In which way should the administrator meet this requirement?

An administrator is deploying a three-tier application on a Nutanix Enterprise Cloud consisting of web, application, and database VMs. Traffic between the servers must be limited to specific services/ports. There is an application layer firewall VM deployed on one host in the cluster.

In which way should the administrator meet this requirement?
A . Create a network for each type of VM, and use policy-based routing to control the traffic flow
B . Configure a security policy and service chain redirecting the server traffic through the firewall
C . Separate the web. application and database VMs on to dedicated VLANs
D . Categorize the VMs in Prism Central and utilize Flow to set a security policy

View Answer

Answer: D

Explanation:

For a multi-tier application where traffic must be limited to specific services and ports across web, application, and database VMs, the optimal approach is to use microsegmentation features provided by Nutanix. Option D, "Categorize the VMs in Prism Central and utilize Flow to set a security policy," is the correct choice.

Nutanix Flow allows for detailed security policies that control VM-to-VM traffic within the same cluster, effectively managing access and communication based on specified criteria like VM category, service, or application type. This solution enables precise control over traffic flows, enhancing security without requiring additional physical or virtual network segmentation.

Reference: Nutanix Flow capabilities are detailed in Nutanix Prism Central’s documentation, which explains how to implement microsegmentation and security policies for application-specific traffic management.