HyTrust Community Edition and You

I had been meaning to give HyTrust some more love. After winning the Best of Show & Gold award at VMworld 2009, it is more than worth checking out.

(Note: I generally try to shy away from writing “promo” type posts and the like, however I strongly believe in HyTrust, and what they provide in the way of security for your virtualizaiton environment. I should also note here… that this is not a paid review, nor was it prompted by the HyTrust folks in any way.)

What is HyTrust

From the HyTrust site:

The HyTrust™ offers a centralized, single-point-of-control for virtual infrastructure access, policy management, security configuration, and compliance. By combining the same control mechanisms of the physical world into a comprehensive solution for virtual infrastructure, HyTrust cost-effectively enables virtual infrastructure to achieve the same level of operational readiness as that of physical infrastructure.

Essentially, the HyTrust appliance functions as an intelligent proxy of sorts for all commands going into and out of your VMware environment:

product_solution[1] Basically it allows you to filter all of your multitude of connections (SSH, API, vSphere Client, etc) through a single proxy that allows for fine grained control of actions against the infrastructure. It also provides a method for logging access centrally, that can cover both vCenter, the vSphere client, and any direct host manipulation (ssh, etc). In other words, it gives you one spot to look when you have an incident, rather than piecing together logs from multiple sources.

How do I try it? (Community Edition)

Well, while all of the above is fine and dandy, if you’re anything like me, you will want to kick the virtual tires in a lab setup. To do this, HyTrust provides a free Community Edition. The community edition will protect up to three hosts (great for the vSphere starter editions!), and can be downloaded after signing up at the HyTrust site. As the Community Edition is offered as a vApp, installation is a snap, download and deploy.

There are some configuration tasks to be taken care of afterwards, but… they are covered in the “installation” pdf (just below the download of the Community Edition). For a PDF, it’s quite good, and covers the basic “Demo” setup, as well as tying it to Microsoft Active Directory, including setting the permissions it requires 🙂

I strongly encourage you to go forth and give it a go.

5 thoughts on “HyTrust Community Edition and You

  • Pingback: Tweets that mention HyTrust Community Edition and You -- Topsy.com
  • PLEASE add something about how HyTrust is different or better than vShield Zones, what each of these things are good or not good for, etc.

  • Hi, Tom,

    HyTrust Appliance and VMware vShield are complementary solutions that together can provide great levels of security and compliance to virtualized datacenter.

    While HyTrust is focused on protecting the hosts and enforcing infrastructure control policies, vShield protects guests by zoning and monitoring virtuali network.

    Positioned as a virtual infrastructure management gateway, HyTrust Appliance combines centralized access control, granular object-based policy management, hypervisor security configuration and log aggregation into a comprehensive solution for visibility and control for operations with virtual machines and hypervisors.

    vShield Zones provide multi-level protection for the virtual network including traffic isolation, firewall and IDS.

    Hope this helps

Comments are closed.