Course Introduction

Introductions and course logistics
Review course objectives

Introduction to vSphere Networking

Describe VMware vSphere® networking components
Describe vSphere standard switches
Describe vSphere distributed switches
Explain the function VMkernel ports provide
Explain the services provided by VMkernel ports

Introduction to NSX

Explain what is missing in data centers today
Describe how network virtualization can help data centers
Explain how the new complete SDDC model improves data center operations
Describe the benefits of NSX
Identify NSX key use cases

NSX Architecture

Describe the NSX architecture
Identify the planes of NSX operations
Summarize the planes of NSX operations
Identify the components of each plane
Summarize the deployment of NSX Manager
Describe the deployment of the control plane
Identify and describe user world agents
List the data plane components

NSX Infrastructure Preparation

Describe the NSX installation overview
Identify what is involved in planning an NSX deployment
Verify the NSX Manager and vCenter Server registration
Describe the deployment and verification of the NSX Controller cluster

NSX Logical Switch Networks

Describe the switching challenges in current data centers
Explain TZ, VTEP, and VXLAN
Describe the procedure of preparing the infrastructure for virtual networking
Summarize logical switching segment ID pools and address ranges
Discuss the NSX replication modes
Configure VXLAN transport parameters
Explain the VXLAN Network Identifier (VNI)
Define VLANs for VXLAN
Explain the special CDO logical switch and transport parameters
Explain logical switch packet walks

NSX Logical Routing

Describe the routing challenges in current data centers
Explain Hairpinning
Describe the East-West and North-South routing concepts
Define the NSX Distributed Logical Router
Define the NSX Edge services gateway
Explain the work flows of a DLR
Explain the logical router, interfaces, and interface addresses
Describe the logical router traffic flow on the same hosts and Between different hosts
Describe logical router deployment models
Explain the packet flows of an NSX Edge services gateway
Explain the common topologies of an NSX Edge services gateway

Advanced NSX Logical Routing

Explain static and dynamic routing
Describe DLR and NSX Edge static and dynamic routing configuration
Explain OSPF and BGP routing protocols
Explain ingress and egress traffic flows
Describe and configure Equal-Cost Multipathing
Describe high availability for DLR and NSX Edge service gateways

NSX L2 Bridging

Explain L2 bridging use cases
Describe software and hardware L2 bridging between VXLAN and VLANs
Discuss L2 bridging packet flows

NSX Edge Services

Describe the NSX Edge Services
Explain how Network Address Translation (NAT) works
Describe source and destination NAT
Explain NAT64

NSX Edge VPN Services

Describe the NSX Edge VPN Services
Describe the VPN use cases
Explain NSX IPsec VPN services
Describe the IPsec security protocols: Encapsulating Security Payload
Configure an NSX Edge for IPsec VPN services
Explain NSX Edge L2 VPN services
Configure a L2 VPN on an NSX Edge
Explain NSX Edge SSL VPN-Plus services
Explain the SSL VPN-Plus client and installation package
Configure NSX Edge SSL VPN-Plus server settings

NSX Security Services

Describe SDDC security challenges
Explain the evolution of firewalls
Describe the NSX logical firewalls
Describe the Distributed Firewall architecture
Explain how to work with firewall rule sections
Differentiate L2 and L3 firewall rules
Describe exclusion lists
Explain L7 filtering in the DFW
Define an IP address, MAC address, a security, and service group
Describe the VMware Tools IP address discovery method
Explain DHCP and ARP snooping

NSX Advanced Security Services

Describe NSX SpoofGuard
Explain how to enable NSX SpoofGuard
Describe the NSX Identity Firewall
Explain how Identity Firewall works with AD
Discuss RDSH and its use in Identity Firewall
Explain Application Rule Manager
Describe the selection of virtual machines for Application Rule Manager
Explain how to create a monitoring session
Describe the publication of firewall rules from Application Rule Manager

NSX Introspection Services

Describe the types of introspection services
Describe the installation and configuration of Guest and Network Introspection
Explain service chaining
Define the available advanced services
Describe Guest Introspection services
Describe Network Introspection services
Describe how to view the status of Guest and Network Introspection
Summarize Guest and Network Introspection alarms, events, and audit messages

Cross-vCenter NSX

Describe cross-vCenter features and use cases
Describe the components involved in cross-vCenter NSX
Identify NSX Manager roles and NSX Controller cluster placement
Deploy universal logical networks
Describe the deployment models available for cross-vCenter NSX
Explain the design considerations for cross-vCenter NSX

Experienced system or network administrators

•  Understanding of enterprise switching and routing
•  Knowledge of TCP/IP services
•  Experience with firewalls and firewall rule sets
•  Understanding of concepts presented in the VMware Data Center Virtualization Fundamentals course
•  Understanding of the concepts presented in the VMware Introduction to Network Virtualization with NSX    course

By the end of the course, you should be able to meet the following objectives:
•  Configure and deploy VMware NSX components for management and control
•  Describe basic VMware NSX layer 2 networking
•  Configure, deploy, and use logical switch networks
•  Configure and deploy VMware NSX distributed router appliances to establish east-west connectivity
•  Configure and deploy VMware NSX® Edge™ services gateway appliances to establish north-south
connectivity
•  Configure VMware NSX L2 bridging
•  Configure and use all main features of the NSX Edge services gateway
•  Configure NSX Edge firewall rules to restrict network traffic
•  Configure VMware NSX distributed firewall rules to restrict network traffic
•  Configure Service Composer policies
•  Configure an identity-aware firewall
•  Describe VMware NSX data security
•  Use the cross-vCenter VMware NSX feature

This course prepares you for the following certification:
•  VMware Certified Professional 6 – Network Virtualization (VCP6-NV)