Security Standards and Certifications
Our SecDL process is based on multiple security standards and validation programs. It complies with the strictest international standards, including the SP800-53 guidelines, to assure governments worldwide that Nutanix products perform as expected and work with their existing technology.
Information Security in the Enterprise Cloud
Nutanix takes a holistic approach to security with a secure platform, extensive automation, anda robust partner ecosystem. The Nutanix security development life cycle integrates security into every step of product development, rather than applying it as an afterthought. The strong pervasive culture and processes built around security harden the Enterprise Cloud Platform and bolster your security strategy.
Powerful automation and self-healing security models help maintain continuous security in enterprise cloud environments with efficiency and ease. Nutanix developed our own Security Technical Implementation Guide (STIG) to speed up the accreditation process for the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and the Department of Defense Information Assurance Risk Management Framework (DIARMF).
Fast Baseline Checks and Validation
The Nutanix STIGs are written in XCCDF format and support the SCAP standard for compatibility with automated assessment tools like HBSS, cutting down accreditation time.
Automatic Configuration Management
Security configuration management automation (SCMA) efficiently checks over 800 security entities in the Nutanix STIGs that cover both storage and built-in virtualization.
Nutanix leverages SaltStack and SCMA to self-heal any deviation from the security baseline configuration of the OS and hypervisor to remain in compliance.
In addition to built-in security, the highly extensible Nutanix Acropolis architecture exposes APIs that allow integration with a broad ecosystem of security partners. Verified joint solutions provide flexibility at every layer, including network, data, and end-point security, and deliver a committed support experience.
Nutanix works with ecosystem partners to provide monitoring of inter-VM, east-west traffic patterns that typical north-south solutions do not capture. These internal flows create protection gaps inside the datacenter, since they are not intercepted by typical perimeter security solutions.
Support an increasingly large number of virtual end points in the enterprise cloud, and protect them from being exposed to any virus or malware. Nutanix partner solutions:
- Preserve performance and consolidation ratios
- Provide comprehensive agentless security built specifically to maximize protection
- Provide intrusion prevention and web application security for extra protection against malicious attacks
Nutanix works with third-party KMIP-compatible enterprise key and policy management servers that enable consistent policy implementation and ensure compliance. Centralized key management makes it easier for administrators to account for encryption keys from Nutanix SEDs and disparate encryption solutions, and to generate detailed records for auditors and regulators.
SEE FOR YOURSELF
Get hands on with the hyperconverged infrastructure that powers the world’s most advanced datacenters. Sign up for a free test drive to gain immediate access to Nutanix in the cloud.