The Virtualization Practice

Tag Archive for HyTrust

The security companies are looking into all aspects of virtual environment introspection to label, tag, or mark all objects for compliance reasons, inspect the contents of virtual machines for asset management (CMDB), and an early form of Root Kit detection.

Virtualization Security is not just about the firewall, it is about the entire ecosystem, auditing, compliance, and object management.

When working with VMware ESX there are some tips that I can share that can help you manage your environment. This tips are not anything really new or exciting but rather a reinforcement of some best practices to live by in order to improve auditing for compliance and troubleshooting. Use of the following in conjunction with remote logging functionality will improve your compliance stance and improve your ability to troubleshoot over a period of time.

How you may ask? By using a tool that logs all local administrator actions to a remote logging host. There are two ways to do this today for ESX (SUDO and the HyTrust Appliance) and only one mechanism for ESXi and vCenter (the HyTrust Appliance).

While at RSA Conference I visited the RSA Innovation Sandbox and noticed that three out of ten virtualization security vendors were finalists:

* Altor Networks
* Catbird Security
* HyTrust

Alto Networks won the Innovation Sandbox contest and all that goes with it. Congratulations to them, but Altor’s win is actually a win for all virtualization security players. It shows that virtualization security is extremely important to the data center as well as moving forward to the cloud.

HyTrust has announced Series B Financing in the amount of $10.5 Million with participation from Cisco, Granite Ventures as well as existing investors Trident Capital and Epic Ventures. This is very good news for HyTrust. While the Series B Funding was not much of a surprise given that HyTrust fits into the Virtualizaiton Security within its own niche. What is surprising is that Cisco is one of the backers of this innovative product.

The known virtualization security vendors Reflex Systems, Catbird Security, Altor Networks, HyTrust, Symantec, Trend Microsystems, Tripwire, and VMware all showed their wares at VMworld. Even Checkpoint was showing off their firewall integration within the virtualized environment. Are these really competing products or products that have unique uses within the virtual environment with just a bit of overlap?

As of this writing just a few of the regulatory compliance groups are working to encompass Virtualization. However, they are not close to anything publishable yet. What does this mean for companies that must enforce regulatory compliance? What does this mean to an auditor? The big question many are asking, is if the Compliance documents to which they must adhere do not mention virtualization, are they compliant when they virtualize? Currently whether you get down checked or not during an audit depends entirely on the auditor’s interpretation of the current non-specific guidelines. In most case its negative as there is no guidance from the compliance groups with regards to virtualization. There are also virtualization security products out there that try to enforce and report upon current compliance guides with respect to virtualization.

While at VMworld I was suddenly hit with a blast of heat generated by the 40,000 VMs running within the VMworld Datacenter of 150 Cisco UCS blades or so. This got me thinking about how would VMsafe fit into this environment and therefore about real virtualization security within the massive virtual machine possible within a multi-tenant cloud environment. If you use VMsafe within this environment there would be at least 40,000 VMsafe firewalls. If it was expanded to the full load of virtual NICs possible per VM there could be upwards of 400,000 virtual firewalls possible! At this point my head started to spin! I asked this same question on the Virtualization Security Podcast, which I host, and the panel was equally impressed with the numbers. So what is the solution?