Our primary use case for Nutanix Flow Network Security was to perform network mapping within our virtual environment, which is relatively flat. Regarding networking, we have a few virtual LANs set up between certain networks. However, we wanted to evaluate Nutanix Flow Network Security to create additional security rules, specifically firewall rules, for those virtual networks and the virtual machines within them. We were exploring the possibility of implementing Flow to prevent any unwanted traffic by applying such rules. During our evaluation, we used Nutanix Flow Network Security in a monitoring mode, which allowed us to capture network data between the virtual machines and virtual networks in question. This gave us the ability to create policies that would limit communication between virtual networks or servers or allow communication only between specific servers. However, we only implemented these policies in a monitoring mode. To clarify, we never implemented any firewall rules to actively prevent communication between the virtual networks or servers.
Nutanix Flow is a solution to build or provide micro-segmentation. Micro-segmentation is a zero-trust environment where no VM communicates to another VM, even if they are on the same network. There are situations when you don't want to allow them to communicate for a specific reason. Most companies have networks, but there are VMS on those networks and they can communicate with each other. The only option for the customer not to them communicate is for them to have different networks and have them pass through a firewall, which is highly expensive and difficult to manage.
Senior Systems Engineer at a financial services firm with 11-50 employees
Real User
Top 20
2021-12-14T05:16:00Z
Dec 14, 2021
The solution is used for micro-segmentation and to control all the traffic east to west in the applications. It allows for policies that enable complete visibility and traffic control.
Learn what your peers think about Nutanix Flow Network Security. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
Flow Network Security is a stateful, distributed, microsegmentation firewall. It is provided as part of NCI Ultimate or as part of the optional Security Add-On package for NCI Pro.
We use the solution for micro segmentation in the virtualization environment. I make sure VMs in the same network cannot speak to each other.
Our primary use case for Nutanix Flow Network Security was to perform network mapping within our virtual environment, which is relatively flat. Regarding networking, we have a few virtual LANs set up between certain networks. However, we wanted to evaluate Nutanix Flow Network Security to create additional security rules, specifically firewall rules, for those virtual networks and the virtual machines within them. We were exploring the possibility of implementing Flow to prevent any unwanted traffic by applying such rules. During our evaluation, we used Nutanix Flow Network Security in a monitoring mode, which allowed us to capture network data between the virtual machines and virtual networks in question. This gave us the ability to create policies that would limit communication between virtual networks or servers or allow communication only between specific servers. However, we only implemented these policies in a monitoring mode. To clarify, we never implemented any firewall rules to actively prevent communication between the virtual networks or servers.
I primarily use Flow Network Security for micro-segmentation, workload applications, and application databases.
We use this solution as a DMZ environment; it allows us to spread to the database traffic.
Nutanix Flow is a solution to build or provide micro-segmentation. Micro-segmentation is a zero-trust environment where no VM communicates to another VM, even if they are on the same network. There are situations when you don't want to allow them to communicate for a specific reason. Most companies have networks, but there are VMS on those networks and they can communicate with each other. The only option for the customer not to them communicate is for them to have different networks and have them pass through a firewall, which is highly expensive and difficult to manage.
The solution is used for micro-segmentation and to control all the traffic east to west in the applications. It allows for policies that enable complete visibility and traffic control.