VSP 2.9.x Compatibility Guide

About this Article

This guide lists the software compatibility information for VSP Web, Memory and Host Protection. The information provided covers the management infrastructure and supported server environments.

Compatibility Matrix - Virtual Machines

Host Protection

Memory Protection

Web Protection

CPM

Operating System	Executable Allowlisting	AppControl Policies
RHEL 6.5, 6.7/ CentOS 6.5, 6.7	✔	✔
RHEL 6.10 (32 bit)	✔	✔
RHEL7.6/ CentOS 7.6	✔	✔
RHEL8.0/ CentOS 8.0	✔	✔
UBUNTU16	✔	✔
UBUNTU18	✔	✔
UBUNTU20	✔	✔
UBUNTU22	✔	✔
DEBIAN-9/STRETCH	✔	✔
AMAZONLINUX-1	✔	✔
AMAZONLINUX-2	✔	✔
ORACLE LINUX 7.9	✔	✔
ORACLE LINUX 8.x	✔	✔
WINDOWS 2003 SP2 (32-bit, 64-bit)	✔	✔
WINDOWS 2008 R2 SP1	✔	✔
WINDOWS 2012 R2	✔	✔
WINDOWS 2016	✔	✔
WINDOWS 2019	✔	✔
WINDOWS 2022	✔	✔

Operating System	Memory Exploit Protection	Buffer Exploit Protection
RHEL 6.5, 6.7/ CentOS 6.5, 6.7		✔
RHEL7.6/ CentOS 7.6	✔*	✔
RHEL8.0/ CentOS 8.0	✔*	✔
UBUNTU16	✔*
UBUNTU18	✔*	✔
UBUNTU20	✔*	✔
UBUNTU22	✔*	✔
DEBIAN-9/STRETCH	✔*
AMAZONLINUX-1	✔*	✔
AMAZONLINUX-2	✔*	✔
WINDOWS 2008 R2 SP1	✔
WINDOWS 2012 R2	✔	✔
WINDOWS 2016	✔	✔
WINDOWS 2019	✔	✔
WINDOWS 2022	✔	✔

* All the Supported Kernel versions for MEP are listed in Artifactory JSON file: https://artifacts.virsec.work/ui/native/vsysi/vsp-vsysi-release-info.json

Operating System	Java	PHP	ROR	Node.js	.NET	On Web Server
RHEL7.6/ CentOS 7.6	✔	✔	✔	✔	NA	✔
RHEL8.0/ CentOS 8.0	✔	✔	✔	✔	NA	✔
UBUNTU16	✔	✔	✔	✔	NA	✔
UBUNTU18	✔	✔	✔	✔	NA	✔
UBUNTU20	✔	✔	✔	✔	NA	✔
UBUNTU22	✔	✔			NA
AMAZONLINUX-2			✔		NA
WINDOWS 2012 R2	✔				✔
WINDOWS 2016	✔				✔
WINDOWS 2019	✔				✔
WINDOWS 2022	✔				✔

Operating System	Supported Versions
RHEL	7.6, 8.0
UBUNTU	16, 18, 20, 22
AMAZONLINUX	1, 2
WINDOWS	WINDOWS 2012 R2 WINDOWS 2016 WINDOWS 2019 WINDOWS 2022

Table – Compatibility Matrix for Virtual Machines

VSP is not supported for:

Workloads running SELinux or AppArmor in enforcing mode
Hosts running hypervisor: Example ESXi/Hyper-V/Zen/KVM

VM Hypervisors

VSP supports VMs hosted on the hypervisor environments:

ESXi
AWS EC2
Nutanix

Compatibility Matrix - Containers

NOTE

CPM APIs are not available for Container-based environments

Host Protection

Memory Protection

Web Protection

Operating System	Executable Allowlisting	App control Policies
RHEL7.6	✔	✔
UBUNTU16.04	✔	✔
UBUNTU18.04	✔	✔
UBUNTU20	✔	✔
DEBIAN-BUSTER-SLIM	✔	✔
DEBIAN-BUSTER	✔	✔
DEBIAN-STRETCH-SLIM	✔	✔
DEBIAN-STRETCH	✔	✔
ALPINE3.6	✔	✔
ALPINE3.7	✔	✔
ALPINE3.8	✔	✔
ALPINE3.9	✔	✔
ALPINE3.10	✔	✔
ALPINE3.11	✔	✔
ALPINE3.12	✔	✔
ALPINE3.13	✔	✔

Operating System	Buffer Exploit Protection
RHEL7.6	✔
UBUNTU18.04	✔
UBUNTU20	✔
DEBIAN-BUSTER-SLIM	✔
DEBIAN-BUSTER	✔
ALPINE3.6	✔
ALPINE3.7	✔
ALPINE3.8	✔
ALPINE3.9	✔
ALPINE3.10	✔
ALPINE3.11	✔
ALPINE3.12	✔
ALPINE3.13	✔

Operating System	Java	PHP	ROR	Node.js	On Web Server
RHEL7.6	✔	✔	✔	✔
UBUNTU16.04	✔	✔	✔	✔	✔
UBUNTU18.04	✔	✔	✔	✔
UBUNTU20	✔	✔	✔	✔
DEBIAN-BUSTER-SLIM			✔
DEBIAN-STRETCH-SLIM			✔
ALPINE3.13			✔

