A centralized, single point of control

Authenticate and Verify Administrator IdentityWith HyTrust Appliance in place, there are no anonymous changes to the virtual infrastructure. All administrative access must first be authenticated. HyTrust can leverage any pre-existing investment in LDAP or AD. (For even tighter security, HyTrust fully supports two-factor authentication with SecurID or smart cards). In the event that root access is required, HyTrust Appliance features root password vaulting, which enables certain administrators to check out a temporary password for one-time access. The main benefit is that organizations can confidently declare that all access to the environment may be tied back to a specific individual—a critical requirement in security and compliance-conscious data centers.

Verify Platform Integrity A house is only as strong as its foundation, and the foundation of virtualization is the hypervisor. As such, the integrity of the entire infrastructure stack rests on the premise that the hypervisor is trusted and fully hardened. HyTrust Appliance provides this verification with the ability to assess the hypervisor configuration against industry-standard configuration templates, such as PCI-DSS, C.I.S., and VMware Best Practices. Unique to HyTrust is the additional ability to verify the trust of the hardware layer via technology from Intel called TXT. Only HyTrust provides this one-two punch to ensure total platform integrity of the virtual platform.

Validate All Change RequestsFrom its unique vantage point, HyTrust Appliance inspects every virtual infrastructure change request, approving or denying it in accordance with your defined policies. These policies are fully customizable and flexible enough to handle any complex situation. With its unique ability to classify and apply rules to specific virtual objects, HyTrust Appliance breaks free of rigid, two- dimensional, role-based access controls and enables complex, higher-level use cases such as compliance and private cloud. The upshot is that organizations can now confidently pursue these initiatives without fear and can maximize the return on their investment in virtualization.

Provide the System of RecordAs the central authority over all change requests, HyTrust Appliance provides granular, user-specific log records that can be used for regulatory compliance, troubleshooting, and forensic analysis. It offers an unprecedented level of visibility into the state of the virtual infrastructure. Unlike vCenter HyTrust Appliance records not only valid requests but invalid attempts as well, which are critical for security purposes. Additionally, every request is tied to the identity of a specific user and all relevant information—actual request, source IP, target IP, etc.—is collected. With total visibility from HyTrust, organizations can sail through their audits and rely on their logs for forensics if there is ever a need for investigation.

How does this compare with the core functionality provided by vCenter? Click here to find out!