Compatibility Guide 2.11.x
  • 31 Aug 2024
  • 4 Minutes to read
  • Dark
    Light
  • PDF

Compatibility Guide 2.11.x

  • Dark
    Light
  • PDF

Article summary

About this Article

This guide lists the software compatibility information for VSP Web, Memory and Host Protection. The information provided covers the management infrastructure and supported server environments.


Compatibility Matrix - Virtual Machines

     

Operating SystemExecutable AllowlistingAppControl Policies
RHEL 6.5, 6.7/ CentOS 6.5, 6.7
RHEL 6.10 (32 bit)
RHEL7.6/ CentOS 7.6
RHEL8.0/ CentOS 8.0
RHEL9.0
UBUNTU16
UBUNTU18
UBUNTU20
UBUNTU22
DEBIAN-9/STRETCH
AMAZONLINUX-1
AMAZONLINUX-2
ORACLE LINUX 7.9
ORACLE LINUX 8.x
WINDOWS 2003 SP2 32-bit Standard Edition SP2 & 64-bit Enterprise Edition SP2
WINDOWS 2008 R2 Standard Edition (x64)
WINDOWS 2012 R2 Standard Edition
WINDOWS 2016 Standard Edition
WINDOWS 2019 Standard Edition
WINDOWS 2022 Standard Edition



Operating SystemMemory Exploit ProtectionBuffer Exploit Protection
RHEL 6.5, 6.7/ CentOS 6.5, 6.7
RHEL7.6/ CentOS 7.6✔*
RHEL8.0/ CentOS 8.0✔*
RHEL9.0✔*
UBUNTU16✔*
UBUNTU18✔*
UBUNTU20✔*
UBUNTU22✔*
DEBIAN-9/STRETCH✔*
AMAZONLINUX-1✔*
AMAZONLINUX-2✔*
WINDOWS 2008 R2 Standard Edition (x64)
WINDOWS 2012 R2 Standard Edition
WINDOWS 2016 Standard Edition
WINDOWS 2019 Standard Edition
WINDOWS 2022 Standard Edition


* All the Supported Kernel versions for MEP are listed in Artifactory JSON file: https://artifacts.virsec.work/ui/native/vsysi/vsp-vsysi-release-info.json


Operating SystemJavaPHPRORNode.js.NETOn Web Server
RHEL7.6/ CentOS 7.6NA
RHEL8.0/ CentOS 8.0NA
RHEL9.0
Version 2.11.1 and Above



NA
UBUNTU16NA
UBUNTU18NA
UBUNTU20NA
UBUNTU22

NA
AMAZONLINUX-2


NA
WINDOWS 2012 R2 Standard Edition



WINDOWS 2016 Standard Edition



WINDOWS 2019 Standard Edition



WINDOWS 2022 Standard Edition





Operating SystemSupported Versions
RHEL7.6, 8.0, 9.0
UBUNTU16, 18, 20, 22
AMAZONLINUX1, 2
WINDOWS

WINDOWS 2012  R2 Standard Edition

WINDOWS 2016 Standard Edition

WINDOWS 2019 Standard Edition

WINDOWS 2022 Standard Edition

Table – Compatibility Matrix for Virtual Machines

VSP is not supported for:
  • Workloads running SELinux or AppArmor in enforcing mode
  • Hosts running hypervisor: Example ESXi/Hyper-V/Zen/KVM

VM Hypervisors

VSP supports VMs hosted on the hypervisor environments: 

  • ESXi
  • AWS EC2
  • Nutanix


Compatibility Matrix - Containers

NOTE
CPM APIs are not available for Container-based environments


   

Operating SystemExecutable AllowlistingApp control Policies
RHEL7.6
UBUNTU16.04
UBUNTU18.04
UBUNTU20
DEBIAN-BUSTER-SLIM
DEBIAN-BUSTER
DEBIAN-STRETCH-SLIM
DEBIAN-STRETCH
ALPINE3.6
ALPINE3.7
ALPINE3.8
ALPINE3.9
ALPINE3.10
ALPINE3.11
ALPINE3.12
ALPINE3.13



Operating SystemBuffer Exploit Protection
RHEL7.6
UBUNTU18.04
UBUNTU20
DEBIAN-BUSTER-SLIM
DEBIAN-BUSTER
ALPINE3.6
ALPINE3.7
ALPINE3.8
ALPINE3.9
ALPINE3.10
ALPINE3.11
ALPINE3.12
ALPINE3.13



Operating SystemJavaPHPRORNode.jsOn Web Server
RHEL7.6
UBUNTU16.04
UBUNTU18.04
UBUNTU20
DEBIAN-BUSTER-SLIM



DEBIAN-STRETCH-SLIM



ALPINE3.13




Table – Compatibility Matrix for Containers

Container Orchestration Support

Table below provides Container Orchestration Support information:

Container Orchestration TypeVSP DeploymentWorkload DeploymentNotes
Kubernetes – KubectlSupported versions:
Kubernetes - 1.18, 1.19, 1.20, 1.21, 1.22
Docker Engine - 19.03
Helm Charts

