The Challenge: Security Doesn't Travel Well
Picture this scenario: You've meticulously crafted security policies protecting your critical three-tier application. Everything is perfectly segmented—web tier locked down, app tier secured, database tier isolated. Then disaster strikes, or you need to perform planned maintenance. You initiate a live migration or failover to your disaster recovery site.
Your application arrives safely at the destination. But what about your security?
In many environments, security policies don't automatically follow workloads. Security teams are left scrambling to manually recreate policies at the destination, or they rely on custom scripts that must be re-run before each failover event. Even with scripts, there's no real-time verification that VMs remain protected during and after migration.
A misconfigured security policy on the target site could leave your application exposed. A missing firewall rule could create an attack vector. A forgotten script execution could mean hours or days without proper protection. In the chaos of a DR event, manual processes are error-prone and time-consuming.
Introducing "Flow Me Anywhere Security"
With Nutanix Flow Network Security 7.5, we're eliminating the script-based workarounds for VPC based networks with a simple but powerful concept: Your security policies now move with your application, this is great news for Nutanix Cloud Clusters(NC2) customers on Azure and AWS.
While previous FNS versions allowed policy synchronization through scripts for VPC based networks that had to be manually re-run before each failover, FNS 7.5 makes this process completely automatic and real-time. No more remembering to run scripts. No more hoping you executed the synchronization correctly. Just seamless, automatic security that travels with your workloads.
New in FNS 7.5
Automated Security Policy Migration for Cross-Cluster Live Migration (CCLM)
- FNS now supports both on-demand and DR-based live migration of VMs with their security policies intact
- Works seamlessly with VLAN(this was supported in 7.0 for on-prem) and VPC networking stacks
- Policies automatically synchronize across Prism Central instances
- No more manual policy recreation or custom scripts
Multi-Prism Central DR Support for VPCs
- FNS 7.5 is the first version to support Multi-PC DR for VPC environments
- Synchronize up to 1,000 Flow Network Security policies across Prism Central instances
- Both single-PC and multi-PC disaster recovery scenarios are fully supported
NC2 Hybrid Cloud Support
- Flow Network Security Next-Gen in VPC environments now supports NC2 on AWS
- Full support for NC2 on Azure in VPC environments
- Your security posture remains consistent whether workloads run on-premises or in the hyperscaler
Why This Matters: Defense in Depth
Security Continuity During DR Events
When disaster strikes, the last thing you want to worry about is whether your security policies are properly configured at the recovery site. With FNS 7.5, your microsegmentation policies travel with your VMs automatically. The moment your application comes online at the DR site, it's already protected with the exact same security posture it had at the primary site.
Protection Against Cloud Misconfigurations
Here's where defense in depth becomes critical. Even if security groups or network ACLs are misconfigured on the hyperscaler side—whether through human error, miscommunication, or automation failures—your applications remain protected by Flow Network Security policies that traveled with them.
Think of it as a security airbag: Even if everything else goes wrong, FNS provides that critical layer of protection that moves with your workload, independent of the underlying infrastructure.
Hybrid Cloud Consistency
For organizations running Nutanix Cloud Clusters (NC2) on AWS or Azure, this means true security consistency across your hybrid cloud environment. The same microsegmentation policies you rely on in your on-premises datacenter now extend seamlessly to your cloud-hosted workloads.
No more maintaining separate security constructs. No more translating policies between on-prem and cloud. One security framework, anywhere your Nutanix infrastructure runs.
If you can believe it our not I have already started working on .NEXT content for Chicago 2026 in April. I hope to get time to do a video for this new feature. Thanks for reading this far.