The ShieldX Elastic Security Platform subscription includes 7×24 access to premium support and our Customer + Partner Portal that includes product downloads, documentation, technical training and our online knowledgebase and support system.
ShieldX Elastic Security Platform Overview
ShieldX Elastic Security Platform is a 100% software, network-based security platform for protection of core business infrastructure services that span across multiple physical, virtual and cloud-based environments — or the “multi-cloud”. It offers fully scalable and automated visibility, microsegmentation, and threat and malware detection and prevention to support security policy creation, enforcement and compliance.
ShieldX Elastic Security Platform is ideally suited for deployment by the cloud and infrastructure, security and DevOps teams within enterprise, service provider and professional services organizations.
While ShieldX Elastic Security Platform follows cloud-principles regarding elasticity, automation, and the economics of lower resource costs and on-demand deployment, ShieldX Elastic Security Platform is actually a software-based product. It is not what is known as a “Security-as-a-Service” or “managed service” model. ShieldX does not host your deployment, or manage it for you. We just make it easier for you. Organizations acquire, deploy and manage it within their infrastructure, whether on-premises, hosted, within public cloud or combinations of all of it.
ShieldX Elastic Security Platform does secure clouds deployed by our customers. But unlike CASB solutions that secure communications between users and external environments and services like SaaS, ShieldX Elastic Security Platform focuses on securing the network traffic within the organization as part of its critical infrastructure — whether in data centers or in hosted, colo and/or public cloud services. We call it “multi-cloud” security because of its inherent ability to traverse all varieties of cloud architectures, virtualized infrastructure and even physical environments.
No. According to Gartner’s definition, CWPPs offer endpoint-based protection. ShieldX Elastic Security Platform is a network-based security solution, providing security controls generally categorized as network, content and Data Loss (or Leak) Prevention* (DLP) security. In addition, ShieldX Elastic Security Platform does not install software onto any of the workloads that it protects.
ShieldX Elastic Security Platform does offer many of the same security controls as a NGFW including ACLs, application classification and intrusion prevention. But ShieldX Elastic Security Platform isn’t intended to replace the physical, appliance-based firewalls at the perimeter of a data center. ShieldX Elastic Security Platform is designed to complement these solutions and the customer investments they represent. However, ShieldX Elastic Security Platform is an ideal, cost-effective replacement for NGFW virtual appliances. Traditional virtual appliances exact a high tax on deployment within the data center or the cloud when considering performance, licensing and infrastructure costs. They also present challenges in efficient operations, scale and security management.
While the ShieldX Elastic Security Platform platform and its modularity render it capable of many use cases, our customers tell us it is ideally suited to:
- Secure on-premises infrastructure — Segment and secure lateral, “East-West” traffic across virtualized and orchestrated private clouds and data centers – especially if there is a mix of new and legacy technologies, and compliance is a concern.
- Secure public clouds — Segment and secure within and at the perimeter of public cloud deployments, especially where there is a need for high performance and cost control.
- Secure a multi-cloud environment — Create, automate and enforce uniform security policy across disparate environments.
- Enable Managed Security Services & Providers — Remotely deploy, manage and monitor infrastructure security, including within OpEx-based engagement models.
- Secure IP Transport Providers — Offer “Clean Pipe” connections at scale and on-demand according to current requirements, need and subscriber requirements.
- Empower DevOps — DevOps teams can work with ShieldX Elastic Security Platform to integrate with and secure new applications and environments. Or, security and operations teams can use ShieldX Elastic Security Platform for a DevSecOps style of security operations management. The ShieldX Elastic Security Platform API-First strategy allows for all of its capabilities to be dynamically controlled via RESTful APIs.
ShieldX Elastic Security Platform Architecture
ShieldX Elastic Security Platform is the anti-appliance. Appliances, whether physical or virtual, are based on converged, monolithic software that is typically designed to run on custom, proprietary hardware in order to maintain performance with a full set of security features enabled. ShieldX Elastic Security Platform runs on your commodity hardware and hypervisors as a distributed, microservices-based architecture. It shares the same infrastructure resources as the services it protects, so it is up to you to determine how much investment and how many resources you wish to allow security services to consume. And it will only use them as you need them, freeing up resources for your core business services.
Known to the world of application developers and DevOps teams, a microservices-based architecture is an application model that deconstructs traditional, monolithic software into its component parts, and then distributes and chains them. This allows dynamic replication and scale of each component as needed, rather than having to replicate the entire code set when just one function fails to scale, or simply, fails.
Each of the ShieldX Elastic Security Platform microservices, or xServices, is packaged into a container to offer a lightweight footprint, reliability, scale and non-disruptive upgrades. These containers are then “wrapped” in a virtualized form factor that allows them to be deployed into the environments requiring protection, such as VMware vSphere®, OpenStack®, AWS EC2®, or Microsoft Azure®.
Due to its 100% software, microservices-based architecture, ShieldX Elastic Security Platform scale is limited only by the infrastructure resources allocated to support it. It will grow with your network, its traffic and its security needs — even with deep packet inspection and TLS decryption/re-encryption fully enabled, which are both resource intensive services. In addition, ShieldX Elastic Security Platform is built to serve and protect core business critical services, not displace them. Its active, self-orchestration functions continually monitor infrastructure utilization to ensure it doesn’t overrun your hosts or networks.
ShieldX Elastic Security Platform Compatibility
The ShieldX Elastic Security Platform architecture is designed to quickly integrate with most environments. Version 1.2 supports VMware vSphere™ 5.5-6.0, OpenStack® Mitaka, and now both AWS EC2® and Microsoft Azure® environments. Please refer to www.shieldx.com for more information and inquiries. Additional environments are in development and we would like to hear from you about your specific and unique requirements.
