Enterprise-level security for multiple deployments--in clouds, using virtual machines or containers and in servers on premises--has been an impossible function to make available in a single solution. All of these deployments have, up to now, required their own security system. No one yet has been able to accomplish this extremely difficult problem. The problem has been especially acute in containerized deployments.
Until now, that is.
Mountain View, Calif.-based HyTrust this week launched HyTrust CloudControl 6.0, which expands its highly regarded security offering for VMware vSphere and NSX to include the AWS cloud and Kubernetes. The expanded platform addresses problems organizations currently face in trying to secure and ensure compliance of their hybrid, multi-cloud environments efficiently.
That’s not all. HyTrust is offering licenses for HyTrust CloudControl Kubernetes-orchestrated container environments free of charge to existing users.
Pretty Hard to Beat 'Free'
Tough for competitors to beat “free” in any market.
Thanks to the availability of so many new deployment options, a growing number of companies are now following the best-practice paths for their business applications. They are adopting a hybrid, multi-cloud approach, in which applications are deployed in on-premises data centers and across multiple cloud providers.
Meanwhile, applications are being built or re-factored using DevOps-style development into container-based, cloud-native architectures. This creates a huge challenge: how to efficiently and effectively provide consistent security, compliance and high availability across this heterogeneous, dynamic environment?
“I think this is going to separate us from the pack (of security vendors), because historically, we focused on private cloud. Now we’re adding protections for public cloud and containers, so that we can secure not only the underlying infrastructure, whether on premises or in a public cloud, but also the container infrastructure than runs above that,” HyTrust founder and President Eric Chiu told eWEEK.
“You can’t do that in one single solution. No one else provides that. Every other company in the AWS security space or in the container space is just protecting a single platform.”
Full Stack of Security Controls
HyTrust CloudControl 6.0 provides a consistent “full-stack” set of security and compliance controls across hybrid clouds, including:
- workload visibility and associated security posture;
- configuration hardening;
- image assurance via vulnerability assessment and origin-based controls; and
- administrative controls including fine-grained access control, and two-person approval workflows that reduce the risk of operator errors causing downtime.
These capabilities apply across VMware vSphere, AWS and Kubernetes, with a single user interface and API. Trust Manifests produce “security as code” to automate DevSecOps and “shift security left” in the CI/CD software lifecycle. Most importantly, the unified solution enables the creation of a single security policy which can then be seamlessly applied to a workload even if it moves to a different location in the hybrid cloud.
“As it is now, enterprises need a VMware security expert, an AWS security expert, a container security expert, and so on. It’s unwieldy. Using HyTrust CloudControl 6.0, they can use the same product to protect their next-generation platforms, too,” Chiu told eWEEK. “It’s less expensive, it’s proven and it’s simple. And it’s what our customers have been asking for.”
Chiu said HyTrust CloudControl 6.0 delivers both broad and deep support across hybrid cloud:
- Unified Visibility: Most of HyTrust’s competitors focus either solely on public clouds like AWS and Azure, or on container orchestrators like Kubernetes. HyTrust CloudControl 6.0 provides full visibility as to what workloads are running across hybrid multi-cloud environments, including on-premises vSphere. It also provides deeper information about workload security posture including encryption, vulnerabilities and image source repositories.
- Unified Policy: HyTrust CloudControl 6.0 provides a single interface to manage security policies. Operators can write a policy once and apply it across disparate cloud platforms without modification. This eliminates the difficulties in translating policies into the native capabilities and configuration method for each platform.
- Full-Stack Support: Effective security requires policies applied at all layers of the software stack. Most containerized applications are managed by Kubernetes and hosted either on vSphere or public clouds. HyTrust CloudControl 6.0 has support policies for containers, vSphere and AWS, which means that this single solution can provide the full-stack security and compliance required for mission-critical workloads.
- Continuous Compliance: HyTrust CloudControl 6.0 validates and enforces compliance controls across multi-cloud environments, ostensibly driving down the cost and effort of maintaining compliance. The platform ships with built-in templates for different regulatory standards such as PCI, HIPAA, DISA STIG and NIST CSF.
HyTrust CloudControl 6.0 is available now. Go here for more information.