Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

HyTrust Sees Growing Virtualization Problems, Partners With CA

Designated a "cool vendor" by Gartner in this year's risk management, privacy and compliance report, HyTrust apparently is looking to add a new moniker, perhaps "prophet of doom and gloom." The company is warning that more than 80% of organizations are not implementing virtualization and cloud infrastructure correctly, and are leaving themselves vulnerable to attack. And, in a related move, the developer of policy management and access control solutions for virtual infrastructure is also announcing a partnership with CA Technologies to improve security and compliance.

As organizations essentially collapse multiple, previously separate IT or data center domains--systems, storage and networking--as they increase their use of virtualization, they are facing attacks on their management layer, says Eric Chiu, president and founder of HyTrust. A good example of this threat, he says, is the Shionogi Pharma breach, where a former employee was able to log into his employer's network from a McDonald's and delete 15 VMware virtual host systems (the equivalent of 88 company servers). The systems were running the organization's email, order tracking, financial and other services.

Chiu says the data was collected from the more than 1,200 customer qualifications the company does annually. There are organizations already using virtualization, and close to 90% of them are not following best practices for virtualization. Further, more than half are moving to management control but are not addressing access controls. "Also, their admins are not using alert tools to let them know when bad things are happening, which puts them at risk like at Shionogi."

As for the CA partnership, Chiu says that combining the HyTrust Appliance with CA's access control and cloud automation solutions helps solve the issues involved in enforcement of end-to-end security policies and compliance controls. The two companies have a number of joint customers, and, with CA being the largest player in this segment, it just made sense to go to market together. Chiu says more details will be forthcoming within the next few weeks. HyTrust also plans to announce a new partnership with Trend Micro around the provision of combined reporting for virtual security.

The CA partnership is a good move, says Dave Bartoletti, senior analyst and consultant, Taneja Group. "I think it’s a very wise choice to partner with a leader [30% market share makes CA a strong contender for leader] and get it right, before trying to build out a larger partner ecosystem. HyTrust has smartly recognized that, as a small firm, they can only effectively manage a limited number of partnerships. I expect them to prove out the CA integration before expanding."

Bartoletti says that too many startups try to partner with too many partners--the "we’ll work with anyone" strategy, to avoid any market limitations. "In practice, we see this in the management space, with every little management vendor touting support for Vmware, MSFT, Xen, RHT, etc. ... The risk is you end up with a 'good enough' solution for any platform, rather than a great solution for one. I think it’s the biggest challenge in the virtualization and cloud management ecosystem: If you’re going to stand out, multiplatform support (or integrating with everyone) isn’t much of a differentiator. You’ve got to build a better mousetrap. And HyTrust still has a unique focus on securing the management plane. I’m glad they are staying focused."

As for HyTrust's warnings, Bartoletti agrees there are valid concerns. "Security is always a trailing feature in disruptive technologies, and securing the management plane has become more important with every IT element that’s virtualized." The reality is that virtual servers are much more portable and transient--and more easily messed with--he says, so enterprises do have to think differently about how they can be attacked, how they can be killed, and how they must be protected.

"The good news is that HyTrust has been laser-focused on these problems from their founding days," Bartoletti says. "As the bigger enterprises move business-critical workloads to virtual machines, they have an established vendor to help them protect their workloads from multiple attack vectors, and from multiple types of administrative dangers.”

See more on this topic by subscribing to Network Computing Pro Reports Security That Never Sleeps (subscription required).

Related Reading

More Insights

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

WAN Security Reports

Research and Reports

Network Computing: April 2013

TechWeb Careers