Create a Post
Shay_Levin
Admin
Admin

CloudGuard & Nutanix - Deep Dive TechTalk

Nutanix & CloudGuard_a_Email_600x200px-03.jpg

Nutanix Keep networking simple and lower costs by leveraging software-defined security policies.
CloudGuard network solution is now seamlessly integrated with Nutanix flow via the service chain and provides full micro-segmentation threat prevention coverage of your AHV virtualization environment.

In this Deep Dive webinar, I’m going to walk you through the process of building a secure enterprise scalable topology protected by CloudGuard.
I will take you step-by-step through the deployment and configuration process on both Nutanix and CloudGuard.

(3)
4 Replies
Magnus-Holmberg
Advisor

How would this work in an MSSP environment, as its not possible to deploy multiple cloud guards on the same AHV node?


https://www.youtube.com/c/MagnusHolmberg-NetSec
0 Kudos
Shay_Levin
Admin
Admin

You will be able to deploy only one GW in each AHV with Calm.

But you can still deploy as many as you want manually.

0 Kudos
Magnus-Holmberg
Advisor

is it correctly understood that each AHV hosts needs its own cloudguard.
So if you would have a cluster of 10 AHV nodes, you do need 10 Core licenses. (one core for each node)
and this would be the same for each customer within the same cluster that you want to enable micro segmentation on?

Second question:
If you would like to have a dynamic rulebase based on the objects from the nutanix.
Like, if we would skip the micro segmentation part and just be interested in the objects themselves to be able to build a nice rulebase, can i collect these somehow and press the traffic in like a VSX? i understand that it would only be traffic that passes an inspection point/vlan 

https://www.youtube.com/c/MagnusHolmberg-NetSec
0 Kudos
Daniel_Mirkin
Employee
Employee

- In general, if you have 10 AHV nodes and a CG Gateway per Node, we need 10 licenses (1 for each GW). 

- CloudGuard Controller for Nutanix can be used to obtain VMs or Categories (groups of VMs) to be used in the security policy, as dynamic objects.