VMware NSX: Install, Configure, Manage [V4.0]

VMware NSX: Install, Configure, Manage [V4.0]NSXICM4VMVMwareVM-NSXICM44.0<p>By the end of the course, you should be able to meet the following objectives:</p> <ul> <li>Describe the architecture and main components of NSX</li><li>Explain the features and benefits of NSX</li><li>Deploy the NSX Management cluster and VMware NSX® Edge™ nodes</li><li>Prepare VMware ESXi™ hosts to participate in NSX networking</li><li>Create and configure segments for layer 2 forwarding</li><li>Create and configure Tier-0 and Tier-1 gateways for logical routing</li><li>Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX</li><li>Configure Advanced Threat Prevention features</li><li>Configure network services on NSX Edge nodes</li><li>Use VMware Identity Manager™ and LDAP to manage users and access</li><li>Explain the use cases, importance, and architecture of Federation</li></ul><ul> <li>Good understanding of TCP/IP services and protocols</li><li>Knowledge and working experience of computer networking, including switching and routing technologies (L2 through L3) and L2 through L7 firewall</li><li>Knowledge and working experience with VMware vSphere® environments</li><li>Knowledge and working experience with Kubernetes or VMware vSphere® with VMware Tanzu® environments</li></ul><p>Experienced security administrators or network administrators</p><h5>Course Introduction</h5><ul> <li>Introductions and course logistics</li><li>Course objectives</li></ul><h5>VMware Virtual Cloud Network and VMware NSX</h5><ul> <li>Introduce the VMware Virtual Cloud Network vision</li><li>Describe the NSX product portfolio</li><li>Discuss NSX features, use cases, and benefits</li><li>Explain NSX architecture and components</li><li>Explain the management, control, data, and consumption planes and their functions.</li></ul><h5>Preparing the NSX Infrastructure</h5><ul> <li>Deploy VMware NSX® ManagerTM nodes on ESXi hypervisors</li><li>Navigate through the NSX UI</li><li>Explain data plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more</li><li>Perform transport node preparation and configure the data plane infrastructure</li><li>Verify transport node status and connectivity</li><li>Explain DPU-based acceleration in NSX</li><li>Install NSX using DPUs</li></ul><h5>NSX Logical Switching</h5><ul> <li>Introduce key components and terminology in logical switching</li><li>Describe the function and types of L2 segments</li><li>Explain tunneling and the Geneve encapsulation</li><li>Configure logical segments and attach hosts using NSX UI</li><li>Describe the function and types of segment profiles</li><li>Create segment profiles and apply them to segments and ports</li><li>Explain the function of MAC, ARP, and TEP tables used in packet forwarding</li><li>Demonstrate L2 unicast packet flow</li><li>Explain ARP suppression and BUM traffic handling</li></ul><h5>NSX Logical Routing</h5><ul> <li>Describe the logical routing function and use cases</li><li>Introduce the two-tier routing architecture, topologies, and components</li><li>Explain the Tier-0 and Tier-1 gateway functions</li><li>Describe the logical router components: Service Router and Distributed Router</li><li>Discuss the architecture and function of NSX Edge nodes</li><li>Discuss deployment options of NSX Edge nodes</li><li>Configure NSX Edge nodes and create NSX Edge clusters</li><li>Configure Tier-0 and Tier-1 gateways</li><li>Examine single-tier and multitier packet flows</li><li>Configure static routing and dynamic routing, including BGP and OSPF</li><li>Enable ECMP on a Tier-0 gateway</li><li>Describe NSX Edge HA, failure detection, and failback modes</li><li>Configure VRF Lite</li></ul><h5>NSX Bridging</h5><ul> <li>Describe the function of logical bridging</li><li>Discuss the logical bridging use cases</li><li>Compare routing and bridging solutions</li><li>Explain the components of logical bridging</li><li>Create bridge clusters and bridge profiles</li></ul><h5>NSX Firewalls</h5><ul> <li>Describe NSX segmentation</li><li>Identify the steps to enforce Zero-Trust with NSX segmentation</li><li>Describe the Distributed Firewall architecture, components, and function</li><li>Configure Distributed Firewall sections and rules</li><li>Configure the Distributed Firewall on VDS</li><li>Describe the Gateway Firewall architecture, components, and function</li><li>Configure Gateway Firewall sections and rules</li></ul><h5>NSX Advanced Threat Prevention</h5><ul> <li>Explain NSX IDS/IPS and its use cases</li><li>Configure NSX IDS/IPS</li><li>Deploy NSX Application Platform</li><li>Identify the components and architecture of NSX Malware Prevention</li><li>Configure NSX Malware Prevention for east-west and north-south traffic</li><li>Describe the use cases and architecture of VMware NSX® Intelligence™</li><li>Identify the components and architecture of VMware NSX® Network Detection and Response™</li><li>Use NSX Network Detection and Response to analyze network traffic events.</li></ul><h5>NSX Services</h5><ul> <li>Explain and configure Network Address Translation (NAT)</li><li>Explain and configure DNS and DHCP services</li><li>Describe VMware NSX® Advanced Load Balancer™ architecture, components, topologies, and use cases.</li><li>Configure NSX Advanced Load Balancer</li><li>Discuss the IPSec VPN and L2 VPN function and use cases</li><li>Configure IPSec VPN and L2 VPN using the NSX UI</li></ul><h5>NSX User and Role Management</h5><ul> <li>Describe the function and benefits of VMware Identity Manager™ in NSX</li><li>Integrate VMware Identity Manager with NSX</li><li>Integrate LDAP with NSX</li><li>Identify the various types of users, authentication policies, and permissions</li><li>Use role-based access control to restrict user access</li><li>Explain object-based access control in NSX</li></ul><h5>NSX Federation</h5><ul> <li>Introduce the NSX Federation key concepts, terminology, and use cases.