Skip to main content
Solved

Anyone with Nutanix and PCI DSS experience?

  • March 18, 2026
  • 4 replies
  • 43 views
Ravisingh
Forum|alt.badge.img

Hi everyone,

Has anyone here worked with Nutanix in a PCI DSS environment? I have a few questions and would love to hear from people who have been through it.

- How did you separate PCI workloads from other workloads in your Nutanix cluster?
- Did you use Nutanix Flow for network segmentation? Did it work well for PCI?
- How did you handle logging to meet PCI DSS requirements?
- Any issues with patching AOS / AHV while staying compliant?
- Did your auditor (QSA) already know Nutanix, or did you have to explain the platform to them?

Any tips or lessons learned are welcome. Thank you!

Best answer by BartDonders

Hi,

 

Regarding to PCI DSS, you should not bother of separating workloads inside your Nutanix Cluster. Just use a dedicated cluster for your PCI DSS workloads.

 

In my opinion, Nutanix does not differ from other solutions. You need to make sure that your workload is isolated from other workloads and that data is not mixed woth other workloads.

 

I think you should go for a physical separated environment, as well for compute, storage and networking as well.

 

Regards,

Bart

Ravi Shankar

4 replies

BartDonders
Forum|alt.badge.img+3
  • BartDonders
  • Outrider
  • Answer
  • March 24, 2026

Hi,

 

Regarding to PCI DSS, you should not bother of separating workloads inside your Nutanix Cluster. Just use a dedicated cluster for your PCI DSS workloads.

 

In my opinion, Nutanix does not differ from other solutions. You need to make sure that your workload is isolated from other workloads and that data is not mixed woth other workloads.

 

I think you should go for a physical separated environment, as well for compute, storage and networking as well.

 

Regards,

Bart

    Ravisingh
    Forum|alt.badge.img
    • Ravisingh
    • Author
    • Adventurer
    • March 25, 2026

    Hej Bart,

    Thank you so much for your reply. We are in different situation, we have hundreds.. ROBO sites with the mixed workload and we cant afford having separate or dedicated PCIDSS cluster. But I must say Nutanix is doing better and working on solution and they addressed our concern and would be including many things in upcoming versions,

    Ravi Shankar
    BartDonders
    Forum|alt.badge.img+3
    • BartDonders
    • Outrider
    • March 25, 2026

    with hundreds Robo sites that can be very painful indeed. Even physically segmentation of your network can be costly.

    I think good logically segmentation, firewalling and Flow should be able to cover that.

     

    Don’t know about your connectivity to the ROBO sites, but also RBAC in PC can be very challenging for you.

      Ravisingh
      Forum|alt.badge.img
      • Ravisingh
      • Author
      • Adventurer
      • March 25, 2026

      we have better connectivity and also have great RBAC and things are going well, its just that there are some missing peices which Nutanix have to fix it.

      Ravi Shankar
      Terms & ConditionsAccessibility statement