Table – Compatibility Matrix for Containers

Container Orchestration Support

Table below provides Container Orchestration Support information:

Container Orchestration Type	VSP Deployment	Workload Deployment	Notes
Kubernetes – Kubectl	✔	✔	Supported versions: Kubernetes - 1.18, 1.19, 1.20, 1.21, 1.22 Docker Engine - 19.03
Helm Charts	✔	✔	Supported versions: Helm 2, Helm 3
Docker-only		✔	Supported Docker Versions: 18.x, 19.x, 20.x
Amazon ECS on Fargate		✔
Amazon ECS on EC2		✔
Amazon EKS on EC2	✔	✔

Table – Container Orchestration Support

Web Protection - Supported Application Server Technologies

Java

PHP

RoR

.NET

Node.js

Supported Technologies for Java

The table below lists the supported technologies for Java

Technology	Supported Versions(s)
Java Versions	JDK 1.7 JDK 1.8 JDK 9 JDK 10 JDK 11 JDK 12 JDK 17
Application Servers	Tomcat 7, 8, 9 JBoss (Standalone) 6.4, 7.2 and 7.4 Jboss (Cluster) 7.1 Jetty 9 IBM WebSphere App Server 8.5, 9 Oracle Weblogic 12 Wildfly Server (Standalone) 21-26 Wildfly Server (Cluster) 10, 11, 12 GlassFish 3, 4, 5 Executable Jar
Application Framework	Spring Web (MVC) Struts 2 Hibernate GWT (Google Web Kit) 2.9 JSF (Java Server Faces) Spring Boot
Databases	MySQL JDBC 5.x Postrgres SQL JDBC 9.x, 42.2.5 Oracle JDBC ojdbc8 MS-SQL JDBC 8.x H-SQL JDBC 2.x

Table – Java – Supported Technologies

Supported Technologies for PHP

The table below lists the supported technologies for PHP

Technology	Supported Version(s)
Runtime Versions	7.3 7.4
Web Servers	Apache with Fork and PHP-FPM 2.4.x NGINX 1.x
Databases	MySQL Server 5.x Maria DB Server 10.0.38
Thread Safety Mode	NTS (Non-Thread Safe)

Table – PHP – Supported Technologies

Supported Technologies for Ruby on Rails

The table below lists the supported technologies for Ruby on Rails

Technology	Supported Version(s)
Language Versions	2.5 2.6
Web Servers	Puma 3.11.x+ Passenger 6.x Unicorn 5.1.x+
Application Framework	Rails
Databases	MySQL Server 5.x Postgres 1.x+

Table – Ruby on Rails – Supported Technologies

Supported Technologies for .NET

The table below lists the supported technologies for .NET

Technology	Supported Version(s)
.NET Framework
Language Versions	.NET Framework 4.5.x .NET Framework 4.6.x .NET Framework 4.7.x .NET Framework 4.8.x
Architecture	x86 x64
Web Servers	IIS 8.5+
Managed Pipeline Mode	Classic Integrated
Application Framework	ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages ASP.NET WebAPI ASP.NET Web Service (asmx)
Databases	MS SQL Server
APM Compatibility	AppDynamics New Relic
.NET Core
Language Versions	.NET Core 2.2 .NET Core 3.0 .NET Core 3.1
Architecture	x86 x64
Web Servers	IIS 8.5+
Hosting model	In-proc Out-Of-Proc
Application Framework	ASP.NET Core ASP.NET Core WebAPI
Databases	MS SQL Server
APM Compatibility	AppDynamics New Relic

Table – .NET – Supported Technologies

Supported Technologies for Node.js

The table below lists the supported technologies for Node.js

Technology	Supported Version(s)
Language Versions	8.17.x 10.x 12.x 14.x
Application Framework	Express
Databases	MySQL Server 5.x Oracle (oracledb npm: 4.x) MS SQL Server (mssql npm: 4.x)

Table – Node.js – Supported Technologies

Web Protection - Supported Web Server Versions

The table below lists the supported Webserver Versions by VSP-Web – Web Server

Operating System	NGINX		Apache
Operating System	VM	Container	VM	Container
RHEL7	NGINX 1.16		Apache 2.4.6
RHEL8	NGINX 1.18
UBUNTU16	NGINX 1.10.3	NGINX 1.10.3	Apache 2.4.18	Apache 2.4.18
UBUNTU18	NGINX 1.14
UBUNTU20	NGINX 1.18

Table – Supported Webserver Versions

Web Protection - Supported Vulnerabilities

The table below provides the supported vulnerabilities by VSP Web Protection

Type	Java	PHP	RoR	Node.js	.NET	Web Protection on Web Server
Vulnerability
SQL Injection (SQLi)	✔	✔	✔	✔	✔	✔
Command Injection (CMDi)	✔	✔	✔	✔	✔	✔
Path Traversal (PT)	✔	✔	✔	✔	✔
Local File Inclusion (LFI)	✔	✔	✔	✔	✔	✔
Remote File Inclusion (RFI)	✔	✔	✔	✔	✔	✔
Reflected-XSS	✔	✔	✔	✔	✔	✔
Stored-XSS	✔	✔	✔	✔	✔	✔
Carriage Return and Line Feed (CRLFi)	✔	✔	✔	✔	✔	✔
XML Injection*	✔	✔	✔	✔	✔	✔
Custom Injection	✔	✔	✔	✔	✔	✔
Protocol Enforcement	✔	✔	✔	✔	✔	✔
DOM-based Cross-Site Scripting (DOM-XSS) (Beta Feature)	✔	✔	✔	✔	✔	✔
Cross-Site Request Forgery (CSRF) (Beta Feature)	✔				✔
Logging
Class Load	✔			✔
Software Exception	✔	✔	✔	✔	✔

Table – Web Protection – Supported Vulnerabilities

*XML Injection includes the below vulnerabilities:

XML External Entity - PT/LFI
XML External Entity - RFI
Malicious input within XML for other supported vulnerability
XML Bomb

The table below provides the supported vulnerabilities by VSP Web Protection options for each vulnerability

Type	Available Instrumentation	Available Protection Mode	Possible Incident Type
Vulnerability
SQL Injection (SQLi)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Command Injection (CMDi)	HTTP/ DEEP	Protect/ Detect	Attack
Path Traversal (PT)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Local File Inclusion (LFI)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Remote File Inclusion (RFI)	HTTP/ DEEP	Protect/ Detect	Attack
Reflected-XSS	DEEP	Protect/ Detect	Threat/ Attack
Stored-XSS	DEEP	Protect/ Detect	Attack
Carriage Return and Line Feed (CRLFi)	DEEP	Protect/ Detect	Threat/ Attack
XML Injection (XMLi)	HTTP/ DEEP	Protect/ Detect	Attack
Custom Injection	HTTP	Protect/ Detect	Attack
Protocol Enforcement	HTTP	Protect/ Detect	Attack
DOM-based Cross-Site Scripting (DOM-XSS)	DEEP	Detect	Attack
Cross-Site Request Forgery (CSRF)	DEEP	Protect/ Detect	Attack
Logging
Class Load	NA	NA	NA
Software Exception	NA	NA	NA

Table – Web Protection – Available Options

Buffer Exploit Protection - Qualified Applications

NOTE:

VSP Memory is not supported when Intel® Transactional Synchronization Extensions (Intel® TSX) is enabled

For Virtual Machines

The table below lists the qualified Applications

Operating System	NGINX 1.4	NGINX 1.2	Httpd 2.4	Apache 2
RHEL 7			✔
CentOS 7.9			✔
Ubuntu 18				✔
Ubuntu 20				✔
AmazonLinux2	✔	✔

Table – Qualified Applications for VMs

For Containers

The table below lists the qualified Applications

Operating System	NGINX 1.4	Httpd 2.4	Apache 2
Alpine 3.8	✔
Alpine 3.10	✔
Alpine 3.11	✔
Alpine 3.12	✔	✔
Alpine 3.13	✔	✔
Debian Stretch Slim	✔
Debian Buster Slim	✔
Ubuntu 18.04	✔
Ubuntu 20.04	✔		✔
RHEL 7.6	✔	✔
CentOS 7.9	✔	✔

Table – Qualified Applications for Containers

CMS Compatibility

With Third-Party Products

The table below lists the third-party products that CMS is compatible with

Third-Party Product	Notes
LDAP	CMS is compatible with Active Directory only. No other LDAP integration is supported
SAML	Only Okta is supported in SAML
Splunk	Both HTTPS (Default) and HTTP are supported
Zendesk
QRadar
Email Server
Syslog Server

Table – CMS Compatibility with Third Party Products

Supported Browser

Google Chrome is the supported browser for CMS

Compatibility Guide 2.9.x

Compatibility Matrix - Virtual Machines

VM Hypervisors

Compatibility Matrix - Containers

Container Orchestration Support

Web Protection - Supported Application Server Technologies

Supported Technologies for Java

Supported Technologies for PHP

Supported Technologies for Ruby on Rails

Supported Technologies for .NET

Supported Technologies for Node.js

Web Protection - Supported Web Server Versions

Web Protection - Supported Vulnerabilities

Buffer Exploit Protection - Qualified Applications

For Virtual Machines

For Containers

CMS Compatibility

With Third-Party Products

Supported Browser

What's Next

Compatibility Guide 2.9.x

Compatibility Matrix - Virtual Machines

VM Hypervisors

Compatibility Matrix - Containers

Container Orchestration Support

Web Protection - Supported Application Server Technologies

Supported Technologies for Java

Supported Technologies for PHP

Supported Technologies for Ruby on Rails

Supported Technologies for .NET

Supported Technologies for Node.js

Web Protection - Supported Web Server Versions

Web Protection - Supported Vulnerabilities

Buffer Exploit Protection - Qualified Applications

For Virtual Machines

For Containers

CMS Compatibility

With Third-Party Products

Supported Browser

Related articles

What's Next