Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/6/2009
08:07 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Startup Promises Centralized Security, Control For Virtual Environments

New virtualization security firm HyTrust partners with VMWare, Citrix, Cisco, and Symantec

A new security startup launched today with an appliance that helps fill a gap that thus far has dogged the widespread adoption and implementation of virtualization -- the need for an automated, unified way to manage and secure the virtual infrastructure and ensure compliance.

Mountain View, Calif.-based HyTrust announced that on April 30 it will begin shipping the HyTrust Appliance, an all-in-one box that serves as a central point of control for the virtualization infrastructure. HyTrust, which has secured $5.5 million in Series A funding led by Trident Capital and Epic Ventures, came out of stealth mode today with some high-powered virtualization technology partners -- VMWare, Symantec, Cisco, and Citrix -- as well.

One of virtualization's big trade-offs is that the convenience and flexibility of streamlining apps and servers often leads to a loss of control and visibility into the environment, as well as the inability to ensure regulatory compliance. That has held back many organizations from going full-bore with virtualization.

"'Security' tools in virtualized environments are becoming less about pure security functions, like firewalls and IDP [intrusion detection and prevention], and much more focused on increasing the management and visibility of virtualization, and keeping pace with the velocity of change, configuration control, and compliance," says Christofer Hoff, an independent analyst and blogger. "HyTrust does so in a very elegant manner. Their approach is based on the old adage [that] you cannot manage that which you cannot see."

What's different about HyTrust's virtualization management and control approach is that it sits both physically and logically between the network and proxies all configuration requests -- in real-time, Hoff says. The closest thing thus far has been something like Catbird Networks' V-Security system, he says, which is more of a detection approach. "Catbird uses their [virtual] agent and a VM to tie into VMware's virtual center, and then when a change occurs, it can either alert or remediate -- like HyTrust's -- but theirs is really a reactive/detective approach since it is not inline."

HyTrust's automated system also maps any requests to specific user roles by integrating with Microsoft's Active Directory system. And any logging can then be mapped back directly to a single user, Hoff says.

To date, many organizations have been struggling to manually manage their change control in virtual environments, says Eric Chiu, CEO of HyTrust. "They just can't keep up [using that approach]," he says. "This [technology] is a central point of control over a virtual infrastructure on part with a physical" network, including automation and integration with directory services.

Chiu says the company has about a dozen beta customers, including Stanford Hospital and Clinics, which had been holding back on virtualizing any systems that contained patient record information due to HIPAA worries. "After testing [our appliance], they believe they have the ability to have a more secure virtual infrastructure than in their physical infrastructure," Chiu says.

But the main risk with HyTrust's centralized approach is that it can also present a single point of failure, too, Hoff says.

Meanwhile, VMWare has provided HyTrust with its source code for integration purposes, and HyTrust will work with Citrix to support its XEN environment. (It currently supports only VMware VI 3.0x, ESX 3.0x or higher, and ESXi). Cisco and HyTrust will work together on integrating HyTrust's technology with its new UTS servers, and Symantec's Alteris group plans to "ultimately" include support for HyTrust in its products, Chiu says.

The enterprise version of the HyTrust Appliance is priced at $7,500 for the physical appliance and $3,000 for a virtual application license. An ESC host-protection license is $1,000 for a two-CPU host. HyTrust also plans to offer a free virtual appliance, HyTrust Appliance: Community Edition, later this month for small companies to automate virtualization. It supports up to three ESX hosts.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-14230
PUBLISHED: 2019-07-21
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the set_count ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged user ...
CVE-2019-14231
PUBLISHED: 2019-07-21
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an unauthenticated/un...
CVE-2019-14207
PUBLISHED: 2019-07-21
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling the clone function due to an endless loop resulting from confusing relationships between a child and parent object (caused by an append error).
CVE-2019-14208
PUBLISHED: 2019-07-21
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a NULL pointer dereference and crash when getting a PDF object from a document, or parsing a certain portfolio that contains a null dictionary.
CVE-2019-14209
PUBLISHED: 2019-07-21
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.