VMware NSX: Install, Configure, Manage plus Troubleshooting and Operations Fast Track [V6.4]

Course Details
Code EDU-NSXICMTSFT64
Tuition (USD): $6,475.00 • Classroom (5 days)

This intensive five-day, extended-hours course focuses on configuring and troubleshooting a VMware NSX® deployment. This course presents NSX as a part of the software-defined data center. You will learn how to use logical switching in NSX to virtualize your switching environment and how to use gateway services, firewall configurations, and security services to help secure and optimize your NSX environment. In addition, you will be presented with various types of technical problems that you will learn how to identify and solve through a systematic process. You will also be introduced to several operational, management, and troubleshooting tools.

Skills Gained

  • Describe the evolution of the software-defined data center
  • Configure and deploy NSX components for management and control
  • Describe basic NSX layer 2 networking
  • Configure, deploy, and use logical switch networks
  • Configure and deploy NSX distributed router appliances to establish east-west connectivity
  • Configure and use all main features of the VMware NSX® Edge™ services gateway
  • Configure NSX Edge firewall rules to restrict network traffic
  • Configure NSX distributed firewall rules to restrict network traffic
  • Configure Service Composer policies
  • Configure an identity-aware firewall
  • Describe NSX data security
  • Use the cross-vCenter NSX feature
  • Establish and apply a structured approach and methodology for troubleshooting
  • Identify, analyze, and troubleshoot problems related to NSX logical switching, logical routing, and NSX Edge services
  • Identify, analyze, and troubleshoot network security problems related to the NSX distributed firewall and the NSX Edge firewall

Who Can Benefit

Experienced system or network administrators

Prerequisites

  • Understanding of enterprise switching and routing
  • Knowledge of TCP/IP services
  • Experience with firewalls and firewall rule sets

Course Details

Course Introduction

  • Introductions and course logistics
  • Course objectives
  • Identify additional resources

Introduction to vSphere Networking

  • Describe vSphere networking components
  • Describe vSphere standard switches
  • Describe vSphere distributed switches

Introduction to NSX

  • Describe the benefits of NSX
  • Identify NSX key use cases

NSX Architecture

  • Describe the NSX architecture
  • Describe the cloud management, management, control, and data planes of NSX
  • Identify the component interactions
  • Describe the NSX Controller cluster and its functions
  • Explain the NSX Controller workload distribution

NSX Infrastructure Preparation

  • Explain the steps required for an NSX installation
  • Describe what is involved in planning an NSX deployment
  • Describe the NSX Controller cluster and deployment
  • Describe NSX Controller cluster high availability and load distribution
  • Explain how to deploy and configure the NSX Controller cluster
  • Explain the workflow involved in host preparation

NSX Logical Switch Networks

  • Explain transport zones, VXLANs, and VXLAN tunnel endpoints (VTEPs)
  • Describe the procedure of preparing the infrastructure for virtual networking
  • Describe the configuration of vSphere distributed switches for VXLAN
  • Identify the components involved in NSX logical switching
  • Define VLANs for VXLAN

NSX Logical Routing

  • Explain the east-west and north-south routing concepts
  • Define the NSX distributed logical router
  • Explain the logical router, interfaces, and interface addresses
  • Describe the management plane and control plane interaction
  • Describe logical router deployment models and two-tier routing for east-west traffic
  • Explain the common topologies of an NSX Edge services gateway

Advanced NSX Logical Routing

  • Describe how routers connect remote networks
  • Explain route redistribution methods
  • Describe less-than-or-equal (LE) and greater-than-or-equal (GE) configurations
  • Describe routing event notification enhancements
  • Configure equal-cost multipath (ECMP) routing
  • Describe high availability for NSX Edge service gateways

NSX L2 Bridging

  • Explain L2 bridging use cases
  • Describe software and hardware L2 bridging between VXLAN and VLANs
  • Discuss L2 bridging packet flows

