Nutanix STIGs are based on common National Institute of Standards and Technology (NIST) standards that can be applied to multiple baseline requirements, e.g., for the DoD and PCI-DSS. Nutanix DISA STIG Compliance for RHEL 7 and Nutanix AHV document provides a complete set of RHEL 7 STIG rules configured on NTNX CVM as published by…
Configuring Role Mapping on Prism Central will NOT let you log into Prism Element with Active Directory credentials. Configuring role mapping on Prism Central will allow you to launch Prism element from Prism Central; but it will NOT allow direct login. Configure Authentication Source When user authentication is enabled for a directory service, all authorized…
If you have enabled Active Directory authentication to manage roles or access in the Prism web console, the AD users might receive the Authentication Failed error message while logging on to the Prism web console. This article describes ways to troubleshoot such issues and to check what might be wrong in the environment, provided that…
Cluster lockdown is the ability to disable password based CVM access and/or only allow key based access. Generate an RSA key pair from Linux $ ssh-keygen –t rsa –b 2048 Public key available at ~/.ssh/id_rsa.pub Private key available at ~/.ssh/id_rsa Generate an RSA key pair from Windows Use PuttyGen Select the type of key to…
You can enable two-factor authentication for users through a combination of a client certificate and/or username/password to address stringent security needs.
After completing the NCP, the NCAP was the next goal on my list. I began to prepare for this in a similar fashion to how I did with the NCP. The first step was of course, to download the Exam Blueprint. As with the NCP guide, a big credit again goes to Steven Poitras, and…
Nutanix supports SSL certificate-based authentication for console access. To install a self-signed or custom SSL certificate, do the following: Recommended Key Configurations Key Type Size/Curve Signature Algorithm RSA 2048 SHA256-with-RSAEncryption EC DSA 256 prime256v1 ecdsa-with-sha256 EC DSA 384 secp384r1 ecdsa-with-sha384 EC DSA 521 secp521r1 ecdsa-with-sha512
Prism currently supports integrations with the following authentication providers: Prism Element (PE) Local Active Directory LDAP Prism Central (PC) Local Active Directory LDAP SAML Authn (IDP)