HyTrust, essentially, manages admins in a virtual world. It does this by doing four things: it authenticates and verifies admins, it limits and controls access, it provides a real audit trail that can be depended on, and it verifies platform integrity at the hypervisor level. This is access management on steroids for admins. It is, really, a gateway for virtual system administrators.
The user interface is almost precisely like VMware. If your admin is used to VMware, deploying HyTrust will be completely intuitive. Additionally, it does some things that vCenter cannot do, such as adding constraints. For example, it can set rules for what can and cannot be done - and by whom - during the staging of new VMs.
Another important feature is root password vaulting. This allows the automatic assignment of root passwords that are set to expire at some predetermined time. This is good for vendor support engineers, for example.
Hooks into special Intel chips allows hardware-level determination of whether or not the hypervisor has been compromised. While HyTrust is assessing hosts, it can remediate many types of problems that it discovers.
At a glance
Product: HyTrust Appliance
Price: $750 per CPU for each ESX/ESXi host
What it does: A Swiss Army knife for managing the administration and the concurrent security of a virtual system.
What we liked: Think of this as a suite of must-have tools for dealing with all of the day-to-day issues that bedevil security and system administrators.