Supported versions:
Helm 2, Helm 3 
Docker-only


Supported Docker Versions:
18.x, 19.x, 20.x
Amazon ECS on Fargate



Amazon ECS on EC2



Amazon EKS on EC2


Table – Container Orchestration Support


Web Protection - Supported Application Server Technologies

       


Web Protection - Supported Web Server Versions

The table below lists the supported Webserver Versions by VSP-Web – Web Server

Operating SystemNGINXApache
VMContainerVMContainer
RHEL7NGINX 1.16
Apache 2.4.6
RHEL8NGINX 1.18


UBUNTU16NGINX 1.10.3NGINX 1.10.3Apache 2.4.18Apache 2.4.18
UBUNTU18NGINX 1.14


UBUNTU20NGINX 1.18


Table – Supported Webserver Versions


Web Protection - Supported Vulnerabilities

The table below provides the supported vulnerabilities by VSP Web Protection

TypeJavaPHPRoRNode.js.NETWeb Protection on Web Server
Vulnerability
SQL Injection (SQLi)
Command Injection (CMDi)
Path Traversal (PT)
Local File Inclusion (LFI)
Remote File Inclusion (RFI)
Reflected-XSS
Stored-XSS
Carriage Return and Line Feed (CRLFi)
XML Injection*
Custom Injection
Protocol Enforcement
DOM-based Cross-Site Scripting (DOM-XSS) (Beta Feature)
Cross-Site Request Forgery (CSRF) (Beta Feature)



Logging
Class Load



Software Exception

Table – Web Protection – Supported Vulnerabilities

*XML Injection includes the below vulnerabilities:

  1. XML External Entity - PT/LFI
  2. XML External Entity - RFI
  3. Malicious input within XML for other supported vulnerability
  4. XML Bomb

The table below provides the supported vulnerabilities by VSP Web Protection options for each vulnerability

TypeAvailable InstrumentationAvailable Protection ModePossible Incident Type
Vulnerability
SQL Injection (SQLi)HTTP/ DEEPProtect/ DetectThreat/ Attack
Command Injection (CMDi)HTTP/ DEEPProtect/ DetectAttack
Path Traversal (PT)HTTP/ DEEPProtect/ DetectThreat/ Attack
Local File Inclusion (LFI)HTTP/ DEEPProtect/ DetectThreat/ Attack
Remote File Inclusion (RFI)HTTP/ DEEPProtect/ DetectAttack
Reflected-XSSDEEPProtect/ DetectThreat/ Attack
Stored-XSSDEEPProtect/ DetectAttack
Carriage Return and Line Feed (CRLFi)DEEPProtect/ DetectThreat/ Attack
XML Injection (XMLi)HTTP/ DEEPProtect/ DetectAttack
Custom InjectionHTTPProtect/ DetectAttack
Protocol EnforcementHTTPProtect/ DetectAttack
DOM-based Cross-Site Scripting (DOM-XSS)DEEPDetectAttack
Cross-Site Request Forgery (CSRF)DEEPProtect/ DetectAttack
Logging
Class LoadNANANA
Software ExceptionNANANA

Table – Web Protection – Available Options


Buffer Exploit Protection - Qualified Applications

NOTE:
VSP Memory is not supported when Intel® Transactional Synchronization Extensions (Intel® TSX) is enabled

For Virtual Machines

The table below lists the qualified Applications

Operating SystemNGINX 1.4NGINX 1.2Httpd 2.4Apache 2
RHEL 7


CentOS 7.9


Ubuntu 18


Ubuntu 20


AmazonLinux2

Table – Qualified Applications for VMs

For Containers

The table below lists the qualified Applications

Operating SystemNGINX 1.4Httpd 2.4Apache 2
Alpine 3.8

Alpine 3.10

Alpine 3.11

Alpine 3.12
Alpine 3.13
Debian Stretch Slim

Debian Buster Slim

Ubuntu 18.04

Ubuntu 20.04
RHEL 7.6
CentOS 7.9

Table – Qualified Applications for Containers


Host Protection - XDR Interoperability with VSP

The table below lists the Host Protection interoperability with various XDR products. Click here for more information on exclusions to be configured on these products.

XDR ProductWindows**Linux***
Cortex 7.8.1
Sophos (Intercept X Advanced for Server & Server Protection)
TrendMicro (Workload Security (Enterprise))
Comodo 12.16
Symantec (Data Center Security Server Advanced)
SentinelOne (Complete Protection Platform)

Table – Host Protection XDR Interoperability

** Windows 2003 is not included

*** RHEL 6.x is not included


CMS Compatibility

With Third-Party Products

The table below lists the third-party products that CMS is compatible with

Third-Party ProductNotes
LDAPCMS is compatible with Active Directory only. No other LDAP integration is supported
SAMLOnly Okta is supported in SAML
SplunkBoth HTTPS (Default) and HTTP are supported 
Zendesk
QRadar
Email Server
Syslog Server

Table – CMS Compatibility with Third Party Products

Supported Browser

Google Chrome is the supported browser for CMS




Was this article helpful?