</li><li>Explain the onboarding process of NSX Federation</li><li>Describe the NSX Federation switching and routing functions.</li><li>Describe the NSX Federation security concepts.</li></ul>By the end of the course, you should be able to meet the following objectives: - Describe the architecture and main components of NSX - Explain the features and benefits of NSX - Deploy the NSX Management cluster and VMware NSX® Edge™ nodes - Prepare VMware ESXi™ hosts to participate in NSX networking - Create and configure segments for layer 2 forwarding - Create and configure Tier-0 and Tier-1 gateways for logical routing - Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX - Configure Advanced Threat Prevention features - Configure network services on NSX Edge nodes - Use VMware Identity Manager™ and LDAP to manage users and access - Explain the use cases, importance, and architecture of Federation- Good understanding of TCP/IP services and protocols - Knowledge and working experience of computer networking, including switching and routing technologies (L2 through L3) and L2 through L7 firewall - Knowledge and working experience with VMware vSphere® environments - Knowledge and working experience with Kubernetes or VMware vSphere® with VMware Tanzu® environmentsExperienced security administrators or network administratorsCourse Introduction - Introductions and course logistics - Course objectives VMware Virtual Cloud Network and VMware NSX - Introduce the VMware Virtual Cloud Network vision - Describe the NSX product portfolio - Discuss NSX features, use cases, and benefits - Explain NSX architecture and components - Explain the management, control, data, and consumption planes and their functions. Preparing the NSX Infrastructure - Deploy VMware NSX® ManagerTM nodes on ESXi hypervisors - Navigate through the NSX UI - Explain data plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more - Perform transport node preparation and configure the data plane infrastructure - Verify transport node status and connectivity - Explain DPU-based acceleration in NSX - Install NSX using DPUs NSX Logical Switching - Introduce key components and terminology in logical switching - Describe the function and types of L2 segments - Explain tunneling and the Geneve encapsulation - Configure logical segments and attach hosts using NSX UI - Describe the function and types of segment profiles - Create segment profiles and apply them to segments and ports - Explain the function of MAC, ARP, and TEP tables used in packet forwarding - Demonstrate L2 unicast packet flow - Explain ARP suppression and BUM traffic handling NSX Logical Routing - Describe the logical routing function and use cases - Introduce the two-tier routing architecture, topologies, and components - Explain the Tier-0 and Tier-1 gateway functions - Describe the logical router components: Service Router and Distributed Router - Discuss the architecture and function of NSX Edge nodes - Discuss deployment options of NSX Edge nodes - Configure NSX Edge nodes and create NSX Edge clusters - Configure Tier-0 and Tier-1 gateways - Examine single-tier and multitier packet flows - Configure static routing and dynamic routing, including BGP and OSPF - Enable ECMP on a Tier-0 gateway - Describe NSX Edge HA, failure detection, and failback modes - Configure VRF Lite NSX Bridging - Describe the function of logical bridging - Discuss the logical bridging use cases - Compare routing and bridging solutions - Explain the components of logical bridging - Create bridge clusters and bridge profiles NSX Firewalls - Describe NSX segmentation - Identify the steps to enforce Zero-Trust with NSX segmentation - Describe the Distributed Firewall architecture, components, and function - Configure Distributed Firewall sections and rules - Configure the Distributed Firewall on VDS - Describe the Gateway Firewall architecture, components, and function - Configure Gateway Firewall sections and rules NSX Advanced Threat Prevention - Explain NSX IDS/IPS and its use cases - Configure NSX IDS/IPS - Deploy NSX Application Platform - Identify the components and architecture of NSX Malware Prevention - Configure NSX Malware Prevention for east-west and north-south traffic - Describe the use cases and architecture of VMware NSX® Intelligence™ - Identify the components and architecture of VMware NSX® Network Detection and Response™ - Use NSX Network Detection and Response to analyze network traffic events. NSX Services - Explain and configure Network Address Translation (NAT) - Explain and configure DNS and DHCP services - Describe VMware NSX® Advanced Load Balancer™ architecture, components, topologies, and use cases. - Configure NSX Advanced Load Balancer - Discuss the IPSec VPN and L2 VPN function and use cases - Configure IPSec VPN and L2 VPN using the NSX UI NSX User and Role Management - Describe the function and benefits of VMware Identity Manager™ in NSX - Integrate VMware Identity Manager with NSX - Integrate LDAP with NSX - Identify the various types of users, authentication policies, and permissions - Use role-based access control to restrict user access - Explain object-based access control in NSX NSX Federation - Introduce the NSX Federation key concepts, terminology, and use cases. - Explain the onboarding process of NSX Federation - Describe the NSX Federation switching and routing functions. - Describe the NSX Federation security concepts.5 days3750.001880.003750.003750.003350.003750.004300.002950.003555.003750.00205300.002750.0023.0023.0043.0045.00