Virtualization management tools provide IT administrators with tremendous flexibility and power to make significant, rapid changes to their virtual environments. This authority increases the insider threat and raises the need to protect virtual environments from user mistakes, misuse or blatant, malicious actions by those users with the most privilege.
The need for virtualization security was reinforced by recent reports of significant operational disruption and financial impact at a Japanese pharmaceutical company. A former employee reportedly used his credentials to remotely access and delete multiple virtual systems that were running critical applications, such as email and others that supported financial functions.
“The security and control of virtual machines that can be rapidly produced is a contributing factor to the concept of ‘virtual stall.’ Security is commonly cited as a reason why virtualization is not used more pervasively in a production environment for critical applications,” said Mike Denning, general manager, CA Technologies Security business. “Now, with CA Access Control for Virtual Environments in our IAM security portfolio, we can deliver the technology needed to automate end-to-end security of the data center—from the mainframe and physical servers to virtual environments.”
CA Access Control for Virtual Environments helps customers:
• Achieve compliance for their virtual data center through privileged user management for the hypervisor and guest virtual machines;
• Gain visibility and control over virtual environments with activity logging and privileged user password vaulting;
• Automate security operations and reduce security costs by applying security controls according to pre-set policies;
• Expedite adoption of virtualization technology for critical applications by improving security controls; and
• Create a secure, multi-tenant environment by isolating virtual machines through network zoning.
“We see CA Access Control for Virtual Environments as a key solution that will meet our needs in virtualization security and help us to comply with PCI-DSS requirements,” said Arieh Berger, manager, Operating Systems and Information Security, EL AL Airlines. “By complementing and extending the security that comes with VMware, CA Access Control for Virtual Environments will allow us to enact segregation of duties and control privileged user access – all automatically.”
CA Technologies, HyTrust Alliance Expands in Scope
CA Access Control for Virtual Environments includes technology from HyTrust, Inc. as part of a collaborative alliance between the companies. By combining CA Technologies proven privileged user access controls for virtual machines with the hypervisor security controls from HyTrust, customers can add increased security to the virtual environment, and protect against unauthorized access and actions by privileged IT administrators. This added level of security is often required on virtual systems in order to comply with industry regulations and to confidently increase the use of virtualization for streamlined operations and reduced cost.
“As adoption of virtualized hardware advances in maturity, enterprises are increasingly compelled to find ways of automating the management and security of the virtualization layer,” said Steve Coplan, senior analyst, The 451 Group. “Securing access to the hypervisor and implementing centrally-defined controls on administrative activity are crucial components of any strategy to inject greater oversight and visibility into the virtualized layer. The partnership between CA Technologies and HyTrust brings together expertise and integration at the hypervisor tier with the ability to manage virtualization administrative accounts as part of a broader privileged identity management initiative. The outcome is greater visibility into activity by administrators, and the ability to better define global policies on privilege containment."
CA Access Control for Virtual Environments is available direct from CA Technologies or through a growing global partner channel. As partners offer solutions incorporating VMware solutions or the HyTrust Appliance, CA Access Control for Virtual Environments is a logical enhancement that provides the virtual machine security layer and audit capabilities needed for PCI compliance and various regulatory mandates.
“It is exciting to see the CA Access Control for Virtual Environments solution come to market given it complements and extends VMware environments and helps solution providers meet the security needs of their customers," said Mike Nowlan, vice president of the North American security, virtualization and networking practices for Arrow Enterprise Computing Solutions, a leading provider of enterprise and midrange computing solutions including security, virtualization and networking technologies. Arrow ECS is a value-added distributor for CA Technologies. “Arrow ECS looks forward to connecting solution providers to CA Access Control for Virtual Environments.”
CA Technologies IAM Security at VMWorld Europe
CA Technologies will demonstrate CA Access Control for Virtualized Environments at VMWorld Europe (Oct. 18-20) in Bella Center, Copenhagen, Denmark. In addition to showcasing its solution for virtualization security, Nimrod Vax, senior director, product management, CA Technologies; Eric Chiu, president, HyTrust; and Robert Randell, principal security and compliance specialist, VMware, will participate in a panel discussion titled, “Payment Card Industry (PCI) Compliance with CA Technologies, HyTrust and VMware vShield” on Tuesday, October 18 at 9:00 a.m. CET. These security, compliance and virtualization professionals will provide their insight on emerging strategies and solutions for virtualization and PCI compliance.