New HyTrust Offering Addresses Cloud Security Worries
Robert J. Mullins
September 01, 2010
HyTrust, a provider of access control and policy enforcement security for virtualization, is introducing a new tool that works with market-leading VMware virtualization software. The HyTrust Cloud Control product is intended to address one of the key concerns of enterprises considering moving their applications off-site to a multi-tenant public cloud service where their apps would be running along side those of other enterprises. As many industry experts have said, Coca-Cola is not going to want its data running in the same data center used by Pepsi.
Cloud Control allays such concerns with strong authentication and role-based access control along with the creation of audit logs that certify that an enterprise's data is protected. The technology makes it easier for a cloud customer to see who has and who doesn't have access to their cloud applications. Cloud Control is integrated with VMware's vCloud Director, which companies already managing a virtual environment use to expand IT capacity or migrate applications to the public cloud.
HyTrust is also upgrading its appliance for virtualization management to version 2.1, adding a partitioning capability so that administrators and system engineers can get access to information they need but is blocked from other information they're not authorized to see. While someone from Intel has access to see how their virtual servers are performing, they can't see AMD's resources in the same data center and vice-versa. Version 2.1 also regulates access to virtualization resources at the network layer, specifically supporting Cisco Nexus v1000 switches. The HyTrust Appliance, which will be available in early September, will be priced at $750 per CPU for each VMware ESX hypervisor host.
HyTrust is also expanding its partnership with security vendor RSA, adding interoperability with RSA's enVision log management solution for Security Information and Event Management (SIEM). The HyTrust appliance integrates well with RSA enVision because enVision analyzes audit logs generated by the appliance, noted Dave Bartoletti, senior analyst withThe Taneja Group, a research firm. "The HyTrust Appliance is collecting great information but integrating with RSA lets them put it in a repository and then do the analytics. Collecting all that information is useless unless you have something to analyze it," Bartoletti said. HyTrust has been early to market with technology that addresses security issues that weren't top-of-mind with customers when virtualization technology was first adopted.
"How are they going to convince me that the same administrator isn't logging into [both] Pepsi's and Coke's machines?" Bartoletti asks. Now that companies are going beyond virtualization in their own data centers and considering moving to the cloud, they need assurances from cloud service providers that their data will be protected, particularly in those multi-tenant environments.