Adding to the core capabilities of HyTrust Appliance 1.0—centralized access control, template-based security configuration, and audit-quality log aggregation for the hypervisor—HyTrust Appliance 1.5 delivers the first enterprise-class, object-based policy management capability, built specifically for security and compliance policy enforcement of virtual infrastructure. (See "How it Works" below.) And, in the new version, HyTrust has also added additional new features (again, more details below) such as expanded VMware platform support.
"Building on the success of HyTrust's initial product launch earlier this year, the company is again delivering a solution that will help accelerate the wave of virtualization deployment that is sweeping across enterprise datacenters," said Eric Chiu, president and CEO of HyTrust. "The policy definition and automated enforcement capabilities available in HyTrust Appliance 1.5 enable unprecedented, proactive control over the critical elements of virtualized infrastructure."
How it Works HyTrust has pioneered a label-based approach for policy management (similar to Web 2.0 "tagging") that allows organizations to create policy-based categories for virtual infrastructure objects, allowing for better organization and more automated controls. Thus, HyTrust Appliance 1.5 now enforces granular authorization of all virtual infrastructure management operations, according to user role, object, label, protocol and IP address. This makes it easy for administrators to define virtual infrastructure policies and enforce them systematically—a task that previously forced organizations to use fixed boundaries to silo their environments, as well as to depend upon manual change control processes to keep track of changes in their environment. With HyTrust, enterprises can embrace a single internal-cloud environment in which policies are not only automatically enforced, but also updated dynamically with the infrastructure.
The automated policy enforcement in HyTrust Appliance 1.5 specifically addresses the potentially serious security and compliance concerns associated with the portability of virtual machines. With this new capability, organizations can now ensure that, for example, a virtual machine subject to PCI compliance can only run on a host (or cluster) that is specifically zoned for PCI, or that it may only connect to a specific "secure" network. Because HyTrust Appliance embeds the policy information inside the virtual machine, policy enforcement is ensured no matter where the virtual machine is moved.
"In collaboration with HyTrust partners Cisco and VMware, we have identified a common customer request, which is to ensure that virtual machines connect only to appropriate network segments per policy," added Chiu. "HyTrust Appliance 1.5 automates virtual infrastructure policy enforcement to ensure that virtual machines connect to the right networks and port groups, for both Cisco Nexus 1000v and VMware Distributed Switch."
David Bartoletti, senior analyst and consultant, Taneja Group, said: "This is a slick solution. Using HyTrust, enterprises are able to centrally and cost-effectively enforce policy directly on virtual objects to ensure control and visibility. HyTrust's automated policy management approach not only addresses the dynamic nature of virtualization but also the need for consistency, centralization, and compliance."
Additional New Features Other major new features and capabilities in HyTrust Appliance 1.5 include: - Support for VMware vSphere (ESX 4.0 and vCenter 4.0) - Support for VMware ESXi (all versions) - Two-factor authentication including RSA SecureID - Label-based policy enforcement - VM-to-host and VM-to-network segment control - VM tag policy import - XACML policy import/export - AD policy import for virtual machine management
Demo at VMworld The new version of HyTrust Appliance will be on display at the HyTrust Booth (#2432) at VMworld 2009 at the Moscone Center in San Francisco, California, from August 31—September 3. To pre-arrange a demo and briefing, please email us ([email protected]).
Availability and Pricing HyTrust Appliance 1.5 Enterprise Edition will be generally available on August 24th, as will HyTrust Appliance 1.5 Community Edition—a free virtual appliance available for download via the Web. The Community Edition allows protection for up to three hosts and offers an excellent way for small organizations to bring automated virtualization best practices into their environments.
About HyTrust (www.hytrust.com) HyTrust, headquartered in Mountain View, CA, is an exciting young company focused on virtualization platform control, security and compliance. Solutions enable I.T. to gain control and visibility over their virtual infrastructure production environments. It also enables them to meet regulatory compliance requirements and respond more quickly and effectively to compliance audits. Fortune 500 enterprises and industry analysts have validated the HyTrust approach to addressing this billion-dollar market. The Company is backed by top tier investors Trident Capital and Epic Ventures; its partners include VMware (NYSE: VMW); Symantec (Nasdaq: SYMC); Citrix (Nasdaq: CTXS); Cisco (Nasdaq: CSCO); and RSA (NYSE: EMC).