HyTrust provides virtualization security, compliance, and access control solutions for VMware-based virtual infrastructure. It helps organizations to streamline security and compliance reporting for virtualized and cloud computing environments.
Software-defined data centers is the hot topic
“Starting with HyTrust, the security and compliance solutions provider is upgrading its virtualization appliance with the purpose of enabling enterprises to more easily virtualize mission-critical applications and deploy multi-tenant private clouds without taking on “unacceptable risks.”
These potential risks include potential damage caused by both employees and outsiders misusing VMware vSphere administrator privileges. A more specific example provided by HyTrust is an employee copying a virtual machine with confidential data, deleting the entire virtual data center, or misconfiguring tenant environments in shared infrastructure.
To prevent such mishaps, the update for the HyTrust Appliance 3.5 includes customizable behavior-based and threat-detection algorithms as well as support for the VMware Security Hardening Guide to conduct more than three times as many server configuration checks and remediation operations than before”. Source ZDNet – Rachel King
“HyTrust Appliance enables enterprises to virtualize mission critical applications and deploy multi-tenant private clouds without taking on large, unacceptable risks. It establishes visibility and accountability, defeats sophisticated attacks, and limits the impact of administrative mistakes by providing:
- Real time monitoring, threat detection, and alerting of suspicious vCenter account activity Fine-grained role-based and resource-based authorization, enforcing separation of duties and least privilege, need-to-know access
- Audit-quality logs that enable complete audit trails tied to individual users’ activity Strong, multi-factor authentication to protect access to the virtualization platform
- Hypervisor configuration hardening to ensure platform integrity”
Virtualization Review selects HyTrust as Security Virtualization
best of breed:
“The Edward Snowden incident is just one in a long line of security breaches that has many enterprises wondering how secure data can be in the cloud. HyTrust aims to give enterprises some peace of mind by stopping up the gaps in enterprise security, especially the most important one: the system administrator. No longer will sysadmins be able to roam with the utmost privilege. This isn’t meant as a knock, but really it’s to protect sysadmins from themselves”.
Two Man Rule
The insider threat has come into greater focus in the wake of Edward Snowden’s admission that he leaked government secrets. The director of the NSA, Gen. Keith B. Alexander, said his agency would institute “a two-person rule” that would limit the ability of each of its 1,000 system administrators to gain unfettered access to the entire system, write the New York Times’ Christopher Drew and Somini Sengupta.
“The scariest threat is the systems administrator,” said Eric Chiu, president of our own HyTrust quoted in the New York Times, Wall Street Journal, USA Today, and numerous other media outlets. “The system administrator has god-like access to systems they manage.”
HyTrust announced this week a further $18.5 million of funding from new investors Intel Capital and Fortinet who join an impressive list of existing investors namely: VMware, Cisco, In-Q-Tel, Granite Ventures, Trident Capital and Epic Ventures.
“The new funding will support the company’s rapid growth and operations, particularly in the areas of sales and marketing, and enable continued development on the cloud security platform as well as innovations in important technological areas such as Role-Based Monitoring (RBM)”. Source – HyTrust Press Release
HyTrust is in start-up mode and has c.100 customers which are typically large corporations and there is talk that the company is likely to be bought out by one of it’s own investors, for example Cisco or VMware.
HyTrust products provide high insurance around authentication and authorisation for VMware environments.
This capability is coined by Eric Chiu as a “Route of Trust”
Trust Management within the cloud environment
Use Intel TXT, VMWare Hypervisor and HyTrust to enforce a trusted compute pool