At this training, which is designed for 5 days, students learn the process of implementing and configuring a software platform VMware NSX for network virtualization and security. The training covers the following important topics: operation of logical switches, operation of logical routers, connecting VMware NSX networks using a bridge at the L2 level, basic functions of the NSX Edge services gateway, firewall rules for limiting network traffic, identity-aware firewall functions.
During the laboratory works students will improve their skills to implementation and management of VMware NSX.
This training will be useful for system administrators and technicians who work with the network part of the virtual infrastructure.
Expected students’ skills and knowledge
To complete this training, it is recommended to have a knowledge of routing and switching processes and protocols, TCP / IP services and firewall security mechanisms. In addition, it is recommended to have an experience equal to "VMware Data Center Virtualization Fundamentals" course.
Chapter 1. Course Introduction.
Chapter 2. Software-Defined Data Center.
- Describe the software-defined data center concepts.
- Describe the evolution of the software-defined data center.
- Discuss VMware vSphere® virtualization.
- Describe network virtualization.
Chapter 3. Networking Fundamentals.
- Describe Ethernet switching fundamentals.
- Describe the vSphere virtual networking.
- Describe the vSphere distributed switches.
- Identify the data center network topologies that are optimized for network virtualization.
Chapter 4. Management and Control Planes.
- Describe the role of VMware NSX Manager™ and VMware NSX Controller™.
- Identify NSX Controller clustering best practices.
- Deploy the NSX Manager instance and the NSX Controller cluster.
Chapter 5. Logical Switch Networks.
- Describe VXLAN protocol.
- Identify VTEP functions.
- Describe how NSX logical switches process Broadcast, Unknown unicast, and Multicast traffic.
- Describe ARP suppression.
- Compare unicast, multicast, and hybrid controller replication modes.
Chapter 6. Distributed Logical Router.
- Identify supported dynamic routing protocols.
- Describe the role of the NSX logical router and NSX Edge gateway.
- Diagram East-West and North-South traffic flows.
- Describe the distributed logical router.
- Describe the distributed logical router control virtual machine.
Chapter 7. NSX Edge Routing and High Availability.
- Describe the features of the NSX Edge services gateway.
- Configure static and dynamic routing on NSX Edge.
- Describe NSX Edge network address translation operation.
- Describe NSX Edge one-arm and inline load balancing.
- Compare NSX Edge high availability modes.
- Scale and place NSX Edge appliances.
- Chapter 8. Virtual Private Networks.
- Identify NSX VPN use cases.
- Configure site-to-site IPsec VPNs.
- Configure SSL VPNs for remote access.
- Configure Layer 2 VPN.
Chapter 9. Layer 2 Bridging.
- Describe Layer 2 bridging between VXLAN and VLAN.
- Describe the traffic flow between VXLAN and VLAN.
Chapter 10. NSX Security.
- Describe microsegmentation.
- Compare NSX Edge and NSX Distributed Firewalls to traditional firewalls.
- Configure NSX firewall policies.
- Extend the functionality of NSX with Service Composer.
- Configure security groups and security policies with Service Composer.
Chapter 11. Operations.
- Implement NSX role-based access control.
- Analyze NSX flow monitoring data.
- Create or modify firewall rules from NSX flow monitoring data.
Chapter 12. Automation.
- Describe VMware vRealize™ Orchestrator™.
- Describe the vRealize Automation capabilities.
- Describe how vRealize Automation and NSX interact.