Catbird pioneered virtualization security. Its flagship product, vSecurity® is the  only solution purpose-built for virtualized infrastructure that integrates a broad range of network security controls into a single virtual machine appliance and dashboard.  A long-time VMware partner, Catbird’s award winning software-defined security has been widely lauded by analysts and press, including garnering 4 Best of Show awards at VMworld and designation as a Gartner Cool Vendor.  By creating a  perfect inventory orchestrated with real-time data flow graphics, audit-ready reporting and automated regulatory compliance enforcement, Catbird vSecurity is altering the virtual landscape.


[tab: vSecurity Overview]

Catbird vSecurity addresses the unique challenges of virtualized infrastructure by integrating the most critical network security controls into a single multi-function appliance.  With vSecurity’s unparalleled   automated continuous compliance monitoring and policy enforcement, Catbird delivers SANS Top 20 coverage to virtualized data centers and a level of visibility and control within virtual networks that is unprecedented.

Easy-to-use and quick to deploy, vSecurity is less expensive, more accurate and more comprehensive than traditional security devices that cannot protect the security changes introduced by virtualizion.  By introducing security that is 100% software-based, Catbird recasts security as a scalable, adaptable and agile construct that directly mirrors the virtualization of compute, networking and storage.

vSecurity also provides unmatched compliance enforcement, with drop-down one-click menus to monitor and enforce the entire data center  against the most common regulatory compliance standards (e.g., PCI, HIPAA, FISMA, NIST and others).  Catbird’s auditor-friendly tools give regulators total visibility of all assets, real-time network flow mapping and graphic displays of up-to-the-minute compliance posture.

Catbird vSecurity is critical for Financial, Government, Healthcare and other regulated organizations to maximize protection and minimize the cost and time associated with preparing for audits.

vSecurity Supports IT Critical Business Needs

Continuous Monitoring and Enforcement

Protect the new software-defined network (SDN) with software-defined network security, including vulnerability monitoring, IDP, netflow, network segmentation and policy-based enforcement

Data Integrity

Provides accurate network, data flow and incident analysis at the click of a button.

Compliance and Audit

Meets or exceeds virtual security and regulatory compliance requirements with automated policy enforcement.

Operational Efficiency

Reduce scope of security administration and audit preparation with pre-configured policy templates and rich reporting graphics.

Cost Benefit

Reduce operational and audit costs while accelerating virtualization.

vSecurity Is the Only Product that Delivers:

  • Perfect inventory of virtual assets
  • Continuous monitoring and compliance enforcement
  • Automated policy enforcement via TrustZones TM logical segmentation
  • Real-time data flow graphics
  • Audit-ready reporting for regulatory standards, including PCI, HIPAA and FISMA

[tab:vSecurity Architecture]

Catbird vSecurity has two components. A virtual machine appliance is installed on the virtual switch monitoring the virtualized infrastructure for changes or anomalous conditions, and communicates the data back to a virtualized control center. Catbird groups assets into logical policy envelopes (referred to as TrustZones®) that automatically monitor and enforce the assigned policies.

Predefined policy templates are available for the most common regulatory compliance frameworks (such as PCI, HIPAA and FISMA), but templates can also be configured in compliance with an organization’s own corporate policies. As 100% software, vSecurity is decoupled from hardware and is flexible and automated, harnessing the power of virtualization.

Catbird vSecurityTrustZones attach to and move with the asset like a fingerprint, continuously monitoring  the integrity of the aset.  A VM that violates a policy is subject to enforcement options, including quarantine.

vSecurity also has robust auditing capabilities and compliance graphics. The integration of security controls enables the real-time discovery of assets and instant production of dataflow diagrams within the dashboard interface. Radar graphs deliver regulatory compliance visualization. Mitigation workflow is provided to correct control configurations and restore compliance.


Catbird’s pioneering technologies include:

TrustZones (logical zoning)

Decoupling policy monitoring from stateful appliances, elastic policy enforcement deliversa level of protection unseen in any type of data center


Offering the broadest set of automated compliance controls and measurements in the industry, configured for the most popular compliance frameworks including: PCI, HIPAA, FISMA, COBIT, DIACAP and others

vShield integration

Integrating with and enhancing VMware vCNS App Firewall (formerly vShield)

vSecurity Components:

Net Flow                                  

Visibility and control of network activity


Traffic monitoring across data center and between VMs

Vulnerability Scanning        

Detect vulnerabilities within assets

Network Access Control

Discovery of virtual assets for perfect inventory

Virtual Infrastructure Monitoring

Real-time policy monitoring, enforcement, quarantine


Improved use of VMware vCNS App Firewall (vShield)



  • […] are many tools that can help here with auditing including HyTrust, VMsafe, Catbird, and Reflex Systems, but not many currently help with the actual problem. For that we need better […]

  • […] Even VMware Fault Tolerance is not a new security concern, it has been around for years, but when it is used such as Marathon Neverfail and Tandem computers, the network connections were dedicated and very expensive links. So now we also have to worry about the commoditization of higher end technologies that had their own security concerns and existing solutions that entail isolation. This is a small part of a recent conversation I have with Michael Berman, CTO of Catbird. […]