Call a Specialist Today! 833-335-0426

Symantec Critical System Protection
Maximum protection for physical and virtual data centers.

 

Due to Broadcom acquisition of Symantec, orders may be delayed. Please contact us for details.


Symantec Products
Symantec Critical System Protection Client Edition 5.2 Standard License
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-A: Price Per User for quantities 1-24.
#13540608
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-B: Price Per User for quantities 25-49. Quantity must be 25 or Greater.
#13540610
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-C: Price Per User for quantities 50-99. Quantity must be 50 or Greater.
#13540612
Get a Quote!

Click here to jump to more pricing!

Overview:

Leading organizations leverage Symantec Critical System Protection to secure their physical and virtual data centers. Delivering host-based intrusion detection (HIDS) and intrusion prevention (HIPS), Symantec provides a proven and comprehensive solution for server security. Achieve complete protection for VMware vSphere, stop zero-day and targeted attacks, and gain real-time visibility and control into compliance with Symantec Critical System Protection.

To secure physical and virtual data centers, IT professionals have relied on traditional protection technologies such as antivirus and whitelisting. These technologies, while important layers of defense on a laptop or desktop, do not sufficiently protect a server due to in-depth confidentiality, integrity, and availability requirements of each system. Without a way to customize the security for each unique server—Web, file, application, or database—organizations will continue to expose data centers.

Symantec™ Critical System Protection allows organizations to monitor and protect physical and virtual data centers using granular, policy-based controls. Through a combination of host-based intrusion detection (HIDS), intrusion prevention (HIPS), and least privilege access control, organizations can proactively safeguard heterogeneous server environments and the information they contain.

Unlike other technologies, Symantec’s granular policy-based controls provide complete protection for VMware vSphere™, protect against zero-day and targeted attacks, and real-time control and visibility into compliance.

Features & Benefits:

New Features

With the latest release of Symantec Critical System Protection, 5.2.9 MP3, a deeper integration with VMware and ease-of-use enhancements, enables organization to easily protect against risks targeted at virtualized environments. Some of the new features include:

Protect and Monitor VMware vSphere: Leverage out-of-the-box policies based on the latest vSphere hardening guidelines, to protect the virtual environment – at the management server, hypervisor and guest. Symantec Critical System Protection is widely scalable with a single management server and console supporting thousands of server agents. In 5.2.9, a single agent can monitor multiple ESXi hypervisors in the virtualized data center.

Updated Management User Interface: Get faster and easy access to the right information. Reduce administrative time and effort across server environments with a simplified UI, including powerful search capabilities and simplified policy management.

Integration with Active Directory: Integrate into your Active Directory service to simplify user authentication to Critical System Protection. You can now log on to the console using your enterprise credentials as well as leverage AD security groups within the Critical System Protection policies.

Memory Control: Combat advanced memory attacks, like reflective DLL injection to address vulnerabilities in older Windows 32-bit platforms.

Expanded Platform Support (New in MP3): Extend support to Windows Server Core 2008/2012, Windows Embedded POSReady7, SUSE Linux Enterprise Server 11 SP3 (32-bit and 64-bit). See Symantec Critical System Protection Platform and Feature Matrix for details.

Key Features

  • File Integrity Monitoring: Identify changes to files in real-time, including who made the change and what changed within the file.
  • Configuration Monitoring: Identify policy violations, suspicious administrators or intruder activity in real-time.
  • Targeted Prevention Policy: Respond to server incursion or compromise immediately with quickly customizable hardening policies.
  • Granular Intrusion Prevention Policies: Protect against zero day threats and restrict the behavior of approved applications even after they are allowed to run with least privilege access controls.
  • File, system and admin lock down: Harden virtual and physical servers to maximize system uptime and avoid ongoing support costs for legacy operating systems.
  • Broad Physical Platform Support: Monitor and protect Windows and non-Windows based platforms including Solaris, Linux, AIX, HP-UX; additionally leverage Virtual Agents for unsupported/less common platforms.
  • Protect and Monitor vSphere: Leveraging out-of-the-box policies based on the latest vSphere hardening guidelines, organizations are able to completely protect their environment – at the management server, hypervisor and guest.
  • Centralized Management: Simplify administration of heterogeneous systems with real-time visibility into events and graphical reporting capabilities.
  • Integration with IT GRC and SIEM Solutions: Supported integration with Symantec Control Compliance Suite for unified assessment and monitoring of infrastructure and information, as well as with Symantec Security Information Manager for advanced incident correlation and management.

