HYPERVISOR RANSOMWARE PROTECTION
Defense-in-depth
ZeroLock® takes a multilayered approach to defense, providing your hypervisors with a comprehensive runtime security solution.
Running VMware ESXi?
Check out our VIB and deploy via vCenter.
Prevent attacks with SSH-MFA, application allowlisting, and lockdown rules.
ZeroLock® goes beyond traditional mandatory access control capabilities by offering easily configured and universally applied rules and policies that can be deployed across your hypervisor environment.
ZeroLock’s® prevention capabilities include:
- SSH Multifactor Authentication (MFA)
- Application Allowlisting
- Process Behavior Controls
- Network Access Controls
- File Access Controls
- Canary Files
- Tamper Protection
ZeroLock’s® response capabilites include:
- Ransomware Protection
- Wiperware Protection
- Real-time Threat Remediation
- Automated File Rollback
- Attacker Persistence Removal
- Fully Automated Process Tree Creation
Ensure uptime with AI detection and automated remediation.
ZeroLock’s® AI behavioral detection identifies malware in real-time. Our proprietary algorithms detect and stop traditional and fileless ransomware attacks with >98% efficacy and offer the ability to automatically remediate file damage and remove attackers with no user intervention required—helping you to ensure zero downtime.
Deploy and manage flexibly.
With ZeroLock®, no modification to the hypervisor itself is required, and deployment is as simple as one line in the terminal, or through a partner portal like VCenter. ZeroLock® is configured to work while also maintaining system stability and performance.
ZeroLock’s® management capabilities include:
- Compatible with VMware ESXi, Nutanix, XenServer, Citrix Hypervisor, Proxmox, Red Hat Enterprise Virtualization (RHEV), and KVM
- API-based architecture
- Quick SIEM/SOAR integration using ZeroLock’s® syslog provider
- Single agent
- One-line deployment
- Minimal overhead (50MB RAM)
- Signed VIB & deployable via vCenter for ESXi
AdaptableDeploymentFramework
24-7 support every step of the way.
Operationalization is no small lift. Vali Cyber’s®® support team is there for you every step of the way through deployment and continues to be available to answer questions any time of day as you manage ZeroLock® in your environment. We also schedule periodic check-ins to make sure you are getting the most out of your ZeroLock® purchase.
Learn more about hypervisor security.
TECH SPECS
ZeroLock® Endpoint Agent Requirements for Hypervisors
OS
- ESXi, 6.7+ (Older versions supported upon request.)
- Nutanix, AHV-2017+
- XenServer, 6.5+
- Citrix Hypervisor, 8.0+
- Proxmox, 3.0+
- Red Hat Enterprise Virtualization (RHEV), 3.6+
- KVM, Kernel 3.5+
Processor
Memory
50MB
Disk Space
100MB
Kernel Mods.
No kernel modification or modules required
Installation Methods
- One-line, web-based deployment (Wget)
- File-based deployment (Tar.gz or Bash)
- ESXi: Signed VIB and deployable via vCenter
Updates
To ensure stability at scale, ZeroLock® does not automatically update. Updates are provided to you with release notes so you can understand what was changed. It is up to you to decide when or if you use the update. You can also control which systems get updated, allowing you to implement A/B testing.
RAM
16GB
Disk Space
512GB (dependent on number of endpoints and data retention duration)
CPU Cores
6 or more recommended
Installation Reqs.
- Self-deployment: Latest version of Docker installed
- OVA-deployment: ESXi 7.0 or later
Documentation
Existing integrations
- SIEM: Splunk
- SOAR: Swimlane