Prism Central Security Dashboard
Prism Central Security Dashboard is a central management console that offers visibility into the security status of Nutanix infrastructure. It provides you with comprehensive insights into the security of Nutanix clusters and hosts, allowing you to identify and address security issues quickly and effectively. Before diving into the Security Dashboard, it's important to establish some definitions so that everyone can understand the key concepts:
CVE stands for Common Vulnerabilities and Exposures, which is a system that provides a standard way of identifying and naming security vulnerabilities in software and hardware. It helps to track and manage vulnerabilities more efficiently, and it enables organizations to stay informed about potential security threats and take appropriate action to protect their systems.
STIG stands for Security Technical Implementation Guide, which is a set of guidelines developed by the Defense Information Systems Agency (DISA) for securing computer systems and software. It provides specific configuration settings, security controls, and procedures that must be implemented to protect against known security threats.
NXVD stands for Nutanix vulnerability database which is a centralized repository of security vulnerabilities that have been identified in Nutanix software. The Nutanix vulnerability database includes information about each vulnerability, such as its severity, the affected products and versions, and any available patches or workarounds. The database is regularly updated as new vulnerabilities are identified and as patches and updates are released.
Now that you have a clear understanding of these definitions, the requirements for using Prism Security Dashboard are straightforward. You will need:
AOS version 6.6 or later
Prism Central version 2022.9 or later with Microservices infrastructure enabled.
Once you have fulfilled these basic requirements, you are all set to dive into Prism Security Dashboard.
What is Prism Security Dashboard?
Prism Security Dashboard provides a dynamic summary of the security posture across all registered clusters. The Security Dashboard allows you to view the most critical security parameters like cluster-based issue summary, STIG policy compliance, security hardening, and identified vulnerabilities.
The security dashboard is designed with multiple widgets that represent various security focus areas and you can easily customize the dashboard to align with your preferences and specific security needs.
The Prism Security Dashboard is divided into four main widgets by default:
The Summary widget provides at-a-glance view of your open security issues, allowing you to quickly identify clusters with the highest number of issues. By clicking on the Summary pie graph, you can access detailed information, including the total number of issues in the clusters. These issues are categorized based on different issue categories, such as Security Hardening, STIG Issues, and Vulnerabilities, providing a comprehensive overview of the security posture of your clusters.
2. STIG Policy
The STIG Policy widget provides information on policy violations or deviations from the baseline STIG policy, including the number of unique STIG controls that are not met and the total number of failed resources so you can take necessary actions to address the deviations and bring the resources back into compliance and regularly monitor the STIG policies to ensure ongoing compliance.
3. Security Hardening
The Security Hardening widget displays the status of security hardening controls applied to clusters and allows you to configure multiple security hardening controls directly from the widget. Configurations include enabling high-strength passwords for clusters, enabling AIDE (Advanced Intrusion Detection Environment), enabling SCMA (Security Configuration Management Automation) frequency for AHV hosts and Controller VM, enabling cluster lockdown mode, and enabling defense consent banner for AHV hosts and Controller VM.
The Vulnerabilities widget in the security dashboard provides a list of vulnerabilities (CVEs) associated with clusters based on AOS versions, it allows you to see the complete list and recommended upgrade path for mitigating the identified vulnerabilities.
To sum up, Prism Security Dashboard is a valuable addition to Prism's feature set, simplifying the process of improving cluster security and staying updated on any vulnerabilities or STIG violations. This dashboard empowers you to proactively safeguard your clusters, ensuring they are continuously secured and compliant with industry best practices.