HyTrust 3.0 Inhibits Virtual Data Center, Audit Failures

New “secondary approval” feature safeguards companies against costly operational downtime, internal security breaches.

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

HyTrust has updated its HyTrust Appliance to version 3.0 to include a “secondary approval” feature that enforces the “two-person rule” -- which has been a pivotal development in other mission-critical operations as well -- and automates workflows.

The secondary approval features prevents risk, whether caused by unintended or malicious actions, to virtual machines (VMs), critical applications and data, and, ultimately, business operations. With HyTrust Appliance 3.0, enterprises can, with even greater control, virtualize more while safely realizing the vast benefits of virtualization (financial reward, business efficiency, operational flexibility, etc.) and ensuring compliance with industry and regulatory mandates.

Eric Chiu, founder and president, HyTrust, explains: “According to U.S. Air Force Instruction (AFI) 91-104, the two-person rule was designed to prevent the accidental or malicious launch of nuclear weapons by a single individual. Similarly, HyTrust’s new [secondary approval] feature mandates designated approvers authorize high-impact operations prior to users with administration privileges being able to execute actions that can impact the business or even bring down the entire data center.”

VMware and other virtualisation platforms do not provide adequate control, including viable methods of requiring additional level(s) of approval for actions that can result in negative consequences. So-called “privileged users” of an organization’s virtualization platform typically have much greater administrative power than counterparts who manage physical data center infrastructure. They can copy, power off, or delete a business-critical VM -- accidentally or intentionally -- with a few clicks from any location in the world, or any device. If it results in financial hits, where operational downtime costs organizations tens of thousands per hour, compliance violations or an internal security breach, the cost is too high. Recent publicized incidents of privileged users taking down virtual data center operations attest to the large financial hits that enterprises can -- and have -- taken when adequate virtualization controls were not in place. For the most part, however, such events go unreported.

HyTrust Appliance 3.0 also features:

  • Advancements for secure multi-tenant private clouds, including enhanced virtual network segmentation

  • Labels for VMs and other virtual resources for greater policy enforcement and prevention of a cloud tenant’s privileged users from gaining access to another’s applications or data

  • Security and compliance usability, as well as availability, performance and scalability enhancements

HyTrust Appliance 3.0 is generally available now. HyTrust Appliance Enterprise Edition is licensed at $750 per CPU for each ESX or EXSi host. HyTrust Appliance Community Edition is also offered as a free, full-featured version of the product that supports up to three hosts and is downloadable from the Web at www.hytrust.com/freetrial.