Basically, Catbird does for the virtual data center what it did "back in the day" for physical data centers. It provides compliance monitoring at just about any level one needs. It does that by putting sensors inside the virtual infrastructure. It has taken all of the security tools one is used to in the physical - access controls, such as NAC and firewall, vulnerability management, incident response (IDS/IPS), configuration management, change management and auditing - and put them in the virtual. They are deployed so that all of the things these tools are intended to watch in the physical they also watch in the virtual.
They create what they call TrustZones (remember that old concept of security policy zones?). In our view, it's about time we dusted off some of these important concepts and deployed them in the virtual. They work, but they are not trivial to implement. Catbird has taken all of that into consideration, though. They have the deployment down to a science, and that lets them provide a solid - and believable - compliance platform.
One of the things we really liked about Catbird is its user interface. It is slick, simple and very well thought-out. For example, their compliance maps are intuitive and carry a lot of important bottom-line information that one can decipher at a glance. Want more? There are details just below the compliance map to fill in the details. One gets one of these for any policy or regulation addressed.
Finally, Catbird addresses remediation through a closed-loop compliance reporting structure. "See it, fix it, test" is either fix it again or close the issue. You don't need to wonder if the problem was addressed.
At a glance
Product: vSecurity 5.0
Price: $1,995 per socket
What it does: Provides the same types and levels of security for a virtual data center as we have seen for decades in the physical data center.
What we liked: The right answer to securing a virtual data center.