Nutanix Security Central (NSC) is Security focused Software as a Service (SaaS) solution for Nutanix AHV cluster(s) that provides micro-segmentation security posture planning using Nutanix Flow, threat alerts, and continuous compliance monitoring (Supported standards are NST CSF, PCI-DSS, 27001, HIPAA, NIST).
Also, support enhanced multiple Machine Learning (ML) models and algorithms such as Louvain, Arima, tree based, and clustering, gives insight based on over 800 audit checks and security best practices.
Nutanix Security Central (NSC) unified cloud security operations for any workloads & data runs on any cloud infrastructure, automating incident response with intelligent analysis and regulatory compliance.
Nutanix Security Central Portal
The Security Central portal provides an inventory and configuration assessment of your cloud and on-premises infrastructure.
Nutanix Security Central portal link: https://flow.nutanix.com/securitycentral
Nutanix Security Central (NSC) Key features
Nutanix Security Central Key features are mentioned below:
- Holistic Security Monitoring and Remediation Automation : Correlate potential security vulnerabilities using Qualys’ scanning integration, then leverage the power of Nutanix X-Play to automate incident response or create microsegmentation workflows.
- Continuous Compliance and Asset Inventory: Gain asset visibility across workloads anywhere, then audit these findings against standards like CIS, NIST CSF v1.1, PCI-DSS v3.2.1, ISO 27001 and HIPAA for public clouds, or PCI-DSS v3.2.1 and DISA STIG for Nutanix on-prem.
- Zero Trust Security Model: Zero Trust architecture to create network-level policies to allow/block port-based network communications and logically tier your workloads.
- Vulnerability Remediation: Security Central provides you with a one-click feature that allows you to fix a security issue.
- Third-party security tools integration with Nutanix Security Central: Nutanix
- Qualys
- Splunk
- Webhook
- ServiceNow
Nutanix Security Central Supported infrastructure
Nutanix Security Central (NSC) is a Software as a Service (SaaS) solution which is primarily available for cloud infrastructure.
But, on-premises Nutanix AHV cluster can also be Integrated with cloud-based SaaS solution to deploy Nutanix Flow Security Central VM (FSC VM) now a.k.a Security Central VM (SCVM) that works as PROXY-VM to enable communication between on-premises Nutanix AHV cluster and cloud-based Nutanix Security Central – Software as a Service (SaaS).
1. Nutanix Private Cloud / On-premises Infrastructure
This Security Central VM (SCVM) Proxy-VM enables communication to collect IPFix logs, nodes, VM Inventory and security policy configurations from On-premises Nutanix AHV cluster and send to Nutanix Security central – SaaS based solution for further deep security monitoring and analysis.
Nutanix Security Central services can be managed through cloud-based Nutanix online portal https://flow.nutanix.com/securitycentral
Note: Nutanix Security Central requires to deploy “Security Central VM (SCVM)” and enable Flow service.
2. Public Cloud Provider Infrastructure
Nutanix Security Central (SaaS) security service is available on following Public cloud providers:
- AWS Cloud
- Azure Cloud
There is no need to deploy Nutanix Flow Security Central VM (FSC VM) now a.k.a Security Central VM (SCVM) on cloud infrastrcureur to collect i.e IPFix log, Inventory collection, pull / Push security policy configurations.
Nutanix Security Central (SaaS) Capabilities
Nutanix Security Central – cloud-based SaaS solution provides the full-flash security posture analysis & monitoring capabilities as mentioned below:
- Security posture monitoring
- User & network anomaly detection
- Compliance reporting
- Microsegmentation security planning
- Multi-cloud inventory and query
Nutanix Security Central – Firewall Ports
Ensure Nutanix Security Central (SCVM) should have enabled internal communication to Prism Central VM, and outbound/internet communication to the Nutanix Security Central – Cloud SaaS portal.
Traffic flow: SCVM —> Prism Central –> Internet –> Nutanix Security Central – Cloud SaaS portal
Security Central uses the TCP ports listed below for communication between components.
Please ensure that gateway firewall has the following ports are open:
- Source: Nutanix Security Central (SCVM) TCP Port 9440 To
- Destination: Prism Central VM
- Source: Nutanix Security Central (SCVM) TCP Port 443 To
- Destination: *.nutanix.com and *.amazonaws.com
Download | Nutanix Security Central VM
Nutanix Security Central VM can be downloaded from Nutanix Support portal
Nutanix Security Central VM | Downloading Steps:
- Log into Nutanix Portal >
- Support & Insights > Download >
- Security Central > Download “SecurityCentralVM-xx.xx.qcow2” image.
- Downloaded successfully.
Q&A
Question 1. Can use Nutanix Security Central – SaaS Solution, if on-prem Nutanix AHV cluster does not have Internet connectivity ?
Answer: No, Internet access is required to use/integrate on-premises Nutanix AHV cluster with Nutanix Security Central – SaaS solution.
Question 2: Which components are mandatory to integrate on-premises Nutanix AHV cluster with Nutanix Security Central ?
Answer: Mainly three components must be available on-premises
- Nutanix Prism Central (PC)
- Nutanix Security VM (SCVM)
- Internet Access / connectivity
Hopefully, After went though entire blog, now you have enough information on Nutanix Security Central.
thank you very much to being with HyperHCI.com | Be with us to read more, grow more..!