Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/6/2009
08:07 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Startup Promises Centralized Security, Control For Virtual Environments

New virtualization security firm HyTrust partners with VMWare, Citrix, Cisco, and Symantec

A new security startup launched today with an appliance that helps fill a gap that thus far has dogged the widespread adoption and implementation of virtualization -- the need for an automated, unified way to manage and secure the virtual infrastructure and ensure compliance.

Mountain View, Calif.-based HyTrust announced that on April 30 it will begin shipping the HyTrust Appliance, an all-in-one box that serves as a central point of control for the virtualization infrastructure. HyTrust, which has secured $5.5 million in Series A funding led by Trident Capital and Epic Ventures, came out of stealth mode today with some high-powered virtualization technology partners -- VMWare, Symantec, Cisco, and Citrix -- as well.

One of virtualization's big trade-offs is that the convenience and flexibility of streamlining apps and servers often leads to a loss of control and visibility into the environment, as well as the inability to ensure regulatory compliance. That has held back many organizations from going full-bore with virtualization.

"'Security' tools in virtualized environments are becoming less about pure security functions, like firewalls and IDP [intrusion detection and prevention], and much more focused on increasing the management and visibility of virtualization, and keeping pace with the velocity of change, configuration control, and compliance," says Christofer Hoff, an independent analyst and blogger. "HyTrust does so in a very elegant manner. Their approach is based on the old adage [that] you cannot manage that which you cannot see."

What's different about HyTrust's virtualization management and control approach is that it sits both physically and logically between the network and proxies all configuration requests -- in real-time, Hoff says. The closest thing thus far has been something like Catbird Networks' V-Security system, he says, which is more of a detection approach. "Catbird uses their [virtual] agent and a VM to tie into VMware's virtual center, and then when a change occurs, it can either alert or remediate -- like HyTrust's -- but theirs is really a reactive/detective approach since it is not inline."

HyTrust's automated system also maps any requests to specific user roles by integrating with Microsoft's Active Directory system. And any logging can then be mapped back directly to a single user, Hoff says.

To date, many organizations have been struggling to manually manage their change control in virtual environments, says Eric Chiu, CEO of HyTrust. "They just can't keep up [using that approach]," he says. "This [technology] is a central point of control over a virtual infrastructure on part with a physical" network, including automation and integration with directory services.

Chiu says the company has about a dozen beta customers, including Stanford Hospital and Clinics, which had been holding back on virtualizing any systems that contained patient record information due to HIPAA worries. "After testing [our appliance], they believe they have the ability to have a more secure virtual infrastructure than in their physical infrastructure," Chiu says.

But the main risk with HyTrust's centralized approach is that it can also present a single point of failure, too, Hoff says.

Meanwhile, VMWare has provided HyTrust with its source code for integration purposes, and HyTrust will work with Citrix to support its XEN environment. (It currently supports only VMware VI 3.0x, ESX 3.0x or higher, and ESXi). Cisco and HyTrust will work together on integrating HyTrust's technology with its new UTS servers, and Symantec's Alteris group plans to "ultimately" include support for HyTrust in its products, Chiu says.

The enterprise version of the HyTrust Appliance is priced at $7,500 for the physical appliance and $3,000 for a virtual application license. An ESC host-protection license is $1,000 for a two-CPU host. HyTrust also plans to offer a free virtual appliance, HyTrust Appliance: Community Edition, later this month for small companies to automate virtualization. It supports up to three ESX hosts.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Exactly
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7734
PUBLISHED: 2020-09-22
All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.
CVE-2020-6564
PUBLISHED: 2020-09-21
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
CVE-2020-6565
PUBLISHED: 2020-09-21
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2020-6566
PUBLISHED: 2020-09-21
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2020-6567
PUBLISHED: 2020-09-21
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.