Press Releases

Nutanix Brings Web-Scale Simplicity to IT Environments with Stringent Compliance Requirements

New Capabilities and Certifications Help IT Managers Meet Security Demands Across Industries

SAN JOSE, CALIF. – December 9, 2014Nutanix, the web-scale converged infrastructure company, today announced added security capabilities for its Virtual Computing Platform, including a number of additional certifications and security features, such as data-at-rest encryption. These capabilities augment the company’s Security Development Lifecycle (SecDL), which embeds security into every step of the software development process. Businesses that manage sensitive customer data and business information, such as government agencies and those in healthcare and financial services, can now benefit from the simplicity of Nutanix web-scale technology with confidence.

The new security capabilities are available with Nutanix Operating System (NOS) 4.1 software, and help IT security teams meet stringent standards like HIPAA, PCI DSS and SOX. Nutanix hardware platforms now meet a number of certification standards including FIPS 140-2, NSA Suite B support (to Top Secret), Common Criteria EAL2+, NIST-SP800-131A and others. Security features available in this release include:

  • Self-encrypting drives to secure data at rest, compliant with FIPS 140-2 Level 2 standards
  • Strong two-factor authentication, including the use of client certificates, to prevent unauthorized administrator log-ins
  • Nutanix Cluster Shield to limit administrator access in security-conscious environments by restricting shell logins

“Security is required across the entire datacenter architecture, including server and storage systems. Unfortunately, legacy infrastructure components often lack the necessary controls and fail to meet common certification requirements,” said Simon Mijolovic, Senior Security Solutions Architect at Nutanix. “Nutanix hyperconverged solutions integrate server and storage resources into a turnkey appliance, giving IT teams a single point of control to strongly protect data, secure administrator privileges and meet security certification requirements.”

The Nutanix security development lifecycle integrates security directly into the software development process, enabling automated testing and threat modeling to comprehensively assess and mitigate security risks before software is deemed production ready. Nutanix has also developed its own comprehensive Security Technical Implementation Guide (STIG) written in open XCCDF.xml format to support the Security Content Automation Protocol (SCAP) standard. This machine-readable code eliminates time-consuming testing by enterprise security teams and cuts the typical 9-12 month accreditation process for the DIACAP/DIARMF transition to just 30 minutes.

“Nutanix continues to provide innovative solutions to improve IT security across federal government organizations,” said Robert Sanchious, CEO/Chief of Engineering, SHR Consulting Group. “By publishing and testing to their own STIG incorporating DOD STIG guidelines, Nutanix has eliminated the need for time-consuming testing by customers and end-users, allowing us to bring innovative technology into government enterprises.”

All software-driven security capabilities are available across the entire Nutanix appliance portfolio. Data-at-rest encryption is available in Nutanix’s popular NX-3000 and NX-6000 platforms. For more information, check out the Nutanix blog or please

About Nutanix
Nutanix is a global leader in cloud software and hyperconverged infrastructure solutions, making infrastructure invisible so that IT can focus on the applications and services that power their business. Companies around the world use Nutanix Enterprise Cloud OS software to bring one-click application management and mobility across public, private and distributed edge clouds so they can run any application at any scale with a dramatically lower total cost of ownership. The result is organizations that can rapidly deliver a high-performance IT environment on demand, giving application owners a true cloud-like experience. Learn more at or follow us on Twitter @nutanix.

© 2019 Nutanix, Inc. All rights reserved. Nutanix, the Nutanix logo, Xi, and all product and service names mentioned herein are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. All other brand names mentioned herein are for identification purposes only and may be the trademarks of their respective holder(s).