enable full internal and external Cloud automation.
What’s New in SDCS:S & SDCS:SA 6.5:
Added Features:
IDS (Intrusion Detection)
- Ability to monitor and harden OpenStack servers.
- Monitoring of extended file attributes and Access Control List (ACL) changes
- Real-Time File Integrity Monitoring (RT-FIM) support for Veritas File Systems (VxFS)
- Windows and Linux agent support on AWS Virtual systems
- Security-Enhanced Linux (SELinux)/AppArmor support
- Red Hat Enterprise Linux 7.0
IPS (Intrusion Prevention)
- Application Centric Hardening (database schema changes)
- Linux Apache MySQL PHP (LAMP) support on UNIX (new sandboxes for MySQL and PHP in Unix policy)
- Upgraded third-party components (OpenSSL, cURL, FIPSOPENSSL )
- Prevention policy now supports no run exception list
- Execution of files with non-executable extensions is blocked
- Red Hat Enterprise Linux 7.0 and CentOS 7 support
- ACL changes on Windows and UNIX
Unified Management Console (UMC) - UMC is a console appliance that is used to register and configure various features and products in Symantec™ Data Center Security (DCS).
Security orchestration using Operations Director (OD) - Security orchestration feature powered by Operations Director is intended to:
- Automate security provisioning workflow.
- Provide application-centric security service.
- Seamlessly integrate with VMware NSX.
- Provide out-of-box security product integration.
Additional Platform Support:
IDS and IPS support for SDCS:SA agents on
- Security-Enhanced Linux (SELinux)
- Red Hat Enterprise Linux 7
- OpenStack
Hypervisor Support
- Kernel-based Virtual Machine (KVM)
- Amazon Web Services (AWS)
Resolved Issues:
DCS:SA resolved issues
- Windows 2012 R2 agents used to display the OS version and type as Windows 2012 on the console.
- In case of a policy in prevention disabled state, if the prevention ON/OFF slider control is used for enabling an individual sandbox or a group of sandboxes, it overrides the disabled state in the global policy level.
- Policy used to take long time to load in a console when predefined applications are added in trusted updaters or in application rules.
- Management server upgrade used to fail with custom SQL named instance listening on custom port with SQL browser service OFF.
- In a specific scenario, CPU utilization of SQL Server was high when application data was fetched from agents.
- 'Superuser_Group_Created' event used to get generated when the user password was changed in a specific scenario.
- UNIX Baseline Detection Policy failed to apply on UNIX agents when Root Logon Failure option was not selected in the policy.
- In a specific scenario, translation used to fail when any IPS policy other than null policy was applied on the agent.
- Installation of the agent used to fail on Win XP embedded SP3.