Compatibility Guide 2.11.x

31 Aug 2024
4 Minutes to read

Print
Share
Dark
Light
PDF

Compatibility Guide 2.11.x

Updated on 31 Aug 2024
4 Minutes to read

Print
Share
Dark
Light
PDF

Article summary

Did you find this summary helpful?

Thank you for your feedback

About this Article

This guide lists the software compatibility information for VSP Web, Memory and Host Protection. The information provided covers the management infrastructure and supported server environments.

Compatibility Matrix - Virtual Machines

Host Protection Memory Protection Web Protection CPM

Operating System	Executable Allowlisting	AppControl Policies
RHEL 6.5, 6.7/ CentOS 6.5, 6.7	✔	✔
RHEL 6.10 (32 bit)	✔	✔
RHEL7.6/ CentOS 7.6	✔	✔
RHEL8.0/ CentOS 8.0	✔	✔
RHEL9.0	✔	✔
UBUNTU16	✔	✔
UBUNTU18	✔	✔
UBUNTU20	✔	✔
UBUNTU22	✔	✔
DEBIAN-9/STRETCH	✔	✔
AMAZONLINUX-1	✔	✔
AMAZONLINUX-2	✔	✔
ORACLE LINUX 7.9	✔	✔
ORACLE LINUX 8.x	✔	✔
WINDOWS 2003 SP2 32-bit Standard Edition SP2 & 64-bit Enterprise Edition SP2	✔	✔
WINDOWS 2008 R2 Standard Edition (x64)	✔	✔
WINDOWS 2012 R2 Standard Edition	✔	✔
WINDOWS 2016 Standard Edition	✔	✔
WINDOWS 2019 Standard Edition	✔	✔
WINDOWS 2022 Standard Edition	✔	✔

Operating System	Memory Exploit Protection	Buffer Exploit Protection
RHEL 6.5, 6.7/ CentOS 6.5, 6.7		✔
RHEL7.6/ CentOS 7.6	✔*	✔
RHEL8.0/ CentOS 8.0	✔*	✔
RHEL9.0	✔*
UBUNTU16	✔*
UBUNTU18	✔*	✔
UBUNTU20	✔*	✔
UBUNTU22	✔*	✔
DEBIAN-9/STRETCH	✔*
AMAZONLINUX-1	✔*	✔
AMAZONLINUX-2	✔*	✔
WINDOWS 2008 R2 Standard Edition (x64)	✔
WINDOWS 2012 R2 Standard Edition	✔	✔
WINDOWS 2016 Standard Edition	✔	✔
WINDOWS 2019 Standard Edition	✔	✔
WINDOWS 2022 Standard Edition	✔	✔

* All the Supported Kernel versions for MEP are listed in Artifactory JSON file: https://artifacts.virsec.work/ui/native/vsysi/vsp-vsysi-release-info.json

Operating System	Java	PHP	ROR	Node.js	.NET	On Web Server
RHEL7.6/ CentOS 7.6	✔	✔	✔	✔	NA	✔
RHEL8.0/ CentOS 8.0	✔	✔	✔	✔	NA	✔
RHEL9.0 Version 2.11.1 and Above	✔				NA
UBUNTU16	✔	✔	✔	✔	NA	✔
UBUNTU18	✔	✔	✔	✔	NA	✔
UBUNTU20	✔	✔	✔	✔	NA	✔
UBUNTU22	✔	✔			NA
AMAZONLINUX-2			✔		NA
WINDOWS 2012 R2 Standard Edition	✔				✔
WINDOWS 2016 Standard Edition	✔				✔
WINDOWS 2019 Standard Edition	✔				✔
WINDOWS 2022 Standard Edition	✔				✔

Operating System	Supported Versions
RHEL	7.6, 8.0, 9.0
UBUNTU	16, 18, 20, 22
AMAZONLINUX	1, 2
WINDOWS	WINDOWS 2012 R2 Standard Edition WINDOWS 2016 Standard Edition WINDOWS 2019 Standard Edition WINDOWS 2022 Standard Edition

