Citrix and SignaCert Partner to Develop Virtual Infrastructure Security Validation

Citrix Systems, Inc. announced it is working with SignaCert, a provider of IT compliance solutions based on whitelisting methods, to include Citrix Systems software measurements in the SignaCert Global Trust Repository (GTR).

The companies said the collaboration will provide objective, third-party validation of Citrix-built software for IT security, compliance and systems management of virtual infrastructures, enabling Citrix customers and partners to explore uses for Citrix desktop and server virtualization products such as XenDesktop, XenApp and XenServer, including managing applications and packages in workloads. Additionally, SignaCert will license the Data Exchange Format (DEF) to customers at no charge to help them leverage the whitelist data method for custom uses in their Citrix environments.

"Virtualization presents a 'killer platform' for software whitelisting services, which are quickly becoming an industry accepted approach to information security, compliance and systems management," said Wyatt Starnes, Founder and CEO of SignaCert. "Our ability to provide third-party Security Content Automation Protocol (SCAP) validation for Citrix streaming and virtualization technologies will create a competitive leapfrog opportunity for Citrix."

"Our collaboration with SignaCert is further demonstration of the Citrix commitment to addressing customer concerns about the security, compliance and operational stability of virtual infrastructures," said Kurt Roemer, chief security strategist, Citrix Systems. "Citrix believes that a standards-based approach to software measurement will build trust and further spur adoption of desktop and server virtualization."

The SignaCert Global Trust Repository uses known-provenance and vendor-independent software measurements, or whitelists, to enable new enterprise IT security methods. These whitelists provide a way to enforce security and compliance of third-party software for enterprise computing environments, as well as uses such as software attestation in high-assurance platforms. The technology permits virtual machines (VM) and their applications to be securely authenticated, so that when a VM is moved - between the enterprise data center and a cloud, for example - the user can be confident that the workload originated with their enterprise customer and it has not been altered outside of policy in any way, and that there have been no file and structure changes, additions or deletions to the application stack, the groups noted in a release.

((Comments on this story may be sent to newsdesk@closeupmedia.com))

Related terms: adoption, ceo, policy, products, security, software, standards, technology