HyTrust released their version 3.5 of their virtualization security proxy and compliance tool. This tool is core to a growing ecosystem of partners and systems. HyTrust has also expanded its role within the Secure Hybrid Cloud by covering more of what is traditionally part of the data center. HyTrust is a proxy that sits between an administrator and sensitive systems by providing advanced role based access controls but also advanced logging. With HyTrust fronting your VMware vSphere environment, HP ILO, Cisco UCS UIM, Nexus Switches, administrators gain a fine grain level of control over actions, improved logging in these environments, and the ability to vault critical passwords.
By far, the lowest hanging fruit of virtualization and cloud environment security is the segregation of your management control from your workloads. Separation of data and control planes have been recommended for everything from storage (EMC ViPR) up to the workloads running within virtual machines. The same holds true for cloud and virtual environment management tools, tasks, and functions. Up to now there have been very few choices in how such segregation could occur using properly placed firewalls or by using some form of proxy and the only proxy available was HyTrust. But this has changed. There are some other tools that will help with this segregation of data from control and do they give the level of auditing we require to solve the delegate user problem?