VMworld 2012 The US Air Force doesn't let a single operator of a missile site launch a nuke all by his or her lonesome, and HyTrust, a maker of policy management and access control software for VMware virtual infrastructure, thinks IT shops should adopt the secondary approval rule for a lot of things that go on inside of the ESXi hypervisor and its vCenter management console.
"VMware has a great platform, which enables all kinds of neat stuff, but it can all be controlled by a single system admin who could take down all of the virtual infrastructure at the company either accidentally or maliciously," says Eric Chui, founder and president of HyTrust.
And don't think it hasn't happened. Chui cites the case of a disgruntled former employee at Shionogi Pharmaceuticals, who was laid off from the Japanese company but had left a backdoor into the corporate network. This former employee waited a few weeks, logged in from a hotspot at a local McDonalds, and shut down and deleted 88 virtual machines running at the company. The entire virtual infrastructure had to be rebuilt from tape.
To use another metaphor, most companies typically require a second signature on any checks above $5,000, and adding secondary approval to the VMware vSphere virtualization stack, which the new HyTrust 3.0 compliance appliance does, seems sensible. In fact, it is a wonder that such capability is not already in vCenter and the ESXi hypervisor or that VMware has not already snapped up HyTrust to add its tool to the vSphere stack.
A lot of companies are trying to implement two-person approval on big changes to virtual infrastructure through company policies, but Chui says it is much easier and obviously more effective (knowing the nature of people, who make mistakes or get irrational sometimes) to automate this in software.
The HyTrust appliance itself runs inside of an ESXi virtual machine, often on the same physical box that runs the vCenter management console for ESXi, and it intercepts all inbound and outbound traffic from vCenter and creates audit reports for what people are doing as well as acting as a traffic cop, giving access control to specific VMs as well as hypervisor and console features.
The prior HyTrust 2.5 appliance had object-based and role-based access controls for virty infrastructure, and now with HyTrust 3.0, the appliance is getting secondary approval workflows to make sure no one can go rogue. HyTrust Appliance 3.0 is also getting enhancements that let it secure multi-tenant clouds by beefing up virtual network segmentation.
The update also has a new labeling scheme that wraps around VMs and their applications and resources to keep admins from one part of a cloud from gaining access to another part of a cloud where they don't belong.
HyTrust Appliance 3.0 was developed against VMware's new ESXi 5.1 hypervisor, but has not been certified against it yet since that code is not shipping at the moment. A couple of months after the vSphere 5.1 stack has been in the field, HyTrust will roll out official support for ESXi 5.1. At the moment, HyTrust Appliance 3.0 can run against ESX 3.5, 4.0, 4.1, and 5.0 hypervisors in either the ESXi or ESX Server editions. (ESX Server, which embedded a management console inside the hypervisor, was discontinued with the 5.0 release.)
HyTrust no longer sells hardware appliances and only offers its code inside of a VM as a software appliance. The Community Edition is a full-featured compliance and access control freak but it is limited to a maximum of three ESX host systems.
The Enterprise Edition has no host limit and costs $750 per socket for a perpetual license, on top of which you pay for annual maintenance and tech support. The HyTrust console can run independently of vCenter, but there is a plug-in if you want to invoke HyTrust from within vCenter.
Chui tells El Reg that HyTrust is looking at supporting other server virtualization hypervisors as well as public clouds that sport non-VMware hypervisors as well as custom control freakage for future releases, but has made no commitment to offer such support at this time. This stands to reason with VMware providing about half of HyTrust's customer leads.
And a new partnership with the Virtual Computing Environment partnership between Cisco Systems and EMC similarly makes sense. "About 25 per cent of our pipeline is companies buying Vblocks," says Chui, "and they are usually large enterprises that are trying to take the build out of plan, build, and run as they stand up clouds."
Under the partnership with VCE, HyTrust is VCE's only go-to-market partner for access control and compliance auditing for Vblock clouds running VMware's ESXi hypervisor.
The HyTrust appliance knows how to integrate with Cisco's Unified Computing System modular systems and its on-board UCS Manager control freak as well as Nexus switches (physical or virtual), ESXi hypervisors and virtual switches, and MDS switches linking out to EMC storage arrays.
Vblocks are preconfigured stacks of Cisco and EMC hardware sold and supported by the VCE collective. At the moment, HyTrust is certified to work with Vblock Series 300 and Series 700 clouds. ®