ShieldX Elastic Security Platform is currently optimized for operation over Intel® Xeon® CPUs (Sandy Bridge or later.)
ShieldX Elastic Security Platform is certified VMware-Ready® and OpenStack Compatible®. We are partnering with multiple vendors and will be updating our certification list soon. Please contact us if you have any questions.
ShieldX Elastic Security Platform currently integrates with FireEye® AX appliances and Helix Cloud. IT teams and their providers may also use our REST-based APIs and syslog export to create custom integration with other systems, like SIEMs.
Yes. Everything that can be done through the management console (and more) can be accessed and controlled via RESTful API.
ShieldX Elastic Security Platform uses and embeds third-party intelligence feeds from market-leading providers. These feeds pair with the intelligence ShieldX Elastic Security Platform gains through its discovery and profiling analytics to provide a tailored combination of community knowledge with intel that is automatically customized to your environment. In addition, to support an industry best practice of leveraging community intel, ShieldX Elastic Security Platform can import additional feeds you may already subscribe to. Please contact us if you have questions and are interested in assistance in configuring this capability for your deployment.
Deploying ShieldX Elastic Security Platform
ShieldX offers resource requirement tables per each supported environment to help your team estimate the resources ShieldX Elastic Security Platform will consume, based on how much traffic you will inspect (with or without TLS decryption). If you are uncertain of your traffic volume and trends, you can ask us for guidance, evaluate ShieldX Elastic Security Platform for a snapshot, and/or start with a base configuration with the freedom to upgrade as needed without penalty.
Not at all. And this is a defining difference between ShieldX Elastic Security Platform and other solutions on the market which require network shutdown, image edits/reloads, or manual (and ongoing) reconfigurations of the service chain. ShieldX Elastic Security Platform inserts transparently into each network you have configured it to secure using the credentials you have provided. It automatically discovers the details it needs to use to work within each environment, freeing valuable security architect and analyst time to focus on strategic security policy creation, process and investigations.
Due to its microservices-based architecture, ShieldX Elastic Security Platform is designed to inherently support high availability and non-disruptive update, patch and removal. Updates/upgrades will be downloadable as they become available.
ShieldX is a team of security experts. We’ve taken special care to employ best practices in the development of our product, following guidelines of the SSDLC, using leading test and code analysis tools, and employing concepts such as “defense in depth” and the “principle of least privilege.” We also use ShieldX Elastic Security Platform in our own production IT environment. If you would like to learn more, please contact us for a briefing.
You are always welcome to contact us for product documentation and materials that detail the capabilities of ShieldX Elastic Security Platform security controls, policy creation, its analytics and yes, IoP. Indicator-of-Pivot (IoP) is a security feature unique to ShieldX Elastic Security Platform. Unlike the Indicator-of-Compromise (IoC) that typically represents volumes of perimeter-based alerts and contributes to time-consuming or distracting false positives, ShieldX Elastic Security Platform uses real-time analytics to identify lateral movement by attackers, reduce actions on false positives, and helps security analysts start tracking threats earlier and throughout the entire Cyber Kill Chain.
Getting ShieldX Elastic Security Platform
ShieldX Elastic Security Platform is designed to offer the agility and flexibility IT organizations expect of Cloud-native solutions. ShieldX Elastic Security Platform is offered in a capacity based license model, beginning at 10 Gbps of security inspection, with incremental upgrades of 2 Gbps as needed. Primarily sold as a subscription, for simplicity, our support contract is now included. ShieldX Elastic Security Platform is also available in consumption based models for public clouds.
No. ShieldX Elastic Security Platform offers an “all you can eat” model. You can use all of its security controls, in any supported environment, and for as many data planes and microservices as you need. The ShieldX Elastic Security Platform license is tied to a single Virtual Chassis defined by a single management plane. If you decide to buy more than one license, it will be due to your unique business and operational requirements, and not for any lack of scale or separation of duties in ShieldX Elastic Security Platform.
When evaluating ShieldX Elastic Security Platform, our presales team is available to assist with your questions and your proof-of-value deployment. ShieldX Elastic Security Platform customers are entitled to premium, 24×7 support and updates online and by phone. Whether evaluating or actively using ShieldX Elastic Security Platform to secure your environment, you may request access to our Customer + Partner Portal for product downloads, documentation, training, and our knowledgebase.
This is where evaluation can help. While you may have some estimations of your traffic, ShieldX Elastic Security Platform can help provide visibility into how much traffic is actually traveling across your network — including its peaks and valleys. And you will not be penalized for starting low and upgrading later as you gain more insight, or your requirements change.
Yes. ShieldX can work with your process and your vendors and Providers. If your preferred Provider is not already engaged with us, please provide us their contact information, or direct them to contact us.
ShieldX Elastic Security Platform fully embraces cloud principles — the ability to access and pay for what you need or consume, when you need it, with cost-effective prices and flexible business models. Enabled by its elastic architecture, ShieldX Elastic Security Platform offers lower TCO and helps reduce operations costs of licensing, hosting/services, infrastructure, staff, and maintaining SLAs. If you would like to hear more details on our business case, please contact us for a briefing.
BETTER BUSINESS OUTCOMES
WITH ShieldX Elastic Security Platform
ShieldX Elastic Security Platform reduces customer risk through state-of-the-art design, rapid security time-to-service, and helping IT to end the unacceptable compromises between security, performance and cost.