This document discusses the need for secure virtualization solutions as organizations virtualize more mission-critical workloads. It summarizes that while virtualization provides basic security and cost savings, virtual infrastructures require purpose-built security solutions to address issues like lack of visibility, inconsistent configurations, and inadequate tenant segmentation. The document then outlines VMware's virtual security products and how HyTrust provides additional controls like strong authentication, auditing, and integrity monitoring for the virtual infrastructure and hypervisor administration. Major industry partners are also noted as trusting and integrating with HyTrust's virtual security platform.

1. 29
MARCH
2012
HyTrust & Vmware – Providing a Secure Virtual Infrastructure
Eric Chiu – Founder & President (HyTrust)
Rob Babb – Security & Compliance Specialist (VMware)
© 2011, HyTrust, Inc. www.hytrust.com 1975 W. El Camino Real, Suite 203, Mountain View, CA 94040 Phone: 650-681-8100 / email: info@hytrust.com
1

2. Security and Compliance Will Be Key to Virtualizing the Next
50% of the Data Center
Discussion
 Growth depends on
virtualizing mission
critical workloads
 Virtualization platform
provides basic
security: OK for non-
critical workloads
 Tier 1/2 workloads
have higher security,
compliance needs
 Purpose-built solutions
needed
© 2012, HyTrust, Inc. www.hytrust.com 2

3. Virtualization Platform Effects On Security
Abstraction and Consolidation
Capital and Operational Cost Savings
New infrastructure layer to be
secured and subject to compliance
Greater impact of attack or
misconfiguration
Collapse of Switches and Faster Deployment in
Servers into One Device Shared Environment
Flexibility IT responsiveness
Cost-savings Inconsistencies in
configuration
Lack of visibility and control for
virtual network and storage Physical change
processes ineffective
No separation of church and state
(network, security, storage Inadequate tenant
administration) segmentation
© 2012, HyTrust, Inc. www.hytrust.com 3

4. Virtualization Containers Effects On Security
Fuzzy Time Boundaries
Great availability / recovery
mechanism
Security and audit events can
be lost
Changes in time are not visible
from inside the virtual server
VM Encapsulation
VM Mobility Ease DR
Hardware Independence
Improved Service Levels
Outdated offline systems
Identity divorced from
Unauthorized copy
physical location
Policies may not follow Reconfiguring virtual hardware
and console access are over the
virtual machine
network operations
© 2012, HyTrust, Inc. www.hytrust.com 4

5. 4 “Must Haves” For a Secure Cloud Environment
© 2012, HyTrust, Inc. www.hytrust.com 5

6. VMware vShield – Foundation for Trusted Cloud
Securing the Cloud From Edge to Endpoint
vShield Data
vShield Edge vShield App vShield Endpoint
Security
Secure the edge of Protect applications from Streamline and accelerate Protect against
the virtual datacenter threats with trust zones anti-virus solutions data leaks
Virtual
Datacenter 1 Virtual Datacenter 2
DMZ Web HIPAA PCI
VMware vShield Manager
6

7. HyTrust Appliance Provides Necessary Controls to
Confidently Virtualize Mission-Critical Applications
Secures the administration of the
hypervisor & virtual infrastructure:
 Enforces consistent access and
authorization policies covering all
access methods
 Provides granular, user-specific,
audit-quality logs
 Enables strong, multi-factor
authentication
 Verifies platform integrity, ensuring
the hypervisor is hardened and the
virtual infrastructure is trusted
Provides complete visibility into and control over who accesses the infrastructure, the integrity of the
infrastructure, and the validity of the changes requested.
© 2012, HyTrust, Inc. www.hytrust.com 7

8. HyTrust (Virtual) Appliance In-Line Deployment
© 2012, HyTrust, Inc. www.hytrust.com
8

9. Major Partners Trust HyTrust
HyTrust is key "go to" HyTrust is part of CA HyTrust is the platform HyTrust provides
partner for vSphere Access Control for security solution - combined reporting
security and compliance Virtual Environments access control and with Trend's Deep
auditing - for vBlock Security product
HyTrust provides HyTrust reporting and HyTrust is part of Intel's HyTrust event reporting and
native integration with controls being integrated trusted cloud architecture TXT integration being
SecurID and enVision with Symantec CCS based on TXT integrated with McAfee ePO
© 2012, HyTrust, Inc. www.hytrust.com 9

10. VMware and HyTrust Links
 VMware – All Things Virtual Security
 http://portal.sliderocket.com/ATOHL/VMware-Security-Links_v2
 VMware Security Blog
 http://blogs.vmware.com/security
 HyTrust Community Edition and Video Demos
 http://www.hytrust.com/resources/product
 HyTrust Case Studies
 http://www.hytrust.com/resources/case-studies
 HyTrust Analyst Reports
 http://www.hytrust.com/resources/analyst-reports
10

11. Q&A
© 2012, HyTrust, Inc. www.hytrust.com 11