Nutanix Solutions Create Data and Security Protection for State, Local and Education Organizations

October 13, 2021

Harsha Kotikela,
Director of SLED Solutions Marketing - Nutanix

Modern Challenges for SLED Security

Cybersecurity attacks are progressively complex with an increase in Cloud, Digitization and Work-from-Anywhere practices, so State, Local and Education (SLED) organizations must begin improving their security posture and aligning with Zero Trust Architecture. Since institutions can no longer apply the same perimeter-based security solutions, they need to modernize IT operations, increase agility and work to implement network, application, user and data-based security to support mission success.

This is where Nutanix comes in, helping you protect your SLED agency’s public information from cyber threats. Though a data-focused organization, overtime Nutanix has honed in on the core concepts of security with the improvement of its data resiliency strategies. It has elevated its presence in the security space by releasing new solutions with a proactive security focus.

Prevent, Detection, Recovery

When it comes to securing data and making sure your agency is fully prepared for a cybersecurity incident, Nutanix recommends a three step process to make sure you’re safeguarded—Prevent, Detect, and Recover.

Prevention:

Prevention, above all else, is the most ideal solution to keeping an agency’s security posture in good standing. Attacks typically start with phishing through email or malicious web pages, but there are a number of best practices that agencies can take to prevent these occurrences.

  • Enforce strong password policies, and use tokenized access management controls and multi-factor authentication for various types accesses
  • Block malware spread with network microsegmentation
  • Use and maintain endpoint protection/antivirus to block malware
  • Train employees on cybersecurity awareness regularly
  • Leverage object storage with write once read many (WORM) features for backup images and other important data to protect their integrity and block encryption by ransomware
  • Critically analyze and scan the patchwork that must be done in data centers to continuously update areas susceptible to attacks

Prevention must also take place within an organization’s data centers. Zero Trust Architecture was created to aptly meet the needs of modern data center infrastructure against sophisticated cybersecurity threats. Organizations cannot just rely on perimeter based network security given the disparate nature of IT infrastructure as it exists today. Nutanix technologies help improve security posture to align with a Zero Trust Architecture.

Though some of these implementations can be difficult to accomplish, Nutanix offers multiple solutions to assist with prevention. Nutanix hyperconverged infrastructure (HCI) makes managing these best practices easier while simplifying storage and virtualization.

  • Nutanix AOS and Prism Management: Nutanix AOS is hardened and secured using industry best practices, has built-in auditing and remediation of those configurations. Prism Central adds RBAC for HCI storage and virtualization, and supports identity and access management (IAM) and multi-factor authentication.
  • Nutanix AHV and Flow Microsegmentation: Adopting AHV virtualization with Flow microsegmentation extends the above secure configuration and audits to the hypervisor layer. Flow provides network and application segmentation for virtual machines, which can limit the spread and impact of a ransomware infection.
  • Nutanix Objects: To ensure data cannot be locked by ransomware, Objects can create immutable storage buckets in WORM mode for key data and backup images.

Detection:

Sometimes these best practices can be missed and vulnerabilities happen. The next step is to create a strategic detection operation that will be able to catch threats before they can cause extensive damage.

  • Leverage layer 7 threat detection tools like intrusion detection and prevention systems (IDS/ IPS) to identify spurious network activity.
  • Use a consolidated security information and event management (SIEM) solution with real-time analysis of security events and logs and, if possible, orchestration capabilities.
  • Employ network honey-pots to augment detection capability.
  • Leverage anomaly detection tools for resource usage and storage activity.

With Nutanix’s array of detection solutions, your organization can better understand where a threat is coming from, how it’s penetrating and what you need to do about it. Some of the most helpful Nutanix Solutions are:

  • Nutanix AHV and Flow Service Insertion and Chaining To facilitate the use of virtual IPS/IDS or other network-based threat intelligence tools, Nutanix AHV and Flow support policy-based service insertion of network security and threat awareness tools from our ecosystem partners.
  • Files Analytics, Nutanix Prism Ops, and X-Play Prism Ops provides insights and analytics that can alert on resource utilization anomalies. Nutanix Files includes an intelligent analytics engine that provides insight into file share activity and anomalies. When combined with the codeless automation of X-Play, alerts and events can trigger security operations to avoid a potential ransomware issue.
  • Security Information and Event Management SIEM is a recommended best practice for early detection of malicious activity and easily scales with your security needs, allowing you to store transactional hot data on our high-performance HCI storage, and place cold data on our S3 compliant object-store, Nutanix Objects.

Recovery:

Once an attack is underway and weak spots have been breached, it’s time to think about recovery. Though, any organization should have a plan of recovery before an incident occurs. Here are just some of the best practices to work through during this phase.

  • Create snapshot and replication plans to match your business recovery objectives
  • Replicate data to one or more locations as part of a Business continuity and disaster recovery (BCDR) plan
  • Use automation and frequently test recovery to ensure quick and reliable results
  • Follow the 3-2-1 rule for backup, which is to keep:
  • At least three (3) copies of your backups
  • Two (2) backup copies on different storage media
  • One (1) of those copies should be located offsite

When using the Nutanix platform, be assured that it includes built-in disaster recovery to help you create the best BCDR plan after a cyber attack.

  • Nutanix AOS Starting with native snapshots for VM and file services and flexible replication options, AOS also includes comprehensive runbook automation and recovery options to meet any recovery SLA.
  • Xi Leap Leap is a cloud-based disaster recovery service with easy setup and SLA configuration with failover, failback, and recovery plan testing.
  • Nutanix Mine for Backup Leverage the availability and data protection of Nutanix as a target for your backup data. Mine is a turnkey secondary data backup and archiving solution powered by Nutanix platform partners. Since it uses the power and performance of the underlying Nutanix Distributed Storage Fabric, backup and recovery times can be minimized, which shortens downtime and required backup windows.

Nutanix Solutions: Key to Security Posture

Nutanix offers its SLED customers one of the most important aspects of any service: Simplicity. With certifications such as being the only HCI vendor on the DoDIN Approved Products List for some of its products, and achieving the Common Criteria EAL 2.0, Nutanix has continued to show dedication to issues of security. With the help of Nutanix technology and exercising various prevention, detection and recovery techniques, Nutanix solutions take away any added complexity during implementation and use—they work, they work well, and they work quickly. We will make sure your institution is prepared for any cyber threat.

View Our Free Resource to learn more about how Nutanix solutions can help your agency improve its security posture and support mission success.