Table – Compatibility Matrix for Virtual Machines

VSP is not supported for:

Workloads running SELinux or AppArmor in enforcing mode
Hosts running hypervisor: Example ESXi/Hyper-V/Zen/KVM

VM Hypervisors

VSP supports VMs hosted on the hypervisor environments:

ESXi
AWS EC2
Nutanix

Compatibility Matrix - Containers

NOTE

CPM APIs are not available for Container-based environments

Host Protection Memory Protection Web Protection

Operating System	Executable Allowlisting	App control Policies
RHEL7.6	✔	✔
UBUNTU16.04	✔	✔
UBUNTU18.04	✔	✔
UBUNTU20	✔	✔
DEBIAN-BUSTER-SLIM	✔	✔
DEBIAN-BUSTER	✔	✔
DEBIAN-STRETCH-SLIM	✔	✔
DEBIAN-STRETCH	✔	✔
ALPINE3.6	✔	✔
ALPINE3.7	✔	✔
ALPINE3.8	✔	✔
ALPINE3.9	✔	✔
ALPINE3.10	✔	✔
ALPINE3.11	✔	✔
ALPINE3.12	✔	✔
ALPINE3.13	✔	✔

Operating System	Buffer Exploit Protection
RHEL7.6	✔
UBUNTU18.04	✔
UBUNTU20	✔
DEBIAN-BUSTER-SLIM	✔
DEBIAN-BUSTER	✔
ALPINE3.6	✔
ALPINE3.7	✔
ALPINE3.8	✔
ALPINE3.9	✔
ALPINE3.10	✔
ALPINE3.11	✔
ALPINE3.12	✔
ALPINE3.13	✔

Operating System	Java	PHP	ROR	Node.js	On Web Server
RHEL7.6	✔	✔	✔	✔
UBUNTU16.04	✔	✔	✔	✔	✔
UBUNTU18.04	✔	✔	✔	✔
UBUNTU20	✔	✔	✔	✔
DEBIAN-BUSTER-SLIM			✔
DEBIAN-STRETCH-SLIM			✔
ALPINE3.13			✔

Table – Compatibility Matrix for Containers

Container Orchestration Support

Table below provides Container Orchestration Support information:

Container Orchestration Type	VSP Deployment	Workload Deployment	Notes
Kubernetes – Kubectl	✔	✔	Supported versions: Kubernetes - 1.18, 1.19, 1.20, 1.21, 1.22 Docker Engine - 19.03
Helm Charts	✔	✔	Supported versions: Helm 2, Helm 3
Docker-only		✔	Supported Docker Versions: 18.x, 19.x, 20.x
Amazon ECS on Fargate		✔
Amazon ECS on EC2		✔
Amazon EKS on EC2	✔	✔

Table – Container Orchestration Support

Web Protection - Supported Application Server Technologies

Java PHP ROR .NET Node.js

Supported Technologies for Java

The table below lists the supported technologies for Java

Technology	Supported Versions(s)
Java Versions	JDK 1.7 JDK 1.8 JDK 9 JDK 10 JDK 11 JDK 12 JDK 17 JDK 21[Version 2.11.1 and Above]
Application Servers	Tomcat 7, 8, 9 JBoss (Standalone) 6.4, 7.2 and 7.4 Jboss (Cluster) 7.1 Jetty 9 IBM WebSphere App Server 8.5, 9 Oracle Weblogic 12 Wildfly Server (Standalone) 21-26 Wildfly Server (Cluster) 10, 11, 12 GlassFish 3, 4, 5 Executable Jar
Application Framework	Spring Web (MVC) Struts 2 Hibernate GWT (Google Web Kit) 2.9 JSF (Java Server Faces) Spring Boot
Databases	MySQL JDBC 5.x Postrgres SQL JDBC 9.x, 42.2.5 Oracle JDBC ojdbc8 MS-SQL JDBC 8.x H-SQL JDBC 2.x

