Catbird, Hytrust Offer Integrated Virtualization Compliance Reporting

Virtualization security companies Hytrust and Catbird will offer integrated compliance reporting that encompasses the hypervisor-host and network environment down through the virtual machine level. Catbird vSecurity, delivered either as a hosted service or virtual appliance, ensures correct hypervisor configuration and deploys network access control (NAC) against unauthorized access and protection against attack via IDS/IPS. Its VMShield component protects client VMs, tracks them as they move an

July 14, 2010

3 Min Read
Network Computing logo

Virtualization security companies Hytrust and Catbird will offer integrated compliance reporting that encompasses the hypervisor-host and network environment down through the virtual machine level. Catbird vSecurity, delivered either as a hosted service or virtual appliance, ensures correct hypervisor configuration and deploys network access control (NAC) against unauthorized access and protection against attack via IDS/IPS. Its VMShield component protects client VMs, tracks them as they move and enforces policy.

"We'll be taking information from the HyTrust system and incorporating it into Catbird's workflow and reporting mechanisms," said Edmundo Costa, Catbird CEO. There will be a single point of reporting, so the customer knows where he stands at any given time." HyTrust Appliance is designed to manage the virtual infrastructure. It provides access control, authentication and authorization, policy management, security configuration management and auditable log aggregation. Both products are tightly integrated with VMware and can be managed through a vCenter tab. "Virtualization is taking over the data center, and all these workloads are being run over hypervisors," said HyTrust CEO Eric Chiu. "Companies have a need to provide compliance for the entire systems, from VMs to the virtualization platform."

The HyTrust reporting to be integrated will generally fall into three categories:

  • Granular audit data of all virtual infrastructure operations (Anything that happens in vCenter or the host.)

  • Host configuration posture, either predefined with standard benchmark, such as the Center for Internet Security or PCI or enterprises custom configuration standards. (HyTrust configuration information can be ported in CSV format.)

  • What policies are in place -- both role and object level defined policies. (Policy information is in XML format, which can be exported.).

So, for example, policies may be based on different roles for different VM workloads on the host. VMs that fall under PCI may be subject to one group, testing VMs under developers, DMZ clients controlled by IT, and IDS/IPS falling under security.

The companies expect the integrated reporting to be complete some time in Q1 next year. In the meantime, they offering HyTrust-Catbird bundle at reduced price to customers who purchase both. Catbird is entirely channel driven, and the companies will leverage their channel partners to push the combined offering in regulated markets, particularly government, financial services, retail and health care.

The primary focus now is on data centers, where most virtualization technology is being deployed, as organizations look for savings in space, energy and hardware costs via consolidation. However, the vendors see increased application in private private-public hybrid cloud environments as cloud computing matures. Chiu said they are working with a couple of large service providers in the hybrid market to extend controls from the data center to the cloud as a premium service.One of the big needs in hybrid environment is making sure you can extend controls, security and policy out  to the cloud provider," said Chiu, "and have the same visibility into audit log data to make sure those controls are in place." That requires a certain amount of transparency into or control over public cloud security operations. The lack of transparency is frequently cited as a key reason enterprises are reluctant to put critical operations and/or sensitive data into the cloud. Costa thinks that will change over time as organizations demand greater control. "It's going to be customer driven," he said. "If an organization is moving things to shared infrastructure, whether private cloud, shared or true public cloud, the need for security and compliance is very intuitive. Customers will make increasing demands about these controls as they become more savvy about risk."

The HyTrust-Catbird "starter kit" bundle is available through resellers, starting at $25,000 for 10 VMware hosts (20 sockets).

Once your agency has completed the business case for deploying a private cloud, how do you actually move ahead with your data center transformation? In this InformationWeek Government Webcast, we'll explore steps to get you there. It happens Aug. 11. Register now.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
More Insights