Nutanix Security Central (NSC) is Security focused Software as a Service (SaaS) solution for Nutanix AHV cluster(s) that provides micro-segmentation security posture planning using Nutanix Flow, threat alerts, and continuous compliance monitoring (Supported standards are NST CSF, PCI-DSS, 27001, HIPAA, NIST).
Also, support enhanced multiple Machine Learning (ML) models and algorithms such as Louvain, Arima, tree based, and clustering, gives insight based on over 800 audit checks and security best practices.
Nutanix unified cloud security operations for any workloads & data runs on any cloud infrastructure, automating incident response with intelligent analysis and regulatory compliance. This ensures that all cloud environments maintain a strong security posture.
Nutanix Security Central Portal
The Security Central portal provides an inventory and configuration assessment of your cloud and on-premises infrastructure, enabling streamlined management and enhanced security capabilities across all cloud systems.
Nutanix Cloud Portal link: https://flow.nutanix.com/securitycentral
Nutanix Security Central (NSC) Key features
Nutanix Security Central Key features are mentioned below:
- Holistic Security Monitoring and Remediation Automation : Correlate potential security vulnerabilities using Qualys’ scanning integration, then leverage the power of Nutanix X-Play to automate incident response or create micro-segmentation workflows.
- Continuous Compliance and Asset Inventory: Gain asset visibility across workloads anywhere, then audit these findings against standards like CIS, NIST CSF v1.1, PCI-DSS v3.2.1, ISO 27001 and HIPAA for public clouds, or PCI-DSS v3.2.1 and DISA STIG for Nutanix on-prem.
- Zero Trust Security Model: Zero Trust architecture to create network-level policies to allow/block port-based network communications and logically tier your workloads.
- Vulnerability Remediation: It provides you with a one-click feature that allows you to fix a security issue.
- Third-party security tools integration with:
- Qualys
- Splunk
- Webhook
- ServiceNow
Nutanix Security Central Supported infrastructure
It supports public cloud and Nutanix AHV private cloud (on-premises) to deploy Nutanix Flow Security Central VM (FSC VM) a.k.a Security Central VM (SCVM) that works as PROXY-VM to enable communication between on-premises Nutanix AHV cluster and the Security Central platform.
1. Nutanix Private Cloud / On-premises Infrastructure
This Security Central VM (SCVM) Proxy-VM enables communication to collect IPFix logs, nodes, VM Inventory and security policy configurations from On-premises Nutanix AHV cluster and send to Nutanix Security central – SaaS based solution for further deep security monitoring and analysis.
Nutanix Security Central services can be managed through cloud-based Nutanix online portal https://flow.nutanix.com/securitycentral
Note: Nutanix Security Central requires to deploy “Security Central VM (SCVM)” and enable Flow service.
2. Public Cloud Provider Infrastructure
Nutanix Security Central (SaaS) security service is available on following Public cloud providers:
- AWS Cloud
- Azure Cloud
There is no need to deploy Nutanix Flow Security Central VM (FSC VM) now a.k.a SCVM on cloud infrastrcureur to collect i.e IPFix log, Inventory collection, pull / Push security policy configurations.
Nutanix Security Central (SaaS) Capabilities
Nutanix Security SaaS solution provides the full-flash security posture analysis & monitoring capabilities as mentioned below:
- Security posture monitoring
- User & network anomaly detection
- Compliance reporting
- Microsegmentation security planning
- Multi-cloud inventory and query
Cloud Security Reminder: Regularly assess your cloud infrastructure to ensure robust security practices are in place.
Nutanix Security Central – Firewall Ports
Ensure Nutanix SCVM should have enabled internal communication to Prism Central VM, and outbound/internet communication to the Nutanix Cloud SaaS portal.
Traffic flow: SCVM —> Prism Central –> Internet –> Nutanix Security Central – Cloud SaaS portal
It uses the TCP ports listed below for communication between components.
Please ensure that gateway firewall has the following ports are open:
- Source: Nutanix SCVM TCP Port 9440 To
- Destination: Prism Central VM
The integration of Nutanix Security Central with various cloud services enhances overall cloud security and enables seamless operations.
- Source: Nutanix Security Central (SCVM) TCP Port 443 To
- Destination: *.nutanix.com and *.amazonaws.com
Download | Nutanix Security Central VM
Nutanix SCVM can be downloaded from Nutanix Support portal
Implementing cloud security measures is crucial for safeguarding sensitive data against potential threats.
Nutanix SCVM | Downloading Steps:
- Log into Nutanix Portal >
- Support & Insights > Download >
- Security Central > Download “SecurityCentralVM-xx.xx.qcow2” image.
- Downloaded successfully.
Q&A
Question 1. Can use Nutanix Security Central – SaaS Solution, if on-prem Nutanix AHV cluster does not have Internet connectivity ?
Answer: No, Internet access is required to use/integrate on-premises Nutanix AHV cluster with Nutanix Security Central – SaaS solution.
Question 2: Which components are mandatory to integrate on-premises Nutanix AHV cluster with Nutanix Security Central ?
Answer: Mainly three components must be available on-premises
- Nutanix Prism Central (PC)
- Nutanix Security VM (SCVM)
- Internet Access / connectivity
Hopefully, After went though entire blog, now you have enough information on Nutanix Security Central.
thank you very much to being with HyperHCI.com | Be with us to read more, grow more..!
Doing so ensures that your cloud security measures are always up to date and resilient against new threats.
- Get Your Nutanix Free Voucher for 2025 Exams - March 20, 2025
- Nutanix Certification NCA, NCP, NCM Exam, Voucher & Training - March 15, 2025
- 5 Key Features of Red Hat Hyperconverged Infrastructure - March 15, 2025