NSX Edge Services

  • Describe the NSX Edge services
  • Explain how network address translation (NAT) works
  • Describe source NAT and destination NAT
  • Explain NAT64
  • Explain the function of load balancing
  • Explain the one-armed and inline load-balancing architectures
  • Explain the DHCP and DNS services of NSX Edge

NSX Edge VPN Services

  • Describe the NSX Edge VPN services
  • Describe the VPN use cases
  • Configure an L2 VPN on an NSX Edge device
  • Configure an NSX Edge device for IPsec VPN services
  • Explain NSX Edge SSL VPN-Plus services
  • Configure NSX Edge SSL VPN-Plus server settings

NSX Security Services

  • Describe the policy enforcement of the distributed firewall
  • Describe virtualization context-awareness
  • Explain custom network and security containers
  • Describe the architecture of an NSX Edge firewall
  • Explain DHCP snooping
  • Explain ARP snooping

NSX Advanced Security Services

  • Describe NSX SpoofGuard
  • Identify how tags enable dynamic security service chains
  • Explain Service Composer groups, policies, tags
  • Describe the Identity Firewall architecture
  • Explain Application Rule Manager
  • Explain how to create a monitoring session

NSX Introspection Services

  • Describe the types of introspection services
  • Describe the installation and configuration of Guest Introspection and Network Introspection
  • Summarize Guest Introspection and Network Introspection alarms, events, and audit messages

Cross-vCenter NSX

  • Describe cross-vCenter NSX features and use cases
  • Identify NSX Manager roles and NSX Controller cluster placement
  • Deploy universal logical networks
  • Explain the design considerations for cross-vCenter NSX

Troubleshooting Methodology

  • Develop a structured troubleshooting approach
  • Differentiate between symptoms and root causes
  • Identify and isolate problems residing in various areas
  • Apply an appropriate methodology and procedure to troubleshooting

NSX Troubleshooting and Operational Tools

  • Discuss NSX operational requirements
  • Use the native NSX tools (such as the central CLI, the NSX dashboard, and Application Rule Manager) to solve various types of problems
  • Use vRealize Network Insight to identify and analyze problems
  • Use vRealize Log Insight Content Pack for NSX in troubleshooting and operations

Troubleshooting and Operating NSX Infrastructure

  • Explain the NSX infrastructure and component communications
  • Troubleshoot NSX Manager and the management plane
  • Troubleshoot NSX Controller and the control plane
  • Troubleshoot problems in host preparation

Troubleshooting and Operating NSX Logical Switches

  • Explain VXLAN and logical switching components
  • Verify the VXLAN and logical switch configuration and status
  • Identify and troubleshoot common L2 configuration errors
  • Use the GUI, the CLI, packet capture, traceflow, and other tools to troubleshoot logical switching problems

Troubleshooting and Operating NSX Logical Routers

  • Describe the NSX logical routing architecture
  • Explain routing components, functions, and communications
  • Verify logical router configuration settings
  • Use packet capture on routers and perform packet walk
  • Use the GUI, the CLI, traceflow, and other tools to troubleshoot various logical routing problems

Troubleshooting and Operating NSX Edge Services

  • Verify edge services (such as DHCP and DNS) configuration settings and operational status
  • Troubleshoot various types of VPN services (SSL VPN-Plus, L2 VPN, and IPsec VPN)
  • Verify the configuration and status of logical load balancers
  • Troubleshoot common load-balancing and high availability scenarios

Troubleshooting and Operating NSX Security Services

  • Discuss the NSX distributed firewall architecture, components, communication channels, and features
  • Use the CLI and other tools to troubleshoot the configuration and operations of the NSX distributed firewall and the NSX Edge firewall
  • Explain and troubleshoot the Service Composer components and architecture
  • Troubleshoot common problems related to Identity Firewall
  • Verify Guest Introspection deployment configuration and functions, and troubleshoot common problems
Course Details
Code EDU-NSXICMTSFT64
Tuition (USD): $6,475.00 • Classroom (5 days)