VMware NSX: Install, Configure, Manage [V6.4]

Classroom Schedule
Live Online Schedule
vFlex-ILT Schedule
Inquire about Onsite
Course Datasheet
- Formats: Classroom, Live Online, vFlex-ILT, Onsite
- Length: 5 Days
This five-day, comprehensive, fast-paced training course presents VMware NSX as a part of the software-defined data center. You will learn how to use logical switching in VMware NSX to virtualize your switching environment. The course also details logical routing to enable you to dynamically route between different virtual environments.  You will also learn how to use gateway services, firewall configurations, and security services to help secure and optimize your VMware NSX environment.
Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course.

Product Alignment
•  VMware NSX 6.4

Objectives:    By the end of the course, you should be able to meet the following objectives:
•  Configure and deploy VMware NSX components for management and control
•  Describe basic VMware NSX layer 2 networking
•  Configure, deploy, and use logical switch networks
•  Configure and deploy VMware NSX distributed router appliances to establish east-west connectivity
•  Configure and deploy VMware NSX® Edge™ services gateway appliances to establish north-south
•  Configure VMware NSX L2 bridging
•  Configure and use all main features of the NSX Edge services gateway
•  Configure NSX Edge firewall rules to restrict network traffic
•  Configure VMware NSX distributed firewall rules to restrict network traffic
•  Configure Service Composer policies
•  Configure an identity-aware firewall
•  Describe VMware NSX data security
•  Use the cross-vCenter VMware NSX feature

This course prepares you for the following certification:
•  VMware Certified Professional 6 – Network Virtualization (VCP6-NV)
Intended Audience:    •  Experienced system or network administrators
Prerequisites:    •  Understanding of enterprise switching and routing
•  Knowledge of TCP/IP services
•  Experience with firewalls and firewall rule sets
•  Understanding of concepts presented in the VMware Data Center Virtualization Fundamentals course
•  Understanding of the concepts presented in the VMware Introduction to Network Virtualization with NSX    course
  1. Course Introduction
    • Introductions and course logistics
    • Review course objectives

  2. Introduction to vSphere Networking
    • Describe VMware vSphere® networking components
    • Describe vSphere standard switches
    • Describe vSphere distributed switches
    • Explain the function VMkernel ports provide
    • Explain the services provided by VMkernel ports

  3. Introduction to NSX
    • Explain what is missing in data centers today
    • Describe how network virtualization can help data centers
    • Explain how the new complete SDDC model improves data center operations
    • Describe the benefits of NSX
    • Identify NSX key use cases

  4. NSX Architecture
    • Describe the NSX architecture
    • Identify the planes of NSX operations
    • Summarize the planes of NSX operations
    • Identify the components of each plane
    • Summarize the deployment of NSX Manager
    • Describe the deployment of the control plane
    • Identify and describe user world agents
    • List the data plane components

  5. NSX Infrastructure Preparation
    • Describe the NSX installation overview
    • Identify what is involved in planning an NSX deployment
    • Verify the NSX Manager and vCenter Server registration
    • Describe the deployment and verification of the NSX Controller cluster

  6. NSX Logical Switch Networks
    • Describe the switching challenges in current data centers
    • Explain TZ, VTEP, and VXLAN
    • Describe the procedure of preparing the infrastructure for virtual networking
    • Summarize logical switching segment ID pools and address ranges
    • Discuss the NSX replication modes
    • Configure VXLAN transport parameters
    • Explain the VXLAN Network Identifier (VNI)
    • Define VLANs for VXLAN
    • Explain the special CDO logical switch and transport parameters
    • Explain logical switch packet walks

  7. NSX Logical Routing
    • Describe the routing challenges in current data centers
    • Explain Hairpinning
    • Describe the East-West and North-South routing concepts
    • Define the NSX Distributed Logical Router
    • Define the NSX Edge services gateway
    • Explain the work flows of a DLR
    • Explain the logical router, interfaces, and interface addresses
    • Describe the logical router traffic flow on the same hosts and Between different hosts
    • Describe logical router deployment models
    • Explain the packet flows of an NSX Edge services gateway
    • Explain the common topologies of an NSX Edge services gateway

  8. Advanced NSX Logical Routing
    • Explain static and dynamic routing
    • Describe DLR and NSX Edge static and dynamic routing configuration
    • Explain OSPF and BGP routing protocols
    • Explain ingress and egress traffic flows
    • Describe and configure Equal-Cost Multipathing
    • Describe high availability for DLR and NSX Edge service gateways

  9. NSX L2 Bridging
    • Explain L2 bridging use cases
    • Describe software and hardware L2 bridging between VXLAN and VLANs
    • Discuss L2 bridging packet flows

  10. NSX Edge Services
    • Describe the NSX Edge Services
    • Explain how Network Address Translation (NAT) works
    • Describe source and destination NAT
    • Explain NAT64

  11. NSX Edge VPN Services
    • Describe the NSX Edge VPN Services
    • Describe the VPN use cases
    • Explain NSX IPsec VPN services
    • Describe the IPsec security protocols: Encapsulating Security Payload
    • Configure an NSX Edge for IPsec VPN services
    • Explain NSX Edge L2 VPN services
    • Configure a L2 VPN on an NSX Edge
    • Explain NSX Edge SSL VPN-Plus services
    • Explain the SSL VPN-Plus client and installation package
    • Configure NSX Edge SSL VPN-Plus server settings

  12. NSX Security Services
    • Describe SDDC security challenges
    • Explain the evolution of firewalls
    • Describe the NSX logical firewalls
    • Describe the Distributed Firewall architecture
    • Explain how to work with firewall rule sections
    • Differentiate L2 and L3 firewall rules
    • Describe exclusion lists
    • Explain L7 filtering in the DFW
    • Define an IP address, MAC address, a security, and service group
    • Describe the VMware Tools IP address discovery method
    • Explain DHCP and ARP snooping

  13. NSX Advanced Security Services
    • Describe NSX SpoofGuard
    • Explain how to enable NSX SpoofGuard
    • Describe the NSX Identity Firewall
    • Explain how Identity Firewall works with AD
    • Discuss RDSH and its use in Identity Firewall
    • Explain Application Rule Manager
    • Describe the selection of virtual machines for Application Rule Manager
    • Explain how to create a monitoring session
    • Describe the publication of firewall rules from Application Rule Manager

  14. NSX Introspection Services
    • Describe the types of introspection services
    • Describe the installation and configuration of Guest and Network Introspection
    • Explain service chaining
    • Define the available advanced services
    • Describe Guest Introspection services
    • Describe Network Introspection services
    • Describe how to view the status of Guest and Network Introspection
    • Summarize Guest and Network Introspection alarms, events, and audit messages

  15. Cross-vCenter NSX
    • Describe cross-vCenter features and use cases
    • Describe the components involved in cross-vCenter NSX
    • Identify NSX Manager roles and NSX Controller cluster placement
    • Deploy universal logical networks
    • Describe the deployment models available for cross-vCenter NSX
    • Explain the design considerations for cross-vCenter NSX