Key Benefits

  • Achieve complete protection for vSphere leveraging out-of-the-box policies based on the latest vSphere hardening guidelines.
  • Stop zero-day and targeted attacks on servers with targeted prevention policies.
  • Real-time visibility and control into compliance, in a single real-time monitoring and prevention solution.

Comprehensive protection for VMware environments

In a virtual environment, applications and operating systems are subject to the same cyber attacks that are present in a physical environment. Even further, additional attack surfaces such as the hypervisor and management server need protection. When considering security in virtual environments it is important to select a technology that will defend against insider abuse and external threats across the virtual fabric without compromising performance. Critical System Protection is optimized to protect and monitor vSphere 5.0. Leveraging out-of-the box policies based on the latest vSphere hardening guidelines organizations are able to completely protect their environment at the management server, hypervisor, and guest. Key capabilities include:

  • VMware vCenter™ management server protection (New): Harden vCenter based on VMware hardening guidelines.
  • VMware ESX and VMware ESXi™ hypervisor protection (New): Prebuilt policies to monitor and block malicious activity.
  • VMware ESX and ESXi guest protection: Prebuilt policies to harden virtual machines based on unique workload.

Stop internal and external attacks to servers

Servers are frequently targeted by cybercriminals during in the incursion, discovery, and capture phases of a data breach. The techniques used against servers today range from sophisticated penetration techniques to unintentional configuration mistakes by insiders. Critical System Protection allows organizations to protect against internal and external attacks such as Microsoft SQL injections, buffer overflows, and vulnerability exploits in addition to malicious insider abuse and system mis-configurations. By hardening the data center, stop further penetration and prevent the loss of sensitive information. Key capabilities include:

  • Targeted prevention policies: One-click prevention policy that can be applied in a breach scenario, or as a way to move from monitoring to prevention.
  • Process Access Control (PAC) (New): Prevention against a new class of threats utilizing comprehensive IPS protection. PAC provides additional controls over a running process.
  • Out of the box IDS and IPS policies: Prebuilt policies for Windows environments that will monitor and prevent suspicious server activity.
  • Application and device control: Lock down configuration settings, file systems, and use of removable media.
  • Host firewall: Control inbound and outbound network traffic to and from servers.
  • Symantec™ Security Information Manager: Compatibility with Symantec’s leading security incident and event management solution.

Gain real-time visibility into IT compliance posture

To comply with external regulations such as PCI Data Security Standard 2.0 (PCI DSS), North American Electric Reliability Corporation (NERC) and others, organizations must routinely monitor their environment for policy violations and implement compensating controls. In a single solution, Critical System Protection enables organizations to perform real-time monitoring, consolidate event logs for reporting and analysis, while preventing further policy violations with granular policy-based controls. Demonstrate compliance with a centralized solution. Key capabilities include:

  • Real-time file integrity monitoring: Identify changes to files in real-time including who made the change and what change occurred.
  • Configuration monitoring: Identify policy violations and suspicious activity in real-time.
  • IT analytics cube integration (New): Leverage flexible and enhanced dashboarding capabilities augmenting existing Critical System Protection reporting for increased visibility.
  • Consolidated event logging: Consolidate and forward logs for long term retention, reporting, and forensic analysis.
  • File and system tamper prevention: Lock down configuration, settings, and files.
  • Compensating HIPS controls: Restrict application and operating system behavior using policy-based least privilege access control.
  • Symantec™ Control Compliance Suite: Compatibility with Symantec’s unified IT compliance solution.

