HyTrust Launches Security Appliance

Today HyTrust launched its flagship product, the HyTrust Appliance, a security solution that is designed to centralize the control, management, and visibility for virtualized environments, in particular VMware Infrastructure environments. The HyTrust appliance achieves this through a number of key features:

  • The HyTrust Appliance provides integration with Active Directory or other LDAP-based directory services to enable centralized authentication. This allows organizations to leverage existing directory services for authentication, both for access via the VI Client or via SSH to the Service Console.
  • The HyTrust Appliance enables role-based access controls. These role-based access controls are defined in the appliance and permit organizations to control commands run in the Service Console as well as operations performed via the VI Client and vCenter Server.
  • The HyTrust Appliance provide secure logging and auditing functionality for all actions. Again, this logging occurs for every command and every action that is taken via any access method.

Since all traffic runs through the HyTrust Appliance, the solution has complete visibility and thus complete control over the traffic moving to or from the VMware ESX hosts. A number of different configurations are available for inserting the HyTrust Appliance into the flow of traffic, including using a different VLAN for ESX management traffic as well as a proxied configuration. The HyTrust Appliance can also ensure that the hosts it is protecting are configured to only accept traffic from the HyTrust Appliance itself, thus further ensuring that all access and actions are seen, controlled, and recorded.

The HyTrust Appliance will be available as both a hardware appliance as well as a virtual appliance. HyTrust also plans to make available a Community Edition at no charge; the Community Edition will support up to 3 VMware ESX hosts.

For more information, visit the HyTrust web site.

Tags: , , , ,

  1. Christofer Hoff’s avatar

    Hey Scott, I had the HyTrust briefing on Friday, so I just wanted to make sure I didn’t miss something when you said:

    “Since all traffic runs through the HyTrust Appliance, the solution has complete visibility and thus complete control over the traffic moving to or from the VMware ESX hosts. ”

    <– You mean that all MANAGEMENT traffic runs through the appliance, not ALL traffic. You have control over all MANAGEMENT traffic…correct? HyTrust does NOT proxy all traffic in and out of hosts/guests.


  2. slowe’s avatar

    Chris, you are absolutely correct–only the management traffic travels through the HyTrust appliance. Thanks for the clarification!

  3. Jason Young’s avatar

    Apologies for the shameless promotion, but there’s no link to the HyTrust web site here so I thought I’d provide it as a courtesy to your readers… ;)


    Thanks again for the coverage, Scott.


  4. slowe’s avatar

    Thanks, Jason. When I posted the article, the HyTrust web site wasn’t yet live, so I couldn’t embed a link.

    BTW, you’re welcome to post shameless promotion here, as long as there is full disclosure of who you are and what your affiliations are. Vendors posting shameless promotion but trying to hide their identity don’t get too far with me.


Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>