VMworld2015LogoVMware NSX software-defined networking offers unprecedented flexibility to support rapid infrastructure deployment and scaling with micro-segmentation to segment the network. HyTrust has partnered with VMware to deliver enterprise-class administrator controls for NSX that allow an organization to provide very segmented controls for administrators. HyTrust announced at VMworld 2015 the general availability of CloudControl for VMware NSX.

Adoption of the Software-Defined Data Center architecture has gained traction in the marketplace because it enables greater agility, scalability and workload security. As organizations have increasingly virtualized their infrastructure, often as much as 95 percent of compute, the server-to-server traffic has grown to represent as much as 80% of overall data center traffic. Traditional IT security controls focus on perimeter defense but traffic in the data center is not inspected. Modern-day attacks exploit this gap, potentially leading to serious breaches. VMware NSX makes micro-segmentation of network traffic or a zero trust security model feasible and scalable enabling protection at the workload level. HyTrust CloudControl 4.5 builds on this capability to enable authentication and granular role-based access control for NSX administrators.

VMware and HyTrust have partnered on an integrated solution to enable fine-grained administrative access to configure, control and monitor security policies for micro-segments to reduce operational and security risks. Separation of duties and monitoring administrator access to security configurations and policies is analogous to the separation and protection of network segments delivered with NSX micro-segmentation.

So what is in this product release that can help organizations?

Role-Based Access Control (RBAC)

  • Limit admin actions for Separation of Duties and Least Privilege
  • Pre-defined & customizable roles specific to NSX

Strong Administrator Authentication

  • Two-Factor: RSA SecurID, CA Authminder
  • RADIUS, TACACS+

Enhanced Administrator Logging

  • Complements NSX native logging by adding event logging based on HyTrust CloudControl configured and managed roles for faster trouble resolution and easier compliance reporting

HyTrustCloudControl

What is it?

HyTrust CloudControl—the virtual appliance that resides between administrators and VMware vSphere to add critical role-based access controls, visibility and secure multi-tenancy to the virtual infrastructure. Version 4.5 adds new features to augment VMware NSX™ micro-segmentation with administrator permissions for the Software-Defined Data Center (SDDC). The new offering delivers an industry-first separation of operator duties and monitoring access to ensure that only authorized personnel can configure security controls and policies.

The key benefits of the new HyTrust CloudControl protection for VMware NSX include:

  • Significant time savings on compliance and audit reporting, along with faster resolution for troubleshooting and advanced reporting on NSX administrative access and changes.
  • Strengthen security posture with granular control over security configuration and policy that is aligned with the NSX micro-segmentation
  • Reduced downtime and service disruption by protecting the virtualized network from process failure or configuration administrative error with change controls.
  • Ensure authentication and authorization requirements are met for VMware NSX deployments including; two-factor authentication, tokens, TACACS+ and RADIUS, smart cards and AAA servers.

“In the SDDC world, organizations need the segmentation of administrative roles, just as they have with physical environments,” said Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “NSX virtualization of the network allows those with access to make changes to the network that otherwise require greater controls. The HyTrust offering can provide an enhanced level of protection without disrupting operations, representing a potential advancement in this important field.”

Pricing & Availability

HyTrust CloudControl version 4.5 is generally available now and pricing for the VMware NSX protection starts at $1650 per NSX socket. For more information on HyTrust CloudControl version 4.5 and new NSX capabilities, visit the HyTrust website.

Want to know more please visit the HyTrust website.