Solution ensures security and compliance with Center for Internet
Security benchmarks for VMware
SAN FRANCISCO, April 21 /PRNewswire/ -- nCircle, the leader in automated
security and compliance auditing solutions, today announced that its
Configuration Compliance Manager(TM) (CCM) configuration auditing solution now
audits the full VMware virtual infrastructure, from virtual machines to the
hypervisor. nCircle CCM delivers new policies that audit the configurations of
the virtual infrastructure and compare the configurations to Center for
Internet Security (CIS) benchmarks, or hardening guides, to ensure the
security of virtual machines and their hypervisor. The CIS benchmarks are
accepted best practices for secure operation of VMware virtual machines and
Over the past few years, the use of virtualization in the enterprise has
grown dramatically and so have the security concerns. The new IT platform of
virtualization has given rise to new security issues that can occur through
the mis-configuration of the hypervisor. "VM escape", can occur when a program
running on a virtual machine gains access to the host system or another
virtual machine, and is a clear example of the necessity of continuous audits
of the entire virtual infrastructure.
"Enterprises are increasingly turning to virtual infrastructure in their
datacenter," said Tim Keanini, Chief Technology Officer at nCircle. "nCircle
CCM enables our customers to discover and audit the configurations of their
virtual infrastructure along with the rest of their network, ensuring
compliance with the CIS benchmark for VMware and improving security."
One of the advantages of virtualized systems is the speed by which they
can be implemented. However, this also makes keeping track of virtual machines
as they are deployed and re-deployed much more difficult than physical
systems. nCircle Configuration Compliance Manager discovers virtual machines
and hypervisors through agentless discovery technology and is then able to
continuously audit the configurations of the virtual infrastructure through
agentless configuration auditing. In the fast-moving world of virtual
infrastructure, ensuring compliance with secure benchmarks and continuous
configuration auditing is imperative.
About nCircle Suite360
nCircle provides the world's most comprehensive suite of solutions for
agentless security and configuration auditing. nCircle's solutions combine the
broadest discovery of networked systems and their operating systems,
applications, vulnerabilities and configurations with advanced analytics to
help enterprises reduce security risk and achieve compliance. nCircle's
solutions include IP360(TM) for vulnerability and risk management,
WebApp360(TM) for web application vulnerability auditing, Configuration
Compliance Manager (CCM)(TM) for configuration auditing and file integrity
monitoring, Certified PCI Scan Service(TM) for on-demand self-service PCI
scanning, and Suite360 Intelligence Hub(TM) for IT governance, risk and
compliance (ITGRC) reporting and analytics.
nCircle is the leading provider of automated security and compliance
auditing solutions. More than 4,000 enterprises, government agencies and
service providers around the world rely on nCircle's proactive solutions to
manage and reduce security risk and achieve compliance on their networks.
nCircle has won numerous awards for growth, innovation, customer satisfaction
and technology leadership. nCircle is headquartered in San Francisco, CA,
with regional offices throughout the United States and in London and Toronto.
Additional information about nCircle is available at www.ncircle.com.
nCircle is a registered trademark of nCircle Network Security, Inc. All
other registered or unregistered trademarks are the sole property of their
For further information:
For further information: Shelley Boose of Shev Rush PR, +1-408-398-6987,
for nCircle Web Site: http://www.ncircle.com