Compare that with a virtual data center, which is much smaller physically, and administrators may have unfettered (and unmonitored) access across the entire system. That is where the notion of concentration of risk comes in. That which is easy to access is easy to compromise. Add the possibility for a public cloud where your data is, essentially, outside your direct control, and you have a compact target for attack. So a solution to that challenge needs to be built from the ground up to address both the environment and the threats. That is exactly what HyTrust CloudControl does.
CloudControl supports strong authentication, role-based access control, rule of four eyes (two-person) enforcement, policy enforcement, root password vaulting and infrastructure hardening. It can integrate with Intel's TXT system as well. Also, CloudControl is an excellent security administration tool from the perspectives of compliance and analysis. The menus and drill-downs are lucid and practical, and the tight integration with VMware and Active Directory adds to the product's versatility and power.
At a glance
Product CloudControl
Company HyTrust
Price Enterprise pricing starts at $63,750 for a single data center site with 20 ESXi CPU sockets; a free community edition for up to three hosts is also available.
What it does Cloud security automation mitigates the concentration of risk caused by virtualization.
What we liked Protection of the management infrastructure internally.