"We welcome the current national interest in issues around data security, but at HyTrust our focus has always been on developing security automation technologies that enable organizations to benefit from large-scale virtualized datacenters without taking on additional risks," said Hemma Prafullchandra, CTO and senior vice president of products at HyTrust. "The release of HyTrust Appliance 3.5 is exactly in line with that mission--it provides enhanced insider threat detection for a virtual infrastructure without relying on integration with associated technologies, such as Security Information and Event Management (SIEM) systems, which are blind to the administrative activities of cloud environments. The customizable behavior-based and potential threat detection algorithms in this version automatically uncover risks missed by other solutions because it has the real-time context of all administrator activity and an inventory of the protected cloud and virtual infrastructures."
The new features in HyTrust Appliance 3.5 enable private clouds and virtualized data centers to prevent or contain damage caused by both employees and outsiders misusing administrator privileges. This might include copying a virtual machine with confidential data, deleting the entire virtual data center, or misconfiguring tenant specific workloads in shared infrastructure. The technology builds on the 'two-man rule' defense prized in a virtual infrastructure (the National Security Administration is currently implementing similar safeguards in its networks). The release also has a high level of flexibility: for example, organizations that want to quickly start observing and logging administrative activity before defining granular roles and access rules can simply use the new "monitor only" mode, which lets them remedy undesirable user behavior and refine roles before beginning to enforce strict access policies.
"As cloud-based and virtual infrastructures become the norm, customers need more advanced security technologies to reduce risks. One of the best methods of risk reduction is through role-based monitoring," said Judith Hurwitz, president of analyst and research firm Hurwitz & Associates. "Monitoring all operations based on assigned roles and issuing automatic alerts when behavioral patterns change is a good way to deflect risk without negatively affecting the workflow."
HyTrust Appliance 3.5 has additional features, such as enhanced capabilities to strengthen the security and compliance posture of cloud and virtual infrastructures by implementing support for VMware's Security Hardening Guide 5.1. The new release conducts more than three times as many configuration checks and remediation operations than it did before.
Availability & Pricing
HyTrust Appliance 3.5 is generally available now. Enterprise pricing starts at $63,750 for a single datacenter site with 20 ESXi CPU sockets. HyTrust Appliance Community Edition is also offered as a free version of the product that supports up to three hosts and is downloadable from the Web at www.hytrust.com/freetrial.
About HyTrust (www.hytrust.com)
Cloud Under Control&trade
Headquartered in Mountain View, CA, HyTrust® is the Cloud Security Automation (CSA) company. HyTrust delivers the essential real-time control, security, administrative account monitoring, logging and compliance assurance necessary to enable the benefits of cloud adoption and virtualization of critical workloads. The Company is backed by top tier investors VMware, Cisco Systems, Intel Corporation, In-Q-Tel, Fortinet, Granite Ventures, Trident Capital, and Epic Ventures; its partners include VMware, VCE, Symantec, CA, McAfee, Splunk; HP Arcsight, Accuvant, RSA and Intel Corporation.