|
The VirtualShield Manager runs as a separate VM and should use the management vSwitch rather than the one connected to the VirtualShield Gateway. The Manager appliance provides a UI for working with as many as 100 gateways, both virtual and Blue Lane's physical appliances. It's responsible for updating and rolling up reporting from multiple gateways. The Manager provides a number of convenient features, including the ability to create multiple VirtualShield admins and assign rights to configure and monitor the inline patching of specific servers. It also offers alerts in e-mail and SNMP traps.
Automation Situation VirtualShield automatically discovers servers by monitoring its network; when it detects traffic to a server, it starts probing to determine the server's OS and what services it's running that can be protected. For a small collection of servers, this automatic discovery seems a bit of overkill, especially given the hand-holding it took (see "How We Tested"). However, as the number of virtualized servers grows, autodiscovery will save significant amounts of time. Once VirtualShield discovers the services running on a given server, it configures the appropriate set of inline patches. Some patches are mandatory--Blue Lane calls these "kernel-level" patches--and they cover basic network stack issues. Other patches can be selected and unselected on a per-server basis, though by default VirtualShield selects all applicable vendor patches--a good starting point. Nonpatch policies aren't applied by default, but VirtualShield lists policies that apply to each particular server, along with descriptions and CVE references; we could choose which ones we wanted to apply. Once running, the VirtualShield Manager offers a number of monitoring and reporting tools. Displays show the status of its server discovery activities as well as its detection of exploit traffic on the network and what action it took (usually "Apply Fix"). It has reports that let us slice and dice its activity every which way; for example, number of inline patches per server or exploits prevented. An Executive Report presented graphs showing the number of virtual patches enabled for discovered OSs and apps, the number of times those patches have been used over the past month, and a list of managers and gateways.
When we pointed out that the Executive Report--the first output IT will likely want to show the CIO--was the only one without an option to print, Blue Lane promised to add that capability. |
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
