Contents x
    Compatibility Guide 2.9.x
    • 31 May 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Compatibility Guide 2.9.x

    • Updated on 31 May 2024
    • 3 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    About this Article

    This guide lists the software compatibility information for VSP Web, Memory and Host Protection. The information provided covers the management infrastructure and supported server environments.


    Compatibility Matrix - Virtual Machines

         

    Operating SystemExecutable AllowlistingAppControl Policies
    RHEL 6.5, 6.7/ CentOS 6.5, 6.7
    RHEL 6.10 (32 bit)
    RHEL7.6/ CentOS 7.6
    RHEL8.0/ CentOS 8.0
    UBUNTU16
    UBUNTU18
    UBUNTU20
    UBUNTU22
    DEBIAN-9/STRETCH
    AMAZONLINUX-1
    AMAZONLINUX-2
    ORACLE LINUX 7.9
    ORACLE LINUX 8.x
    WINDOWS 2003 SP2 (32-bit, 64-bit)
    WINDOWS 2008 R2 SP1
    WINDOWS 2012 R2
    WINDOWS 2016
    WINDOWS 2019
    WINDOWS 2022



    Operating SystemMemory Exploit ProtectionBuffer Exploit Protection
    RHEL 6.5, 6.7/ CentOS 6.5, 6.7
    RHEL7.6/ CentOS 7.6✔*
    RHEL8.0/ CentOS 8.0✔*
    UBUNTU16✔*
    UBUNTU18✔*
    UBUNTU20✔*
    UBUNTU22✔*
    DEBIAN-9/STRETCH✔*
    AMAZONLINUX-1✔*
    AMAZONLINUX-2✔*
    WINDOWS 2008 R2 SP1
    WINDOWS 2012 R2
    WINDOWS 2016
    WINDOWS 2019
    WINDOWS 2022


    * All the Supported Kernel versions for MEP are listed in Artifactory JSON file: https://artifacts.virsec.work/ui/native/vsysi/vsp-vsysi-release-info.json


    Operating SystemJavaPHPRORNode.js.NETOn Web Server
    RHEL7.6/ CentOS 7.6NA
    RHEL8.0/ CentOS 8.0NA
    UBUNTU16NA
    UBUNTU18NA
    UBUNTU20NA
    UBUNTU22

    		NA
    AMAZONLINUX-2


    		NA
    WINDOWS 2012 R2



    WINDOWS 2016



    WINDOWS 2019



    WINDOWS 2022





    Operating SystemSupported Versions
    RHEL7.6, 8.0
    UBUNTU16, 18, 20, 22
    AMAZONLINUX1, 2
    WINDOWS

    WINDOWS 2012 R2

    WINDOWS 2016

    WINDOWS 2019

    WINDOWS 2022

    Table – Compatibility Matrix for Virtual Machines

    VSP is not supported for:
    • Workloads running SELinux or AppArmor in enforcing mode
    • Hosts running hypervisor: Example ESXi/Hyper-V/Zen/KVM

    VM Hypervisors

    VSP supports VMs hosted on the hypervisor environments:

    • ESXi
    • AWS EC2
    • Nutanix


    Compatibility Matrix - Containers

    NOTE
    CPM APIs are not available for Container-based environments


       

    Operating SystemExecutable AllowlistingApp control Policies
    RHEL7.6
    UBUNTU16.04
    UBUNTU18.04
    UBUNTU20
    DEBIAN-BUSTER-SLIM
    DEBIAN-BUSTER
    DEBIAN-STRETCH-SLIM
    DEBIAN-STRETCH
    ALPINE3.6
    ALPINE3.7
    ALPINE3.8
    ALPINE3.9
    ALPINE3.10
    ALPINE3.11
    ALPINE3.12
    ALPINE3.13



    Operating SystemBuffer Exploit Protection
    RHEL7.6
    UBUNTU18.04
    UBUNTU20
    DEBIAN-BUSTER-SLIM
    DEBIAN-BUSTER
    ALPINE3.6
    ALPINE3.7
    ALPINE3.8
    ALPINE3.9
    ALPINE3.10
    ALPINE3.11
    ALPINE3.12
    ALPINE3.13



    Operating SystemJavaPHPRORNode.jsOn Web Server
    RHEL7.6
    UBUNTU16.04
    UBUNTU18.04
    UBUNTU20
    DEBIAN-BUSTER-SLIM



    DEBIAN-STRETCH-SLIM



    ALPINE3.13




    Table – Compatibility Matrix for Containers

    Container Orchestration Support

    Table below provides Container Orchestration Support information:

    Container Orchestration TypeVSP DeploymentWorkload DeploymentNotes
    Kubernetes – KubectlSupported versions:
    Kubernetes - 1.18, 1.19, 1.20, 1.21, 1.22
    Docker Engine - 19.03
    Helm Charts

