One key use case for data center security is protecting files within the data center. This is especially important for Linux systems, where locking down specific files is essential to prevent unauthorized manipulation.

Our primary focus with Symantec Data Center Security revolves around enforcing policies that dictate which addresses are permitted access. The system operates on two key policies: prevention and detection.

We use it primarily for system lockdown and hardening, with a focus on securing legacy systems that are no longer under maintenance. The goal is to employ measures to strengthen and secure these older servers, protecting them from potential vulnerabilities and cyber attacks.

We deployed the solution for a client for both Windows and non-Windows servers.

They didn't want to have a complete prevention feature. They were using it for any anomaly detection on the critical host and for complete system lockdowns for a few of the database servers.

We use the product to lock down servers.

This product makes up part of our security solution that we offer to customers for use in data centers and remote sites.

As many people are now working from home, they use this solution so that they can work remotely to their data centers and still keep operations centralized. They need to work flexibly, not only from a geolocation point of view but geographically.

Our primary use case of this solution was for checking some program file changes. We are customers of Symantec and I'm an IT security specialist. 

We have a public zone that is a mix of intranet and public service. We have to ensure that none of the hosts are compromised and that nothing impacts the integrity of the servers. This is our primary use case.

Next, we have to protect data that is stored inside of Docker containers. In developing features, they are outside to an extent, so these have to be brought up in a secured form. This means that we had to create split architectures. Also, we needed something that allowed us to integrate the identity mapping and ensure a certificate-based review. The advantage in the field is that they have a template and a certificate broker. The broker wraps the application around that certificate, which can be put into the firewall security policy.

For example, if one of the programmers comes out with a new code review, which is not wrapped on our stack, then I will not allow him to put that into the code. It first has to be checked into the repository, signed, and then put back into the system.

The advantage to this is that the integrity of the person who created it, and the person who modifies it, are all approved as part of the audit entry. Because it is worked on by a lot of people, and there are millions of lines of code that are changed using this mechanism, we need to know who made what change. The code review team is integrating, but they have to rely on the integrity of the system. So, the snapshot mechanism and the ability to integrate that along with the Docker capabilities is something that is very important to us.

We have also used the Firewall and IPS components, as well as the capability for monitoring the integrity of files.

We use Symantec Data Center Security for SEP — Symantec Endpoint Protection.

Symantec Data Center Security is part of our overall security solution that includes anti-virus, anti-spam, and anti-malware protection.