Start-up HyTrust debuts policy enforcement for VMware

06.04.2009
Start-up HyTrust Monday launched its first product, an appliance for enforcing security policy related to administrative use of ESX servers and the management console.

The HyTrust Appliance v. 1.0, sold as physical hardware or software-based virtual appliance, is intended as a policy-enforcement gateway for all management traffic associated with ESX servers and VirtualCenter. "It makes sure all operations running are allowed, that the people are authorized and everything is logged," says Eric Chiu, founder and CEO of HyTrust.

The HyTrust Appliance would typically be deployed as a gateway to VirtualCenter and ESX servers for fine-grained authorization controls over administrators and "any end users having access to management capabilities in their virtual infrastructure," Chiu says. 

The HyTrust appliance can make use of Active Directory for authentication and comes with its own management console, but the company is also working with Symantec to integrate HyTrust into the Altiris management framework through application-programming interfaces.

Chiu acknowledges the HyTrust Appliance does have some functional overlap with VMware's VirtualCenter management consol. But although VirtualCenter "does have simple role-based access controls," the HyTrust appliance is more comprehensive in controlling management operations and the hypervisor itself, and will support hundreds of more virtual-machines than VirtualCenter, according to Chiu.

"VMware's strategy is hypervisors," Chiu says. "Policy management is not in their DNA."