Nutanix by Moustafa Hindawi

Security Dashboard | Prism Central 2022.9 ~Hindawi

The Security Dashboard provides dynamic summary of the security posture across all registered clusters. The Security Dashboard allows you to view the most critical security parameters like cluster-based issue summary, STIG policy compliance, security hardening, and identified vulnerabilities. The security dashboard is divided into multiple widgets to represent different security focus areas.

Requirements

Ensure that meet the following requirements to use Security Dashboard:

  • Enable Microservices infrastructure on Prism Central
  • Ensure that your cluster is running on AOS version 6.6 or later and Prism Central version 2022.9 or later.
  • Ensure that your cluster has internet connectivity. Security Dashboard is not available on dark sites.

Summary Widget

The Summary widget allows you to view your open security issues or focus on the clusters that have the most number of security issues. You can click the Summary pie graph to view the following information.

  • Total number of issues in the clusters
  • Number of issues in the clusters categorized based on the following issue categories:
    • Security Hardening
    • STIG Issues
    • Vulnerabilities

Tip: The Security Dashboard refreshes once daily. Updating the STIG check based vulnerabilities information requires a manual refresh. You can initiate a manual refresh by clicking the refresh icon at the bottom of the widget. Manual refresh process takes some approximately 20 minutes to 2 hours to complete and depends on the number of clusters in your environment.

STIG Policy Widget

STIG helps detect deviation from the security baseline configuration of the operating system and hypervisor to remain in compliance. Nutanix has implemented the Controller VM and Prism Central VM to support STIG compliance with the RHEL 8 STIG as published by DISA.

Security Hardening Widget

The Security Hardening widget displays the status of security hardening controls applied on your clusters. This widget also allows you to configure multiple security hardening controls from the widget directly.

You can configure the following Security Hardening configurations from the security hardening widget.

  • High-Strength Password
  • Advanced Intrusion Detection Environment (AIDE)
  • Security Configuration Management Automation (SCMA)
  • Cluster Lockdown
  • Defense Consent Banner

Vulnerabilities Widget

The Vulnerabilities widget displays a list of vulnerabilities (or CVEs) associated with your clusters based on the Acropolis Operating System versions.

Leave a Reply

Your email address will not be published. Required fields are marked *