Today HyTrust launched its flagship product, the HyTrust Appliance, a security solution that is designed to centralize the control, management, and visibility for virtualized environments, in particular VMware Infrastructure environments. The HyTrust appliance achieves this through a number of key features:
- The HyTrust Appliance provides integration with Active Directory or other LDAP-based directory services to enable centralized authentication. This allows organizations to leverage existing directory services for authentication, both for access via the VI Client or via SSH to the Service Console.
- The HyTrust Appliance enables role-based access controls. These role-based access controls are defined in the appliance and permit organizations to control commands run in the Service Console as well as operations performed via the VI Client and vCenter Server.
- The HyTrust Appliance provide secure logging and auditing functionality for all actions. Again, this logging occurs for every command and every action that is taken via any access method.
Since all traffic runs through the HyTrust Appliance, the solution has complete visibility and thus complete control over the traffic moving to or from the VMware ESX hosts. A number of different configurations are available for inserting the HyTrust Appliance into the flow of traffic, including using a different VLAN for ESX management traffic as well as a proxied configuration. The HyTrust Appliance can also ensure that the hosts it is protecting are configured to only accept traffic from the HyTrust Appliance itself, thus further ensuring that all access and actions are seen, controlled, and recorded.
The HyTrust Appliance will be available as both a hardware appliance as well as a virtual appliance. HyTrust also plans to make available a Community Edition at no charge; the Community Edition will support up to 3 VMware ESX hosts.
For more information, visit the HyTrust web site.