Flow Security Central – On Premise Nutanix (Getting Started)

| by Brandon Scott

Flow Security Central is a SaaS solution from Nutanix (previously part Nutanix Beam) which provides insight into the security posture of Nutanix private cloud as well as (today) AWS and Azure clouds to bring in a complete hybrid view of our cloud environments. In FSC (Flow Security Central) there are over 800 prewritten security checks based on years of experience and best practices working in cloud environments. You may ask, why use Flow Security Central when my public cloud has security tools? Well, in the public clouds they have tools for their native environments which is good if you have only a single cloud but in todays diverse cloud world we where we have the ability to choose the best cloud for our workload, we need a security tool that can span multiple clouds to keep a pulse on our environments in a consistent manner. With cyber breaches on the rise and affecting multiple important functions of our society from oil pipelines to meat distribution/processing facilities (as of 6/3/2021) these attacks are hitting our critical infrastructure and becoming an increasing national security issue. The primary point – don’t be a national news story because you didn’t put security first!

The following will walk through setting up FSC on your on premise Nutanix environment.

Step One: Creating Flow Security VM

1. First go to the below link to get the Download Link for FSC-VM

https://portal.nutanix.com/page/downloads?product=flowSecurity

2. Next copy the Download Link

3. Next login to your Prism Central VM and go to Infrastructure –> Images

4. Click Add Image

5. Select URL and then paste the Download Link into the URL box. Click Next

6. Pick your image Placement Method and click Save

7. Allow the download and image processing to complete, once complete you will see the following

8. Next go to Virtual Infrastructure –> VM and click Create VM

Fill out the following (these are the minimum requirements…

For the Disk make sure you Clone from Image Service and select the FSCVM QCOW

Click Add

Select VM and Power On

Step Two: Configuring the Flow Security Central VM

1. In Prism Central select and Open Console

Login with the default credentials

User=Beam

Password=b3@mMeUp!

2. Once you login the Firefox browser should pop up and automatically direct to the Flow Security Central application

3. If your network is connected, click “I have configured the network”

Then click Start Setup

4. First enter your Prism Central Details

then click Validate

5. Next click “Enable Log Collection” (this will enable the traffic visualization and make Flow Security Central a more powerful and useful solution)

6. Lastly a token will get generated

Copy the token

then click Go to Flow Security Central

7. You will need to sign into your my.nutanix.com account

8. Inside FSC, go to Settings

Then Nutanix Accounts

Click + Add Prism Central

9. Add Prism Central Name

add Token copied from FSC VM

Click Next

10. You should now see your Nutanix clusters under management by Prism Central

Select the cluster(s) you want under FSC management

Click Verify and Save

11. You should now see your Prism Central under the Nutanix Accounts menu in Settings

12. To verify go back to your Dashboard and change your view to Nutanix –> <your cluster>

Once inventory begins populating you will begin to see audit data

Here is an example of a few of the issues (subset of the 800+ built in checks) discovered in my environment that I didn’t see before

Share with the world!

Leave a Reply

Your email address will not be published. Required fields are marked *