Patch mitigation for new and legacy operating systems

  • Applying software patches to new and legacy operating systems improves security posture but also causes system downtime. In addition, paying for extended support for end of life operating systems can be costly and unsustainable. With Critical System Protection, reduce the maintenance costs associated with legacy system support and protect critical systems between patch cycles. By hardening the applications and operating systems of new and legacy systems, customers can ensure maximum security of data centers and maximize system availability. Key capabilities include:
  • System hardening: Lock down configuration and settings of critical servers.
  • Least privilege access control: Restrict the behavior of applications and operating systems using granular policy based controls.
  • Broad physical and virtual platform support: Broad physical and virtual platform support:

System Requirements:

Symantec Critical System Protection Management Server

  • Microsoft Windows Server
  • SQL Enterprise Server

Symantec Critical System Protection Management Console

  • Microsoft Windows
  • Java client or web console

Symantec Critical System Protection Agent

  • Microsoft Windows
  • Sun Solaris
  • Red Hat Linux
  • SUSE Linux
  • HP-UX
  • IBM AIX
  • VMware ESX Console OS

Documentation:

Download the Symantec Critical System Protection Datasheet (PDF).

Pricing Notes:

Symantec Products
Symantec Critical System Protection Client Edition 5.2 Standard License
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-A: Price Per User for quantities 1-24.
#13540608
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-B: Price Per User for quantities 25-49. Quantity must be 25 or Greater.
#13540610
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-C: Price Per User for quantities 50-99. Quantity must be 50 or Greater.
#13540612
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-D: Price Per User for quantities 100-249. Quantity must be 100 or Greater.
#13540614
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-E: Price Per User for quantities 250-499. Quantity must be 250 or Greater.
#13540616
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Standard License, 1 Year
BAND-F: Price Per User for quantities 500+. Quantity must be 500 or Greater.
#13540618
Get a Quote!
Symantec Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-A: Price Per User for quantities 1-24.
#13540406
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-B: Price Per User for quantities 25-49. Quantity must be 25 or Greater.
#13540408
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-C: Price Per User for quantities 50-99. Quantity must be 50 or Greater.
#13540410
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-D: Price Per User for quantities 100-249. Quantity must be 100 or Greater.
#13540427
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-E: Price Per User for quantities 250-499. Quantity must be 250 or Greater.
#13540429
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-F: Price Per User for quantities 500+. Quantity must be 500 or Greater.
#13540431
Get a Quote!
Symantec Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License
Critical System Protection Client Edition 5.2 Node Bundle Competitive UpgradeLicense, 1 Year
BAND-A: Price Per User for quantities 1-24. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540458
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-B: Price Per User for quantities 25-49. Quantity must be 25 or Greater. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540460
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-C: Price Per User for quantities 50-99. Quantity must be 50 or Greater. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540462
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-D: Price Per User for quantities 100-249. Quantity must be 100 or Greater. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540483
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-E: Price Per User for quantities 250-499. Quantity must be 250 or Greater. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540485
Get a Quote!
Critical System Protection Client Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-F: Price Per User for quantities 500+. Quantity must be 500 or Greater. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540487
Get a Quote!
Symantec Critical System Protection Server Edition 5.2 Node Bundle Standard License
Control Critical System Protection Server Edition 5.2 Node Bundle Standard License, 1 Year
BAND-S: Price Per Server.
#13540555
Get a Quote!
Symantec Critical System Protection Server Edition 5.2 Node Bundle Competitive Upgrade License
Control Critical System Protection Server Edition 5.2 Node Bundle Competitive Upgrade License, 1 Year
BAND-S: Price Per Server. *Competitive Upgrade Price. Requires exiting competitive solution to qualify.
#13540525
Get a Quote!
Symantec Control Critical System Protection Server Edition 5.2 Node Bundle Version Upgrade License
Control Critical System Protection Server Edition 5.2 Node Bundle Version Upgrade License, 1 Year
BAND-S: Price Per Server.
#13540510
Get a Quote!