Catbird announced a Virtual Infrastructure Security Assessment (VSA). Catbird’s VSA helps IT administrators identify and close the potential gaps in security and compliance created in the move from “P to V”. The 30-day assessment includes a thorough security analysis, detailed reports with actionable intelligence and a comprehensive plan to mitigate risk and protect critical virtual systems, networks, desktops and processes.

Catbird’s VSA combines traditional security assessment methodologies with virtual infrastructure telemetry gathered through Catbird’s stateless, non-invasive V-Agents to deliver robust scrutiny previously unachievable with existing mechanisms. The VSA identifies the scope and magnitude of the virtualization compliance gap through qualitative and quantitative analysis of the new architecture’s impact on change control, separation of duties, network visibility and segmentation, and secondary validation.

“While virtualization platforms are safe, it’s really easy to inadvertently bypass the traditional control mechanisms and best-practices common to all physical corporate data centers,” said Catbird CTO, Michael Berman. “Virtual machine deployment is as simple as a single click from a single person. Combine that with an ad-hoc approach to network segmentation and the inadequacies of physical security devices in the virtual world, and now you have potentially serious compliance and security holes. Catbird’s VSA is a one-stop, simple way to help IT administrators migrate the best practices of their physical infrastructure over to the virtual landscape. “

Catbird’s V-Security assessment starts by working closely with the client’s IT staff to establish a scope based on existing controls and best-practices on the physical infrastructure. Once the scope is defined, the team deploys Catbird’s V-Security  to passively monitor the networks and check specific assets identified in the scope of work. Integration is quick and easy, and the assessment can be up and running in as little as a day.

Catbird VSA clients receive their first report within 24 hours of setup. For the next four weeks, Catbird’s V-Security monitors and tests all network segments for gaps in security, integrity, management control, configuration and availability. Daily dashboard reports provide snapshots of the test results, which are then aggregated into a comprehensive report presented in an actions workshop by the assessment team. The final report identifies compliance and protection gaps, and contains explicit recommendations based on common best security practices to immediately correct each identified issue.

Key Health, a leader in providing financial and management solutions to healthcare facilities, medical providers and attorneys, deployed Catbird V-Security after completing the Catbird Virtual Security Assessment. “The financial and business flexibility of virtualization is great, but control and compliance are also non-negotiable,” noted Key Health CIO Martin Flom. “During testing of our virtual infrastructure in the lab, we observed both the risk of VM sprawl, as well as a potential gap in our HIPPA compliance. Catbird’s Virtual Security Assessment gave us an easy way to mitigate any compliance risks upfront and accelerate our move from the lab to production.”

Key Health was assisted by Catbird partner Network Engineering and Contracting, (NEACI). "VMware is a homerun when it comes to consolidation ratios, savings, business agility and green computing,” said NEACI CTO Stewart Alpert. ”But when it comes to production systems in environments operating under regulations such as HIPAA, FISMA, or GLBA, our customers are required to extend their existing network security policy to their virtual infrastructure. The only way I know how to do that today is Catbird V-Security”.

Catbird is a pioneer in the virtual security industry. Its V-Security suite is a comprehensive security and compliance solution for virtual and physical infrastructures. V-Security is a fully-automated Security-as-a-Service solution built upon a stateless architecture that is 100% plug-and-play for both physical and virtual environments. V-Security includes VMShield, a dedicated security solution designed to control and secure the virtual machine console, and HypervisorShield to guard against unauthorized hypervisor network access and attack. Via its IPS/IDS, Rogue VM monitoring, firewall and policy enforcement, Catbird is one-stop shopping for the most critical areas in virtual network security.