Policy definition and automated enforcement for virtual infrastructure

HyTrust unveiled the HyTrust Appliance 1.5. Adding to the core capabilities of the previous version – centralized access control, template-based security configuration, and audit-quality log aggregation for the hypervisor – the appliance delivers enterprise-class, object-based policy management capability, built for security and compliance policy enforcement of virtual infrastructure.

HyTrust has pioneered a label-based approach for policy management that allows organizations to create policy-based categories for virtual infrastructure objects, allowing for better organization and more automated controls. Thus, the appliance enforces granular authorization of all virtual infrastructure management operations, according to user role, object, label, protocol and IP address.

This makes it easy for administrators to define virtual infrastructure policies and enforce them systematically – a task that previously forced organizations to use fixed boundaries to silo their environments, as well as to depend upon manual change control processes to keep track of changes in their environment.

The automated policy enforcement addresses the security and compliance concerns associated with the portability of virtual machines. With this new capability, organizations can now ensure that, for example, a virtual machine subject to PCI compliance can only run on a host (or cluster) that is specifically zoned for PCI, or that it may only connect to a specific secure network. Because HyTrust Appliance embeds the policy information inside the virtual machine, policy enforcement is ensured no matter where the virtual machine is moved.

Additional New Features:

  • Support for VMware vSphere (ESX 4.0 and vCenter 4.0)
  • Support for VMware ESXi (all versions)
  • Two-factor authentication including RSA SecureID
  • Label-based policy enforcement
  • VM-to-host and VM-to-network segment control
  • VM tag policy import
  • XACML policy import/export
  • AD policy import for virtual machine management.

HyTrust Appliance 1.5 Enterprise Edition will be generally available on August 24th, as will HyTrust Appliance 1.5 Community Edition – a free virtual appliance available for download via the Web.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss