Cluster lockdown is the ability to disable password based CVM access and/or only allow key based access to users.
- Nutanix recommends that access including SSH directly to CVM and hypervisor should be restricted to as few entities as possible.
- In high security settings, Cluster lockdown can be very appropriate and should be implemented
- Cluster Lockdown does not effect any cluster communication between its components. Cluster will function as normal.
It ultimately boils down to requirements. You can choose the level of security and give access to only a select few when the cluster is in lockdown mode.
Below are few helpful links that can help you secure your Nutanix Clusters :
KB 1895 - How to create a password-less SSH login to your Nutanix cluster