Shield assets from vulnerabilities

Ensure that you perform routine vulnerability checks on assets to maintain and improve the security posture of your network. Shield assets with critical vulnerabilities from attacks by enforcing policies (if the assets are not protected) or by removing policies for non-essential ports.

What does shielding do?

  • Shielding blocks vulnerable ports on the assets. Shielding does not fix the native vulnerabilities on the assets; you have to fix them manually with assistance from the software support teams.

  • If Xshield blocks the vulnerable port, the port is listed as a 'Shielded' port in the fly panel. Shielding does not remove the shielded port from the vulnerabilities listing in the fly panel to help you track the measures you've taken to subside vulnerabilities.

Shielding can be beneficial if you see vulnerabilities before you enforce policies (early in the Xshield adoption cycle) or after you enforce policies and during routine security monitoring exercises.

We strongly recommend that you fix the vulnerabilities associated with the open or shielded ports for a safer security posture.

Shield vulnerable assets

Unprotected assets

  • If you have not created workload groups and/or policies, quarantine the assets if the vulnerabilities pose a considerable risk of east-west prorogation in the network.

    See Quarantine assets for more details.

  • If you have created policies that do not include rules for the vulnerable ports on assets, enforce the policies on the workload group.

    Read create workload groups and enforce policies for more.

Protected assets

If you have enforced policies for a while now and outweigh the risk associated with the port compared to the service it offers, remove the policy for the port and enforce this change.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.