HyTrust is entering the virtualization arena today with HyTrust Appliance, which serves as a central point of control, management and visibility for virtualized environments. The company also announced it’s launching with venture capital backing to the tune of $5.5 million, a Series A funding round which was led by Trident Capital and joined by Epic Ventures.
VirtSec nowadays is less about those familiar ‘pure’ security functions like FireWalls (FW) or Intrusion Detection (IDS), but much more about the configuration control and compliance of virtualized environments. HyTrust claims to provide such centralized control, compliance,directory integration and security – requirements that become mission critical as virtual infrastructures scale up and production applications get virtualized. Readers of this blog, probably already know that in addition to immediate cost savings, virtualization enables a more flexible and dynamic infrastructure that can quickly morph to meet changing needs of any organization.
The fresh HyTrust single point of control seems to be competing with Reflex Virtualization Management Center (VMC), Third Brigade Deep Security and an established suite of products from Catbird V-Security such as VMShield, HypervisorShield and VMPolicyCompliance. However during our interview with Eric Chiu (CEO HyTrust), he was confident that HyTrust is different by “really focusing on the underlying virtual infrastructure itself. HyTrust authenticates traffic across 5 VMware application interfaces and centrally enforces policies through role based access control. HyTrust single point of control and hypervisor security really ensures what is allowed to happen and what not.” Questioned on the introduction of a yet another single point of failure or potential security flaw, Chiu was confident that HyTrust “is even more secure than VMware vCenter, since our appliance runs on a hardened Linux OS, without command line interface and its use is strictly limited to the provided User Interface.” It goes without saying that known malicious penetration attempts, scans and probes were tested too. Apart form the current exclusive support for VMware ESX, Chiu confirmed to Simon Crosby they would come up with support for Citrix XenServer and also Microsoft Hyper-V later this year. “Our go-to-market strategy started with the VMWare enterprise datacenter customers, but we are already in talk with 3 leading Vmware cloud providers.” When it comes to cloud computing, Chiu sees 2 main scenario’s. First the ‘internal cloud’-approach (aka located in-house, owned & internally managed by an organization), where HyTrust can provide a purpose built lasso around such corporate cloud environment. The second approach involves external cloud providers (located off-premise & managed by a third party provider) and could still make customers achieve compliance in an easy way by implementing Hytrust as a virtual appliance into that cloud offering.
Due to significantly higher rate of change in virtual infrastructure, automated controls are necessary to ensure that security and operational readiness is on par with that of physical environments. In addition, given the spread of virtualization, companies are now being faced with meeting regulatory compliance of their virtual infrastructure. HyTrust allows enterprises to meet these needs and answer the demands of auditors and their solution was created to proactively address the new challenges presented.
Rather than retroactively building necessary safeguards while sensitive data is put at risk, HyTrust, which has three patents pending, allows organizations to build a manageable virtual infrastructure foundation from the ground up. Additionally, to comply with regulations or security standards such as HIPAA, SOX and PCI/DSS, HyTrust gives enterprises the ability to demonstrate that adequate processes and enforcement controls are in place, configuration changes are consistent, and confidential information is secure. The HyTrust Appliance is the only product that addresses virtualization infrastructure control, including all four requirements outlined.
Backed by positive reactions from 12 trial customers, Eric Chiu is confident that he has gotten ‘at the right place, at the right time with the right solution’.
Pricing for the HyTrust Appliance (Enterprise Edition) is based on the number of protected VMware ESX hosts (on a per CPU/socket basis) and HyTrust Appliance license. Protection license for a 2 CPU VMware ESX host is $1,000; the HyTrust virtual appliance is $3,000; and the physical appliance is $7,500. Maintenance and support is charged on 25% of the annual license basis. HyTrust will soon make available the new HyTrust Appliance: Community Edition —a free virtual appliance available for download via the Web. Due out at the end of April, Community will allow protection for up to 3 hosts and offers an excellent way for smaller companies to bring automated virtualization best practices into their environments. HyTrust launched with a direct customer approach, but was already contacted by integrators and resellers eager to distribute licenses. Hytrust is expected to develop such hybrid distribution model in the third quarter of 2009.
Next to its venture capital investors, HyTrust is launching with an impressive list of technology partners, including VMware, Symantec, Cisco Systems and Citrix Systems.