Table – Java – Supported Technologies

Supported Technologies for PHP

The table below lists the supported technologies for PHP

Technology	Supported Version(s)
Runtime Versions	7.3 7.4
Web Servers	Apache with Fork and PHP-FPM 2.4.x NGINX 1.x
Databases	MySQL Server 5.x Maria DB Server 10.0.38
Thread Safety Mode	NTS (Non-Thread Safe)

Table – PHP – Supported Technologies

Supported Technologies for Ruby on Rails

The table below lists the supported technologies for Ruby on Rails

Technology	Supported Version(s)
Language Versions	2.5 2.6
Web Servers	Puma 3.11.x+ Passenger 6.x Unicorn 5.1.x+
Application Framework	Rails
Databases	MySQL Server 5.x Postgres 1.x+

Table – Ruby on Rails – Supported Technologies

Supported Technologies for .NET

The table below lists the supported technologies for .NET

Technology	Supported Version(s)
.NET Framework
Language Versions	.NET Framework 4.5.x .NET Framework 4.6.x .NET Framework 4.7.x .NET Framework 4.8.x
Architecture	x86 x64
Web Servers	IIS 8.5+
Managed Pipeline Mode	Classic Integrated
Application Framework	ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages ASP.NET WebAPI ASP.NET Web Service (asmx)
Databases	MS SQL Server
APM Compatibility	AppDynamics New Relic
.NET Core
Language Versions	.NET Core 2.2 .NET Core 3.0 .NET Core 3.1 .NET 5, 6, 7
Architecture	x86 x64
Web Servers	IIS 8.5+
Hosting model	In-proc Out-Of-Proc
Application Framework	ASP.NET Core ASP.NET Core WebAPI
Databases	MS SQL Server
APM Compatibility	AppDynamics New Relic

Table – .NET – Supported Technologies

Supported Technologies for Node.js

The table below lists the supported technologies for Node.js

Technology	Supported Version(s)
Language Versions	8.17.x 10.x 12.x 14.x
Application Framework	Express
Databases	MySQL Server 5.x Oracle (oracledb npm: 4.x) MS SQL Server (mssql npm: 4.x)

Table – Node.js – Supported Technologies

Web Protection - Supported Web Server Versions

The table below lists the supported Webserver Versions by VSP-Web – Web Server

Operating System	NGINX		Apache
Operating System	VM	Container	VM	Container
RHEL7	NGINX 1.16		Apache 2.4.6
RHEL8	NGINX 1.18
UBUNTU16	NGINX 1.10.3	NGINX 1.10.3	Apache 2.4.18	Apache 2.4.18
UBUNTU18	NGINX 1.14
UBUNTU20	NGINX 1.18

Table – Supported Webserver Versions

Web Protection - Supported Vulnerabilities

The table below provides the supported vulnerabilities by VSP Web Protection

Type	Java	PHP	RoR	Node.js	.NET	Web Protection on Web Server
Vulnerability
SQL Injection (SQLi)	✔	✔	✔	✔	✔	✔
Command Injection (CMDi)	✔	✔	✔	✔	✔	✔
Path Traversal (PT)	✔	✔	✔	✔	✔
Local File Inclusion (LFI)	✔	✔	✔	✔	✔	✔
Remote File Inclusion (RFI)	✔	✔	✔	✔	✔	✔
Reflected-XSS	✔	✔	✔	✔	✔	✔
Stored-XSS	✔	✔	✔	✔	✔	✔
Carriage Return and Line Feed (CRLFi)	✔	✔	✔	✔	✔	✔
XML Injection*	✔	✔	✔	✔	✔	✔
Custom Injection	✔	✔	✔	✔	✔	✔
Protocol Enforcement	✔	✔	✔	✔	✔	✔
DOM-based Cross-Site Scripting (DOM-XSS) (Beta Feature)	✔	✔	✔	✔	✔	✔
Cross-Site Request Forgery (CSRF) (Beta Feature)	✔				✔
Logging
Class Load	✔			✔
Software Exception	✔	✔	✔	✔	✔

Table – Web Protection – Supported Vulnerabilities

*XML Injection includes the below vulnerabilities:

