Last year there was a rush of investment in the virtualization security startups which led to some interesting team-ups:
- HyTrust was invested in by Cisco and others.
- Altor Networks was invested in by Juniper and teamed up with Juniper as well.
- Reflex Systems teamed up with Tipping Point.
Missing from this list until now was Catbird Security. Their continuous compliance products where however picked up by some rather large customers: Amazon and many government agencies.
Catbird and HyTrust have teamed up to deliver a product that provides front-end access and compliance control for well understood actions via HyTrust, for all other actions, including intrusions, Catbird Security provides compliance control, firewall, IDS, and IPS. In other words, proactive security via HyTrust and reactive security via Catbird.
Customers looking for a one stop virtualization security vendor often see these two competing with each other and they do not. They complement each other, actually HyTrust complements all other security vendors instead of only one. But given that HyTrust and Catbird both provide tools that are all about Compliance, this is one of those golden opportunities in this space. Everyone needs proactive and reactive compliance monitoring and auditing as well as Continuous Auditing.
Catbird Security + HyTrust deliver this for you and is one of the combinations of products often recommended when someone is talking about Compliance.
Is this now a one stop shop for virtualization security?
Unfortunately, no. As pointed out in the End-to-End Virtualization Security Whitepaper there are still a number of vendors that would need to join together to provide an all encompassing holistic view of virtualization security. Not even VMware provides a one stop shop.
From a compliance perspective, however, the only component I see missing from this Team-Up is a good log analysis tool.
The real questions about this Team-Up are:
- how well did HyTrust and Catbird join together their disparate user interfaces so that there is only one?
- whose object tagging mechanism will be used?
- in which engine is the policy defined?
- will HyTrust be modified to support Xen and therefore Amazon?
In essence, how well will they be integrated.
Read the full press release.
Are there other Team-Ups I would like to see are varied. The market is still young and does a virtualization security vendor aim for the whole show, or just their bit of the puzzle and solve the other problems by teaming up with the other vendors. At the very least I would like to see the virtualization vendors agree on a common virtual object tagging scheme and convention so that their is only one set of tags for all the tools involved. Perhaps the Catbird + HyTrust team-up will drive this into reality.