Walktrough of Nutanix Beam and features

T7-opdoX_400x400

Nutanix released their SaaS multi-cloud governance and cost optimization tool named Nutanix Beam back in May at Next earlier this year. Now for me personally I have always been a fan of Nutanix and therefore I’ve been paying close attention to their acquisitions lately (Which now this year consists of many products already Frame, Netsil and )  Beam is based on Nutanix’s recently-acquired Minjar Botmetric service, which they state already has $1B of cloud spend across Amazon Web Services (AWS) and Microsoft Azure.

Now, this service/product like many others in the market is addressing what enterprises and businesses are seeing as their biggest issues with public cloud adoption right now, which is 1: Managing costs and 2: Security 3: Compliance.
Image result for rightscale and highest risk state of the cloud compliance

Screenshot from RightScale State of the Cloud Report 2018 –> http://bit.ly/2MEpDDB

Features for Nutanix Beam:

As of now, Nutanix Beam has support for two Cloud providers which are at the moment AWS and Microsoft Azure (EA Agreements only) and provides cost governance and security compliance for both. The UI they use is pretty similar to the UI you would find in Nutanix Prism so it is pretty slick! It is split up into two features and dashboards.

NOTE: I don’t have access to an EA enrollment for testing Azure properly so most of this was tested to an AWS Account

1: Cost Governance
2: Security Compliance

Overview of the Security Compliance Dashboard for AWS

The onboarding of an AWS account was pretty straightforward, Beam provided me with the permissions I needed and step-by-step process on how to create a custom IAM user role.

Beam has a pretty extensive checklist for security compliance when it comes to especially AWS, it detects quite fast compliance and generates a list of checks it does. Also, checks against all active regions within the AWS usage and gives good insight into each recommendation that it gives. Since this case looks into the VPC security groups configured on my dummy AWS account and

Also provides most with a automatic one-click remediation of policies as well.

One of the cool things was the ability to configure a custom compliance policy based upon Python.

Cost Governance for a dummy Azure Account

So it provides me the ability to sort cost based upon different groupings and tags.Now Beam also has some documented REST API interface https://dev.beam.nutanix.com/ on how you can generate recommendations and automate tenant access to a customer environment based upon that.

Some features I wasn’t able to try as part of the trial since it is a premium feature such as scheduled reports.

Competition in the market:

As I mentioned earlier there are many vendors that compete in this market, you have companies like CloudHealth, Dome9, CloudChekr, CloudAbility, Densify and vendors like Redlock which is more aimed at Public Cloud Security. Also the cloud vendors themselves such as Azure which bought Cloudyn which provides Cost Optimization. Also, the public cloud providers AWS, Azure, and Google themselves are also adding “Advisor” features inside the platform themselves to provide customers with recommendations in terms of underutilized virtual machines and other security mechanisms to help customers navigate through the best-practices and also better Cloud Cost features.

Screenshot from Microsoft Azure Advisor
Image result for azure advisor

Now some interesting questions one can ask oneself is

  • Are the built-in tools to the cloud platform themselves better at giving advise than a 3 Party tool? 
  • Are the built-in tools always going to be too “soft” at giving advise to ensure that customers always will be spending a bit more?
  • Are the third party vendors always going to be “lagging” behind the development cycle with it comes to new features that the different cloud providers come with such as Reserved Instances on Microsoft Azure? to give the best type of advice

Also we are moving to a multi-cloud scenario were we are combining features from any type of cloud services and SaaS offerings and maintaining cost and compliance across these is still something that we will need to struggle with and not something that each cloud plat

Current Limitations

Now as I’ve gone through the policies and providers it supports I’ve written down a list of current limitations which you might find as a blocker for an adoption for this specific product

  • It doesn’t support Microsoft CSP Agreements – Meaning that it cannot pull data from a CSP using the partner API.
  • It doesn’t support Google Cloud – Most other cloud cost optimization products support Google Cloud so hopefully, Beam will as well, this tweet which was posted a couple of days ago, gave me some insight into the roadmap. So I think this means that CSP and GCP support as coming as well. 
  • Seems that it doesn’t have any form of SAML based authentication support, you can either create a local user account on the service or you can use a Google ID account.
  • Seems like it currently doesn’t provide any cost optimizations for reserved instances on Microsoft EA agreements (Have to verify but based upon the UI and documentation I didn’t see anything on that) 
  • A bit disappointed that you cannot add Azure accounts directly using a Service Principal but you need to add EA enrollment number. Would love the ability if I just wanted Security Compliance feature to be able to just add Azure AD account with correct permissions.

Now as a positive side, the product is constantly evolving as seen from the product updates site here –> https://beam.nutanix.com/app/product-update and combining this with other Cloud product from Nutanix moving forward (I also guess that this is going to be baked into Prism Central as well to do Cloud Capacity Planning)

You May Also Like

About the Author: Marius Sandbu

Leave a Reply

Your email address will not be published. Required fields are marked *