Manage virtual infrastructure with HyTrust

1
Cloud Under ControlVirtualize More by
Virtualizing More Securely
2
Virtualization and Clouds are the Foundation for
Modern IT
Organizations need to reduce costs and support
business agility
To do so, theyre adopting virtualized server
infrastructures and public cloud Infrastructure
as a Service (IaaS)
48
55
Use public cloud
Build internal private cloud
Ref Forrester webinar with HyTrust
3
Security is a Persistent Issue
Virtualization and cloud security
Additional concerns
21
26
Immature management tools
Unmet compliance requirements
Ref Forrester webinar with HyTrust
4
Virtualization and Clouds Have Inherent Risks at
Many Layers
5
Management Layer Risks
1
2
Access risk Multiple remote management by tools
and administrators lead to access control
security risks through vCenter, SSH, Third Party
Management, passed-on privileges
Policy risk Control policies vary based on
physical and virtual machines and can lead to
unapproved connectivity and management plane
actions
6
Software Layer Risks
People Layer
Users
Administrators
Management Layer
vCenter
4
Software Layer
Data risk Virtualization and cloud environments
have shared storage and replication of data where
data is moved around leading to further data risk
Cloud
Virtual
App
Data
App
Data
Device
Device
Hypervisor
Physical Layer
Infrastructure Bare Metal
7
Physical Layer Risks
8
Industry Experts Recommend Security Best
Practices for Virtualization
Secure each management interface Monitor and
analyze logs at all layers of the virtualization
infrastructure1
Enforce least privilege and separation of
duties Require multi-factor authentication for
all administrative functions3
Administrative access to the hypervisor/VMM
layer must be tightly controlled2
1 NIST SP 800-125 Guide to Security for Full
Virtualization Technologies 2 Neil MacDonald,
Vice President and Gartner Fellow 3 PCI-DSS 2.0
Information Supplement Virtualization Security
9
HyTrust Offers 2 Comprehensive Solutions
Addresses the policy management issue with
multi-tenancy and administration access control,
visibility and audits
Secures virtual machines and data with strong
encryption and key management
10
4 Ways CloudControl Protects VMware Infrastructure
Advanced authentication Single, secure
authentication policy enforcement point for
administrators
Role based access controls (RBAC) and 2-person
authorization Highly granular role and asset
based access policies for virtual infrastructure
Audit-quality logging and alerting Captures
granular, user-specific, virtual infrastructure
administrator log records for analysis
Infrastructure configuration hardening Assesses
VMware vSphere hosts to identify configuration
errors
11
DataControl Protects VMs and Data in Clouds and
Virtualized Environments
Strong FIPS-approved encryption AES 128/256,
ensuring VMs are secure lifelong
Strong
Key management you control State-of-the-art,
highly-available, security-hardened and easy to
deploy
Easy
Hardware-accelerated performance Ensures minimal
latency, automatically leveraging Intel AES-NI
hardware acceleration
Fast
Operationally transparent Unique ability to
encrypt and re-key with zero downtime
Transparent
Infrastructure independence Can protect VMs in
any virtualized environment, regardless of the
underlying cloud platform
Heterogeneous
12
HyTrust Augments vCenter with Comprehensive
Security
Offers visibility to hosts with logs for device
operations, attribute changes and source IP
addresses
Partitions management and security functions for
increased partitioning
Controls access to vCenter with CloudControl
HyTrust offers federated control with granular
policies
13
Cloud Under ControlHow to Virtualize More by
Virtualizing More Securely