Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

4/6/2009
08:07 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Startup Promises Centralized Security, Control For Virtual Environments

New virtualization security firm HyTrust partners with VMWare, Citrix, Cisco, and Symantec

A new security startup launched today with an appliance that helps fill a gap that thus far has dogged the widespread adoption and implementation of virtualization -- the need for an automated, unified way to manage and secure the virtual infrastructure and ensure compliance.

Mountain View, Calif.-based HyTrust announced that on April 30 it will begin shipping the HyTrust Appliance, an all-in-one box that serves as a central point of control for the virtualization infrastructure. HyTrust, which has secured $5.5 million in Series A funding led by Trident Capital and Epic Ventures, came out of stealth mode today with some high-powered virtualization technology partners -- VMWare, Symantec, Cisco, and Citrix -- as well.

One of virtualization's big trade-offs is that the convenience and flexibility of streamlining apps and servers often leads to a loss of control and visibility into the environment, as well as the inability to ensure regulatory compliance. That has held back many organizations from going full-bore with virtualization.

"'Security' tools in virtualized environments are becoming less about pure security functions, like firewalls and IDP [intrusion detection and prevention], and much more focused on increasing the management and visibility of virtualization, and keeping pace with the velocity of change, configuration control, and compliance," says Christofer Hoff, an independent analyst and blogger. "HyTrust does so in a very elegant manner. Their approach is based on the old adage [that] you cannot manage that which you cannot see."

What's different about HyTrust's virtualization management and control approach is that it sits both physically and logically between the network and proxies all configuration requests -- in real-time, Hoff says. The closest thing thus far has been something like Catbird Networks' V-Security system, he says, which is more of a detection approach. "Catbird uses their [virtual] agent and a VM to tie into VMware's virtual center, and then when a change occurs, it can either alert or remediate -- like HyTrust's -- but theirs is really a reactive/detective approach since it is not inline."

HyTrust's automated system also maps any requests to specific user roles by integrating with Microsoft's Active Directory system. And any logging can then be mapped back directly to a single user, Hoff says.

To date, many organizations have been struggling to manually manage their change control in virtual environments, says Eric Chiu, CEO of HyTrust. "They just can't keep up [using that approach]," he says. "This [technology] is a central point of control over a virtual infrastructure on part with a physical" network, including automation and integration with directory services.

Chiu says the company has about a dozen beta customers, including Stanford Hospital and Clinics, which had been holding back on virtualizing any systems that contained patient record information due to HIPAA worries. "After testing [our appliance], they believe they have the ability to have a more secure virtual infrastructure than in their physical infrastructure," Chiu says.

But the main risk with HyTrust's centralized approach is that it can also present a single point of failure, too, Hoff says.

Meanwhile, VMWare has provided HyTrust with its source code for integration purposes, and HyTrust will work with Citrix to support its XEN environment. (It currently supports only VMware VI 3.0x, ESX 3.0x or higher, and ESXi). Cisco and HyTrust will work together on integrating HyTrust's technology with its new UTS servers, and Symantec's Alteris group plans to "ultimately" include support for HyTrust in its products, Chiu says.

The enterprise version of the HyTrust Appliance is priced at $7,500 for the physical appliance and $3,000 for a virtual application license. An ESC host-protection license is $1,000 for a two-CPU host. HyTrust also plans to offer a free virtual appliance, HyTrust Appliance: Community Edition, later this month for small companies to automate virtualization. It supports up to three ESX hosts.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Cybersecurity Team Holiday Guide: 2019 Gag Gift Edition
Ericka Chickowski, Contributing Writer,  12/2/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19647
PUBLISHED: 2019-12-09
radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input.
CVE-2019-19648
PUBLISHED: 2019-12-09
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.
CVE-2019-19642
PUBLISHED: 2019-12-08
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
CVE-2019-19637
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19638
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.