VMware NSX-T Data Center: Design [V3.2]

Classroom Schedule
Live Online Schedule
vFlex-ILT Schedule
Inquire about Onsite
Course Datasheet
- Formats: Classroom, Live Online, vFlex-ILT, Onsite
- Length: 5 Days
This five-day course provides comprehensive training on considerations and practices to design a VMware NSX-T™ Data Center environment as part of a software-defined data center strategy. This course prepares the student with the skills to lead the design of NSX-T Data Center offered in release 3.2, including design principles, processes, and frameworks. The student gains a deeper understanding of the NSX-T Data Center architecture and how it can be used to create solutions to address the customer’s business needs.

Product Alignment
•  VMware NSX-T Data Center 3.2

Objectives:    By the end of the course, you should be able to meet the following objectives:
•  Describe and apply a design framework
•  Apply a design process for gathering requirements, constraints, assumptions, and risks
•  Design a VMware vSphere® virtual data center to support NSX-T Data Center requirements
•  Create a VMware NSX® Manager™ cluster design
•  Create a VMware NSX® Edge™ cluster design to support traffic and service requirements in NSX-T Data
•  Design logical switching and routing
•  Recognize NSX-T Data Center security best practices
•  Design logical network services
•  Design a physical network to support network virtualization in a software-defined data center
•  Create a design to support the NSX-T Data Center infrastructure across multiple sites
•  Describe the factors that drive performance in NSX-T Data Center
Intended Audience:    Network and security architects and consultants who design the enterprise and data center networks and VMware NSX® environments
Prerequisites:    Before taking this course, you must complete the following course:
•  VMware NSX-T Data Center: Install, Configure, Manage [V3.2]

You should also have the understanding or knowledge of these technologies:
•  Good understanding of TCP/IP services and protocols
•  Knowledge and working experience of computer networking and security, including:
   o  Switching and routing technologies (L2-L3)
   o  Network and application delivery services (L4-L7)
   o  Firewalling (L4-L7)
   o  vSphere environments

The VMware Certified Professional – Network Virtualization certification is recommended.
Outline:    1  Course Introduction
•  Introduction and course logistics
•  Course objectives

2  Design Concepts
•  Identify design terms
•  Describe framework and project methodology
•  Describe VMware Validated Design™
•  Identify customers’ requirements, assumptions, constraints, and risks
•  Explain the conceptual design
•  Explain the logical design
•  Explain the physical design

3  NSX Architecture and Components
•  Recognize the main elements in the NSX-T Data Center architecture
•  Describe the NSX management cluster and the management plane
•  Identify the functions and components of management, control, and data planes
•  Describe the NSX Manager sizing options
•  Recognize the justification and implication of NSX manager cluster design decisions
•  Identify the NSX management cluster design options

4  NSX Edge Design
•  Explain the leading practices for edge design
•  Describe the NSX Edge VM reference designs
•  Describe the bare-metal NSX Edge reference designs
•  Explain the leading practices for edge cluster design
•  Explain the effect of stateful services placement
•  Explain the growth patterns for edge clusters
•  Identify design considerations when using L2 bridging services

5  NSX Logical Switching Design
•  Describe concepts and terminology in logical switching
•  Identify segment and transport zone design considerations
•  Identify virtual switch design considerations
•  Identify uplink profile, VMware vSphere® Network I/O Control profile, and transport node profile design
•  Identify Geneve tunneling design considerations
•  Identify BUM replication mode design considerations

6  NSX Logical Routing Design
•  Explain the function and features of logical routing
•  Describe NSX-T Data Center single-tier and multitier routing architectures
•  Identify guidelines when selecting a routing topology
•  Describe the BGP and OSPF routing protocol configuration options
•  Explain gateway high availability modes of operation and failure detection mechanisms
•  Identify how multitier architectures provide control over stateful service location
•  Identify VRF Lite requirements and considerations
•  Identify the typical NSX scalable architectures

7  NSX Security Design
•  Identify different security features available in NSX-T Data Center
•  Describe the advantages of an NSX Distributed Firewall
•  Describe the use of NSX Gateway Firewall as a perimeter firewall and as an intertenant firewall
•  Determine a security policy methodology
•  Recognize the NSX-T Data Center security best practices

8  NSX Network Services
•  Identify the stateful services available in different edge cluster high availability modes
•  Describe failover detection mechanisms
•  Explain the design considerations for integrating VMware NSX® Advanced Load Balancer™ with NSX-T
   Data Center
•  Describe stateful and stateless NSX-T Data Center NAT
•  Identify benefits of NSX-T Data Center DHCP
•  Identify benefits of metadata proxy
•  Describe IPSec VPN and L2 VPN

9  Physical Infrastructure Design
•  Identify the components of a switch fabric design
•  Assess Layer 2 and Layer 3 switch fabric design implications
•  Review guidelines when designing top-of-rack switches
•  Review options for connecting transport hosts to the switch fabric
•  Describe typical designs for VMware ESXi™ compute hypervisors with two pNICs
•  Describe typical designs for ESXi compute hypervisors with four or more pNICs
•  Describe a typical design for a KVM compute hypervisor with two pNICs
•  Differentiate dedicated and collapsed cluster approaches to SDDC design

10  NSX Multilocation Design
•  Explain scale considerations in an NSX-T Data Center multisite design
•  Describe the main components of the NSX Federation architecture
•  Describe the stretched networking capability in Federation
•  Describe stretched security use cases in Federation
•  Compare Federation disaster recovery designs

11  NSX Optimization
•  Describe Geneve Offload
•  Describe the benefits of Receive Side Scaling and Geneve Rx Filters
•  Explain the benefits of SSL Offload
•  Describe the effect of Multi-TEP, MTU size, and NIC speed on throughput
•  Explain the available N-VDS enhanced datapath modes and use cases
•  List the key performance factors for compute nodes and NSX Edge nodes