Hytrust Appliance 1.5 Enables Policy Definition, Automated Enforcement for Virtual Infrastructure

Addresses critical security and compliance issues associated with portability and remote management of virtual machines

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

HyTrust Inc. has updated HyTrust Appliance. The hardware, which supplies centralized access control, template-based security configuration, and audit-quality log aggregation for the hypervisor, now provides enterprise-class, object-based policy management built for security and compliance policy enforcement of virtual infrastructure. HyTrust has also added new features such as expanded VMware platform support.

HyTrust has pioneered a label-based approach for policy management (similar to Web 2.0 “tagging”) that allows organizations to create policy-based categories for virtual infrastructure objects, allowing for better organization and more automated controls. HyTrust Appliance 1.5 enforces granular authorization of all virtual infrastructure management operations according to user role, object, label, protocol, and IP address. This makes it easy for administrators to define virtual infrastructure policies and enforce them systematically -- a task that previously forced organizations to use fixed boundaries to silo their environments, as well as to depend upon manual change-control processes to keep track of changes in their environment. With HyTrust, enterprises can embrace a single internal-cloud environment in which policies are not only automatically enforced, but also updated dynamically with the infrastructure.

The automated policy enforcement in HyTrust Appliance 1.5 specifically addresses the potentially serious security and compliance concerns associated with the portability of virtual machines. With this new capability, organizations can now ensure that, for example, a virtual machine subject to PCI compliance can only run on a host (or cluster) that is specifically zoned for PCI, or that it may only connect to a specific “secure” network. Because HyTrust Appliance embeds the policy information inside the virtual machine, policy enforcement is ensured no matter where the virtual machine is moved.

Additional New Features

Other major new features and capabilities in HyTrust Appliance 1.5 include:

  • Support for VMware vSphere (ESX 4.0 and vCenter 4.0)
  • Support for VMware ESXi (all versions)
  • Two-factor authentication including RSA SecureID
  • Label-based policy enforcement
  • VM-to-host and VM-to-network segment control
  • VM tag policy import
  • XACML policy import/export
  • AD policy import for virtual machine management

Availability and Pricing

HyTrust Appliance 1.5 Enterprise Edition will be generally available on August 24th, as will HyTrust Appliance 1.5 Community Edition -- a free virtual appliance available for download via the Web. The Community Edition allows protection for up to three hosts and offers an excellent way for small organizations to bring automated virtualization best practices into their environments.

More information is available at www.hytrust.com.