XML External Entity - PT/LFI
XML External Entity - RFI
Malicious input within XML for other supported vulnerability
XML Bomb

The table below provides the supported vulnerabilities by VSP Web Protection options for each vulnerability

Type	Available Instrumentation	Available Protection Mode	Possible Incident Type
Vulnerability
SQL Injection (SQLi)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Command Injection (CMDi)	HTTP/ DEEP	Protect/ Detect	Attack
Path Traversal (PT)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Local File Inclusion (LFI)	HTTP/ DEEP	Protect/ Detect	Threat/ Attack
Remote File Inclusion (RFI)	HTTP/ DEEP	Protect/ Detect	Attack
Reflected-XSS	DEEP	Protect/ Detect	Threat/ Attack
Stored-XSS	DEEP	Protect/ Detect	Attack
Carriage Return and Line Feed (CRLFi)	DEEP	Protect/ Detect	Threat/ Attack
XML Injection (XMLi)	HTTP/ DEEP	Protect/ Detect	Attack
Custom Injection	HTTP	Protect/ Detect	Attack
Protocol Enforcement	HTTP	Protect/ Detect	Attack
DOM-based Cross-Site Scripting (DOM-XSS)	DEEP	Detect	Attack
Cross-Site Request Forgery (CSRF)	DEEP	Protect/ Detect	Attack
Logging
Class Load	NA	NA	NA
Software Exception	NA	NA	NA

Table – Web Protection – Available Options

Buffer Exploit Protection - Qualified Applications

NOTE:

VSP Memory is not supported when Intel® Transactional Synchronization Extensions (Intel® TSX) is enabled

For Virtual Machines

The table below lists the qualified Applications

Operating System	NGINX 1.4	NGINX 1.2	Httpd 2.4	Apache 2
RHEL 7			✔
CentOS 7.9			✔
Ubuntu 18				✔
Ubuntu 20				✔
AmazonLinux2	✔	✔

Table – Qualified Applications for VMs

For Containers

The table below lists the qualified Applications

Operating System	NGINX 1.4	Httpd 2.4	Apache 2
Alpine 3.8	✔
Alpine 3.10	✔
Alpine 3.11	✔
Alpine 3.12	✔	✔
Alpine 3.13	✔	✔
Debian Stretch Slim	✔
Debian Buster Slim	✔
Ubuntu 18.04	✔
Ubuntu 20.04	✔		✔
RHEL 7.6	✔	✔
CentOS 7.9	✔	✔

Table – Qualified Applications for Containers

Host Protection - XDR Interoperability with VSP

The table below lists the Host Protection interoperability with various XDR products. Click here for more information on exclusions to be configured on these products.

XDR Product	Windows**	Linux***
Cortex 7.8.1	✔
Sophos (Intercept X Advanced for Server & Server Protection)	✔	✔
TrendMicro (Workload Security (Enterprise))	✔	✔
Comodo 12.16	✔	✔
Symantec (Data Center Security Server Advanced)	✔	✔
SentinelOne (Complete Protection Platform)	✔	✔

Table – Host Protection XDR Interoperability

** Windows 2003 is not included

*** RHEL 6.x is not included

CMS Compatibility

With Third-Party Products

The table below lists the third-party products that CMS is compatible with

Third-Party Product	Notes
LDAP	CMS is compatible with Active Directory only. No other LDAP integration is supported
SAML	Only Okta is supported in SAML
Splunk	Both HTTPS (Default) and HTTP are supported
Zendesk
QRadar
Email Server
Syslog Server

Table – CMS Compatibility with Third Party Products

Supported Browser

Google Chrome is the supported browser for CMS

Was this article helpful?

What's Next

Compatibility Guide 2.10.x

Table of contents

Compatibility Matrix - Virtual Machines
Compatibility Matrix - Containers
Web Protection - Supported Application Server Technologies
Web Protection - Supported Web Server Versions
Web Protection - Supported Vulnerabilities
Buffer Exploit Protection - Qualified Applications
Host Protection - XDR Interoperability with VSP
CMS Compatibility