Managing your VMware ESX infrastructure with the HyTrust Appliance

HyTrust offers managers and administrators of VMware’s ESX virtual infrastructure a centralized, single point of control for hypervisor configuration, compliance, and access management that is both secure and easy to use through ordinary Web browsers.

We tested the RC version of the product in March 2009 by making a remote connection to HyTrust’s own test lab.


  • ESX version 3.5 only (not ESXi)
  • Works with Internet Explorer and Firefox, most current versions.
  • Both Windows Server 2003/2008 domain controllers

Price: $7,500 for the appliance ($3,000 for software only) plus $500 per CPU ESX socket protected plus 25% for maintenance and support per year. Free version available to protect up to three ESX hosts but without any support contract.


  • A solid collection of tools to secure your VMware ESX infrastructure
  • Integrates with Active Directory and VMware vCenter policies
  • Fully functional freeware version allows for experimenting and learning before purchase


  • Limited to ESX currently
  • Log viewer could be better integrated into the product

HyTrust Appliance 1975 W. El Camino Real, Suite 203 Mountain View, CA 94040 650-681-8100

Symantec Backup Exec for Windows Servers

An online backup server that covers a wide range of servers and services, this latest version includes the ability to protect Microsoft SharePoint and Exchange servers, VMware Infrastructure, and other sophisticated environments.

We tested Version 12.5 on a small test network with Windows Server 2008 and Mac and Windows clients.

Requirements: Windows 2000/2003/2008 Servers,
Price: $995 for one license, additional agents varies in price from $395 to $3195, depending on what you need to backup.

Symantec Corp.
20330 Stevens Creek Blvd.
Cupertino, CA 95014


  • Easy to setup and operate
  • Free 60 day trial helps you test out the service and become familiar with its operation
  • Granular Recovery Technology allows easy restoration of accidentally deleted files, emails, or documents.
  • VMware and Microsoft Hyper-V virtual server data protection that is easy to manage
  • Integrated online backup for flexible off-site data protection


  • Some of the menus are a bit densely packed, such as the Job Setup screens
  • This is not a product for single server environments (there is a separate version for Microsoft’s Small Business Server that is more appropriate)

Deploying applications using Symantec’s Endpoint Virtualization Suite

The suite covers three separate products that have been acquired over the years by Symantec for applications delivery via streaming or virtual layers and a connection broker technology that allows enterprises to manage the way their applications are packaged and delivered to users’ desktops.

We tested Version 6.1 on various test machines in February 2009.

Requirements: Windows XP SP 1 or better with Java J2SE Runtime 5.0 update 6, Windows Server 2003/2008, Windows 2000, Windows Vista

Price: $360 (concurrent license), $270 (per node) for entire suite, Streaming + Virtualization $68, Virtualization only $44. Substantial volume license discounts.

• Powerful software management for multiple use cases so that enterprises can configure and deliver a wide variety of applications and situations
• Granular virtualization layer technology
• Competitive price for the features that are included
• Complex setup with multiple moving parts
• No common policy management across the various software modules
• Multiple management consoles for each software module

Symantec Endpoint Virtualization Suite
Symantec Corp.
20330 Stevens Creek Blvd.
Cupertino, CA 95014

The six minute firewall from McAfee/Secure Computing

In this short video review, I will show you the most important features of Secure Firewall (form. known as Sidewinder) from McAfee/Secure Computing.

As enterprises depend more on Internet-based applications, it becomes harder to defend your network against blended exploits and attacks that target your specific applications. You need something like this product which is more than a standard firewall that typically relies on intrusion prevention and signature based defenses. Secure Firewall is a network and application security device with numerous protective features built-in that are especially useful for protecting your critical applications and data. Secure Firewall has a great track record in the industry when it comes to emergency security patches and CERT advisories, and comes with solid reporting and analysis features as well as the ability to create rules to defend Web applications.

We tested version 70007 on a small network in October 2008.

• Combines inbound and outbound network & application protection for both known and unknown attack vectors
• Simple configuration of the TrustedSource global intelligence, and Geo-Location provide unique protections to reduce your organizations exposure to attack
• SSL & SSH inspection (decryption and filtering) protects against these holes in most deep inspection firewalls today
• Rules can be customized for particular defenses and very granular controls over applications

• Uses a variety of management tools, some Windows-based, some browser-based
• Setting up different administrative roles is fairly complex

Info: 55 Almaden Boulevard, Suite 500, San Jose, CA 95113
Product category: Email security appliance
Pricing: Least expensive unit $1,900 up to $70,000 for the largest networks

Making backups with Symantec Protection Network Online Backup

Symantec Corp.

An online backup service that works automatically in the background to make copies of your most critical files and is very easy and economical to use. Online backups have several advantages:
— To aid in recovering files from a lost or stolen laptop
— To provide a simple but effective offsite storage solution for your data
— To keep the costs of backups low and within reach of most businesses

Requirements: Windows 2000/2003 Server, Windows XP, Windows Vista with latest service packs installed, with at least 15% free disk space on the volumes that you want to backup.

Price: $9.99 a month for basic service for 10 GB storage. Premium service is $35 a month for 10 GB with seven year history of backups. Additional fees for more storage capacity, remote access, and online storage for Backup Exec v12 users.

— Easy to setup and operate
— Free 30 day trial helps you test out the service and become familiar with its operation
— 24×7 support included
— Requires a fast broadband upload connection particularly on the first backup or for very large file collections. Only incremental changes are sent on subsequent backups
— Lack of progress indicators make troubleshooting more difficult

Stopping data leaks with Code Green Networks

Data loss protection is still a new field, but Code Green Networks brings a comprehensive solution to stopping leaks of confidential data to unauthorized users. Is your IT leaving with employees that are getting downsized? Is your customer list now the property of one of your competitor’s? Then you might be interested in the latest data leak prevention appliance from Code Green Networks

Called True DLP, it consists of hardware and software tools that can detect when critical information is being copied from your network to a Web mail account, a removable USB thumb drive, or placed inside a document that is emailed as an attachment, even over an encrypted connection or hidden inside a compressed file ZIP archive.

True DLP
Code Green Networks Inc.

385 Moffett Park Drive, Suite 105
Sunnyvale, CA 94089
(408) 716-4200

Code Green works in conjunction with the Blue Coat Web proxy (to decode SSL traffic) and a series of email encryption products from Zix, Cisco, and Voltage.

Requirements: Just about any network and server configuration is supported. More monitoring and control is available using Windows-based agents for both servers and desktops.

Price: $10,000 for 50 users, more for larger networks. Maintenance fee is an additional 18% annually, and agent support is an additional 20% fee


Both structured and unstructured data protected

Automatically encrypts sensitive outgoing data
Straightfoward Web management interface


There are a number of ways to install and configure the product, depending on your own network connectivity and which servers you choose to protect

Only Windows endpoints supported with its agents.