COURSE OBJECTIVE:
By the end of the course, you should be able to meet the following objectives:
• Describe the architecture and main components of NSX
• Explain the features and benefits of NSX
• Deploy the NSX Management cluster and VMware NSX® Edge™ nodes
• Prepare VMware ESXi™ hosts to participate in NSX networking
• Create and configure segments for layer 2 forwarding
• Create and configure Tier-0 and Tier-1 gateways for logical routing
• Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX
• Configure Advanced Threat Prevention features
• Configure network services on NSX Edge nodes
• Use VMware Identity Manager™ and LDAP to manage users and access
• Explain the use cases, importance, and architecture of Federation
TARGET AUDIENCE:
• Experienced security administrators or network administrators
COURSE PREREQUISITES:
• Good understanding of TCP/IP services and protocols
• Knowledge and working experience of computer networking, including switching and routing technologies (L2 through L3) and L2 through L7 firewall
• Knowledge and working experience with VMware vSphere® environments
• Knowledge and working experience with Kubernetes or VMware vSphere® with VMware Tanzu® environments
Solid understanding of concepts presented in the following courses:
• VMware Virtual Cloud Network Core Technical Skills
• VMware Data Center Virtualization: Core Technical Skills
• Kubernetes Fundamentals
COURSE CONTENT:
1 Course Introduction
• Introductions and course logistics
• Course objectives
2 VMware Virtual Cloud Network and VMware NSX
• Introduce the VMware Virtual Cloud Network vision
• Describe the NSX product portfolio
• Discuss NSX features, use cases, and benefits
• Explain NSX architecture and components
• Explain the management, control, data, and consumption planes and their functions.
3 Preparing the NSX Infrastructure
• Deploy VMware NSX® ManagerTM nodes on ESXi hypervisors
• Navigate through the NSX UI
• Explain data plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more
• Perform transport node preparation and configure the data plane infrastructure
• Verify transport node status and connectivity
• Explain DPU-based acceleration in NSX
• Install NSX using DPUs
4 NSX Logical Switching
• Introduce key components and terminology in logical switching
• Describe the function and types of L2 segments
• Explain tunneling and the Geneve encapsulation
• Configure logical segments and attach hosts using NSX UI
• Describe the function and types of segment profiles
• Create segment profiles and apply them to segments and ports
• Explain the function of MAC, ARP, and TEP tables used in packet forwarding
• Demonstrate L2 unicast packet flow
• Explain ARP suppression and BUM traffic handling
5 NSX Logical Routing
• Describe the logical routing function and use cases
• Introduce the two-tier routing architecture, topologies, and components
• Explain the Tier-0 and Tier-1 gateway functions
• Describe the logical router components: Service Router and Distributed Router
• Discuss the architecture and function of NSX Edge nodes
• Discuss deployment options of NSX Edge nodes
• Configure NSX Edge nodes and create NSX Edge clusters
• Configure Tier-0 and Tier-1 gateways
• Examine single-tier and multitier packet flows
• Configure static routing and dynamic routing, including BGP and OSPF
• Enable ECMP on a Tier-0 gateway
• Describe NSX Edge HA, failure detection, and failback modes
• Configure VRF Lite
6 NSX Bridging
• Describe the function of logical bridging
• Discuss the logical bridging use cases
• Compare routing and bridging solutions
• Explain the components of logical bridging
• Create bridge clusters and bridge profiles
7 NSX Firewalls
• Describe NSX segmentation
• Identify the steps to enforce Zero-Trust with NSX segmentation
• Describe the Distributed Firewall architecture, components, and function
• Configure Distributed Firewall sections and rules
• Configure the Distributed Firewall on VDS
• Describe the Gateway Firewall architecture, components, and function
• Configure Gateway Firewall sections and rules
8 NSX Advanced Threat Prevention
• Explain NSX IDS/IPS and its use cases
• Configure NSX IDS/IPS
• Deploy NSX Application Platform
• Identify the components and architecture of NSX Malware Prevention
• Configure NSX Malware Prevention for east-west and north-south traffic
• Describe the use cases and architecture of VMware NSX® Intelligence™
• Identify the components and architecture of VMware NSX® Network Detection and Response™
• Use NSX Network Detection and Response to analyze network traffic events.
9 NSX Services
• Explain and configure Network Address Translation (NAT)
• Explain and configure DNS and DHCP services
• Describe VMware NSX® Advanced Load Balancer™ architecture, components, topologies, and use cases.
• Configure NSX Advanced Load Balancer
• Discuss the IPSec VPN and L2 VPN function and use cases
• Configure IPSec VPN and L2 VPN using the NSX UI
10 NSX User and Role Management
• Describe the function and benefits of VMware Identity Manager™ in NSX
• Integrate VMware Identity Manager with NSX
• Integrate LDAP with NSX
• Identify the various types of users, authentication policies, and permissions
• Use role-based access control to restrict user access
• Explain object-based access control in NSX
11 NSX Federation
• Introduce the NSX Federation key concepts, terminology, and use cases.
• Explain the onboarding process of NSX Federation
• Describe the NSX Federation switching and routing functions.
• Describe the NSX Federation security concepts.
FOLLOW ON COURSES:
Not available. Please contact.