    		Supported versions:
    Helm 2, Helm 3 
    Docker-only


    		Supported Docker Versions:
    18.x, 19.x, 20.x
    Amazon ECS on Fargate



    Amazon ECS on EC2



    Amazon EKS on EC2


    Table – Container Orchestration Support


    Web Protection - Supported Application Server Technologies

           


    Web Protection - Supported Web Server Versions

    The table below lists the supported Webserver Versions by VSP-Web – Web Server

    Operating SystemNGINXApache
    VMContainerVMContainer
    RHEL7NGINX 1.16
    		Apache 2.4.6
    RHEL8NGINX 1.18


    UBUNTU16NGINX 1.10.3NGINX 1.10.3Apache 2.4.18Apache 2.4.18
    UBUNTU18NGINX 1.14


    UBUNTU20NGINX 1.18


    Table – Supported Webserver Versions


    Web Protection - Supported Vulnerabilities

    The table below provides the supported vulnerabilities by VSP Web Protection

    TypeJavaPHPRoRNode.js.NETWeb Protection on Web Server
    Vulnerability
    SQL Injection (SQLi)
    Command Injection (CMDi)
    Path Traversal (PT)
    Local File Inclusion (LFI)
    Remote File Inclusion (RFI)
    Reflected-XSS
    Stored-XSS
    Carriage Return and Line Feed (CRLFi)
    XML Injection
    Custom Injection
    Protocol Enforcement
    DOM-based cross-site scripting (DOM-XSS)
    Cross-site request forgery (CSRF)



    Logging
    Class Load



    Software Exception

    Table – Web Protection – Supported Vulnerabilities

    XML Injection includes the below vulnerabilities:

    1. XML External Entity - PT/LFI
    2. XML External Entity - RFI
    3. Malicious input within XML for other supported vulnerability
    4. XML Bomb

    The table below provides the supported vulnerabilities by VSP Web Protection options for each vulnerability

    TypeAvailable InstrumentationAvailable Protection ModePossible Incident Type
    Vulnerability
    SQL Injection (SQLi)HTTP/ DEEPProtect/ DetectThreat/ Attack
    Command Injection (CMDi)HTTP/ DEEPProtect/ DetectAttack
    Path Traversal (PT)HTTP/ DEEPProtect/ DetectThreat/ Attack
    Local File Inclusion (LFI)HTTP/ DEEPProtect/ DetectThreat/ Attack
    Remote File Inclusion (RFI)HTTP/ DEEPProtect/ DetectAttack
    Reflected-XSSDEEPProtect/ DetectThreat/ Attack
    Stored-XSSDEEPProtect/ DetectAttack
    Carriage Return and Line Feed (CRLFi)DEEPProtect/ DetectThreat/ Attack
    XML Injection (XMLi)HTTP/ DEEPProtect/ DetectAttack
    Custom InjectionHTTPProtect/ DetectAttack
    Protocol EnforcementHTTPProtect/ DetectAttack
    DOM-based cross-site scripting (DOM-XSS)DEEPDetectAttack
    Cross-site request forgery (CSRF)DEEPProtect/ DetectAttack
    Logging
    Class LoadNANANA
    Software ExceptionNANANA

    Table – Web Protection – Available Options


    Buffer Exploit Protection - Qualified Applications

    NOTE:
    VSP Memory is not supported when Intel® Transactional Synchronization Extensions (Intel® TSX) is enabled

    For Virtual Machines

    The table below lists the qualified Applications

    Operating SystemNGINX 1.4NGINX 1.2Httpd 2.4Apache 2
    RHEL 7


    CentOS 7.9


    Ubuntu 18


    Ubuntu 20


    AmazonLinux2

    Table – Qualified Applications for VMs

    For Containers

    The table below lists the qualified Applications

    Operating SystemNGINX 1.4Httpd 2.4Apache 2
    Alpine 3.8

    Alpine 3.10

    Alpine 3.11

    Alpine 3.12
    Alpine 3.13
    Debian Stretch Slim

    Debian Buster Slim

    Ubuntu 18.04

    Ubuntu 20.04
    RHEL 7.6
    CentOS 7.9

    Table – Qualified Applications for Containers


    CMS Compatibility

    With Third-Party Products

    The table below lists the third-party products that CMS is compatible with

    Third-Party ProductNotes
    LDAPCMS is compatible with Active Directory only. No other LDAP integration is supported
    SAMLOnly Okta is supported in SAML
    SplunkBoth HTTPS (Default) and HTTP are supported
    Zendesk
    QRadar
    Email Server
    Syslog Server

    Table – CMS Compatibility with Third Party Products

    Supported Browser

    Google Chrome is the supported browser for CMS



    Was this article helpful?
    Related articles
    What's Next