Discussed in my previous post, Nutanix NOS 4.1.1 and the SecDL, we have released three new Nutanix Security Technical Implementation Guides (STIGs) embedded within NOS 4.1.1.  In this post we will take a quick look at what the Nutanix methodology is around the creation of all three.

Those of you in the Federal or high-governance spaces are more than familiar with NIST and DISA provided security requirements.  NIST being in the form of Special Publications (SP) and DISA providing Security Requirements Guides (SRG).  These are the building blocks of all STIGs and hardening guidelines in the industry.  Typically a great deal of research and development goes into the documentation of these requirements by the respective parties.  That being said they are, for all intents and purposes, general purpose guidelines only.  That is exactly what they are meant to be.  However, we do not function daily in a world of general purpose.  We need to take the general purpose and abstract into the specific purpose to be truly beneficial in the data center.

Continue reading

Yesterday Nutanix released version 4.1.1 of the Nutanix Operating System.  Current customers can download and upgrade free of charge with no down time what so ever to their workloads.

New releases come with new features… so what’s in the box?

  • Metro Availability
  • Encryption Support
  • VM Management for KVM
  • Prism Central Scalability to 100 Clusters/10K VMs; added support for Hyper-V
  • Security/STIG Enhancements
  • One Click Hypervisor Upgrade

I’m being a little transparent above with the bold tags I suppose.  That’s right, security, and not just the word itself.  Version 4.1.1 introduces three new STIGs with a total rule count on the platform to over five hundred and thirty!  By itself that may not seem all that impressive, well 530 should, but you need some foundation in order to appreciate what we are doing at Nutanix around security as a whole.

Continue reading