Citrix to Establish Virtual Infrastructure Security Validation in Collaboration with SignaCert

Citrix Systems, Inc. today announced it is working with SignaCert, the leading provider of IT compliance solutions based on whitelisting methods, to include Citrix Systems software measurements in the SignaCert Global Trust Repository (GTR). This collaboration will provide objective, third-party validation of Citrix-built software for IT security, compliance and systems management of virtual infrastructures, enabling Citrix customers and partners to explore innovative uses for Citrix desktop and server virtualization products such as XenDesktop™, XenApp™ and XenServer™, including dynamically managing applications and packages in workloads. Additionally, SignaCert will license the Data Exchange Format (DEF) to customers at no charge to help them leverage the whitelist data method for custom uses in their Citrix environments.

“Virtualization presents a ‘killer platform’ for our software whitelisting services, which are quickly becoming an industry accepted approach to information security, compliance and systems management,” said Wyatt Starnes, Founder and CEO of SignaCert. “Our ability to provide third-party Security Content Automation Protocol (SCAP) validation for Citrix streaming and virtualization technologies will create a competitive leapfrog opportunity for Citrix.”

The SignaCert Global Trust Repository uses known-provenance and vendor-independent software measurements, or whitelists, to enable new enterprise IT security methods. These whitelists provide a standardized way to enforce security and compliance of third-party software for enterprise computing environments, as well as more advanced uses such as software attestation in high-assurance platforms. The technology permits virtual machines (VM) and their applications to be securely authenticated, so that when a VM is moved – between the enterprise data center and a cloud, for example – the user can be confident that the workload originated with their enterprise customer and it has not been altered outside of policy in any way, and that there have been no file and structure changes, additions or deletions to the application stack.

“Our collaboration with SignaCert is further demonstration of the Citrix commitment to addressing customer concerns about the security, compliance and operational stability of virtual infrastructures,” said Kurt Roemer, chief security strategist, Citrix Systems. “Citrix believes that a standards-based approach to software measurement will build trust and further spur adoption of desktop and server virtualization.”