Feb
17

AHV – Most Secure Hypervisor by Default

Cybersecurity threats grow and change every day, demanding perpetual vigilance and adaptation to the shifting security landscape. However, upgrading security in a traditional three-tier architecture is so time consuming and expensive, often involving multiple separate vendors, that some enterprises put off innovation. In light of competing security concerns—the need to reclaim resources for innovation versus the need to keep costs down—corporate and government environments demand a simpler approach: one vendor, with technology secured by design, and automated security compliance and reporting.
Nutanix has created a security development life cycle (SecDL) that addresses security at every layer in the deployment cycle, rather than applying it at the end as an afterthought. The SecDL implements security culture from top to bottom, ensuring that it is a foundational part of the design. SecDL reduces the time it takes to update code, which mitigates the risk of zero-day exploits.

Security is usually the last thing to get love when your under pressure. You will lack security if you get your system to work. With SCMA you don't have to decide between security and a working system anymore.

Security is usually the last thing to get love when your under pressure. You will ease security if you get your system to work. With SCMA you don’t have to decide between security and a working system anymore.

Because traditional manual configuration and checks cannot keep up with the ever-growing list of security requirements, Nutanix provides Security Technical Implementation Guides (STIGs) that use machine-readable code to automate compliance against rigorous common standards. Today, Nutanix tracks over 1,700 security entities across storage and the Acropolis Hypervisor (AHV). With Nutanix Security Configuration Management Automation (SCMA) introduced in the Acropolis Operating system 4.6, you can quickly and continually assess and remediate your platform to ensure that it meets or exceeds all regulatory requirements.

As regulations become more cumbersome and threats continue to proliferate, a fully tested platform with security at the forefront is the best choice for meeting tomorrow’s challenges today. The Xtreme Computing Platform (XCP) shrinks the compliance auditing window from months to minutes, allowing you to focus instead on the applications that drive the business.

SCMA also covers frustrating maintenance scenarios in which you upgrade your storage or hypervisor software only to find that the new software has overwritten your careful configuration work, forcing you to go through all the settings again from scratch. Returning to the baseline manually is slow and error-prone, often causing significant problems, particularly when dealing with major release upgrades. Companies have had to delay upgrading their systems to preserve security compliance, even when an upgrade would offer new features required to support the business. Nutanix SCMA means that businesses don’t have to shoulder the burden of interoperability testing or go through cumbersome steps to manually inspect and revert the upgraded system to a known good state.

With SCMA, you can schedule Nutanix STIGs to run hourly, daily, weekly, or monthly. The automation checks have the lowest system priority within the virtual storage controller, ensuring that security checks do not interfere with platform performance.
Nutanix has embedded five STIGs covering Nutanix storage and AHV in the product. These STIGs are:

o Acropolis Virtual Storage Controller STIG
o Nutanix Prism Web Server STIG (for tomcat)
o Nutanix Prism Proxy Server STIG (for Apache)
o Nutanix JRE8 STIG
o Acropolis Hypervisor STIG

With both the storage and they hypervisor meeting the highest levels of security out of the box I think it’s safe to say from day 1 to the life of the cluster that you have the most secure platform for your workloads. You can’t simply do one without the other and be secure. It’s this end to end life cycle (SecDL) that makes Nutanix so different from other vendors on the market today.

The hamster wheel of keeping your environment secure just had it's last spin with AOS 4.6.

The hamster wheel of keeping your environment secure just had it’s last spin with AOS 4.6.

Trackbacks

  1. […] tab friendly so you really don’t need to memorize the commands. The schedule command refers Nutanix Security Configuration Management Automation that will run the systems checks to make sure your system is compliant. The default schedule is set […]

  2. agen judi terpercaya

    AHV – Most Secure Hypervisor by Default

  3. […] more information, read AHV – Most Secure Hypervisor by Default by Dwayne […]

  4. […] the necessary control over their environment and application content. When you combine UCP with the Nutanix security it makes for a compelling […]

  5. pressure washing in ct

    AHV – Most Secure Hypervisor by Default

Speak Your Mind

*