The HyTrust appliance essentially performs as a gateway to each management operation, and it can inspect each one separately. It then cross-references the actions with the roles of each user and correlates the likelihood of malfeasance. If the comparison suggests that the activity occurred out of policy, an alert can be launched, or policies could be put in place to terminate the activity until its validity can be verified.
HyTrust's Chiu concedes that role-based monitoring might not be fully effective in situations that involve stolen credentials, but he adds this solution supports two-factor authentication as a means of reinforced cloud security.
"Monitor mode has just been integrated into our virtual appliance solution, with an initial production release, aimed at key customers, set for next week," he said. "This is something that customers have been requesting, and we expect to begin extensive marketing efforts in May. It's a prepackaged virtual machine that you download and deploy in your VMware environment."
Chiu expects that the added functionality will be popular among both customers and channel partners.
"Everything that has not already been virtualized is at least on a path to be virtualized in the next year or two," he said. "Partners can come to their customer with the ability to deliver on very specific policies. You can say, for example, 'Alert me if somebody deletes more than five VMs in 20 seconds.' You can issue alerts based on actions or sets of actions for any enterprise resource being monitored."
PUBLISHED MARCH 13, 2013