Workstation Protection: Essentials on Hysolate

One could imagine relegated to the bottom of the dungeons of the IT a certain idea of ​​the virtualization on the workstation, after the abandonment of the type 1 hypervisor projects at VMware , in 2010, then at Citrix, with the stop XenClient’s commercialization in 2015. But that was without counting other approaches, starting with that of Bromium, launched in 2012 by Simon Crosby, before that technical director of Citrix. His idea ? Isolate processes in virtual micro-machines to hide the reality of their runtime environment. An abstraction layer, in short, for each process, cutting it off from the operating system.

The approach has made its way into the minds and Microsoft has validated it with the Virtual Secure Mode of Windows 10 . But for the publisher, it was initially only to isolate a process of trust to protect it from possible attacks. Since then, Microsoft has gone further, with Windows Defender Application Guard : here, it is the Edge browser that is isolated from the operating system to protect the latter from threats that may come through the browser.

Virtualization called to the rescue

The approach chosen by Hysolate refers to all these approaches, but reviving the idea of ​​hypervisor “bare metal” for the client: it is actually to coexist on the workstation separate virtual machines, for example one for browsing the Internet for personal use, another for the work environment, and another for the most sensitive data and applications.

In an interview with the editor, Dan Dinnar, Co-Founder and COO of Hysolate, explains this choice: “Workstation protection fails. The RSSI ever add yet the majority of breaches are beginning to this place. ” On the other hand, “users are frustrated because they are being prevented from using USB drives, browsing the Internet, or more. So many things that affect their productivity.

Therefore, it was trying to answer the question of securing the workstation without adding an additional layer of protection “above” the operating system, but another, below.

This positioning allows to set up many controls, such as forcing a USB key to be connected to the environment dedicated to online navigation, being invisible to others, safer.

A whole layer of control

It is also possible to consider forcing the transit of files copied from an insecure environment to a trusted machine via anti-virus filters. You may only allow the output of the corporate VM to encrypted files.

But that’s not all: the provided abstraction layer also controls network flows and thus builds segmentation policies, even in a flatbed environment, or forces machine VPN usage virtual, without having to establish a specific configuration within each.

Finally, each VM can be made non-persistent, causing the return to the nominal image when needed, including if there has been any compromise, or even the suspicion of one.

The entire platform is managed through a server that can be deployed locally or accessed in cloud mode. From there, all desktop control and configuration elements can be managed – by station or group of stations, either independently or integrated with the directory. This console also allows to supervise the activities and the integrity of the terminals.

A veteran team

The choice of virtualization to protect the desktop is not surprising when you discover the profile of his other co-founder, Tal Zamir. This Technion alumnus joined VMware between June 2012 and December 2015. He joined the company on the occasion of the Wanova acquisition, whose Mirage software notably provided View users with the ability to centrally manage virtual and physical desktops.

Dan Dinnar is a CyberArk alumnus. It was also the CEO of Hexatier, which was also named GreenSQL and developed a kind of reverse-proxy to protect databases , including preventing SQL injections. Huawei bought it back in December 2016 .

Founded in 2016, Hysolate received initial funding from Team8, an investment fund specializing in cybersecurity, supported by Accenture, Cisco, Intel, Microsoft, and Nokia. He also took care of booting Claroty, a specialist in industrial systems monitoring , and Illusive Networks, which uses decoys to track and track attackers .

Leave a Reply

Your email address will not be published. Required fields are marked *