This five-day, fast-paced VMware NSX-T Data Centre course provides comprehensive training on how to install, configure, and manage a VMware NSX-T™ environment. This course covers key NSX-T features and functionality offered in the NSX-T 4 release, including the overall infrastructure, logical switching, logical routing, networking and security services, firewalls and advanced threat prevention, and more.
Product Alignment:
- VMware NSX-T 4
COURSE OBJECTIVES
By the end of the course, you should be able to meet the following objectives:
- Describe the architecture and main components of NSX-T Data Center
- Explain the features and benefits of NSX-T Data Center
- Deploy the NSX Management cluster and VMware NSX® Edge™ nodes
- Prepare VMware ESXi™ and KVM hosts to participate in NSX-T Data Center networking
- Create and configure segments for layer 2 forwarding
- Create and configure Tier-0 and Tier-1 gateways for logical routing
- Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX-T Data Center
- Configure Advanced Threat Prevention features
- Configure network services on NSX Edge nodes
-
- Use VMware Identity Manager and LDAP to manage users and access
- Explain the use cases, importance, and architecture of Federation
COURSE CONTENT
1 Course Introduction
- Introductions and course logistics
- Course objectives
2 VMware Virtual Cloud Network and NSX-T Data Center
- Introduce the VMware Virtual Cloud Network vision
- Discuss NSX-T Data Center solutions, use cases, and benefits
- Explain NSX-T Data Center architecture and components
- Describe the VMware NSXTM product portfolio and features
- Explain the management, control, data, and consumption planes and function
3 Preparing the NSX-T Data Center Infrastructure
- Describe NSX Management Cluster
- Deploy VMware NSXTM ManagerTM nodes on VMware ESXi and KVM hypervisors
- Navigate through the NSX Manager UI
- Explain data-plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more
- Perform transport node preparation and establish the data center infrastructure
- Verify transport node status and connectivity
4 NSX-T Data Center Logical Switching
- Introduce key components and terminology in logical switching
- Describe the function and types of L2 segments
- Explain tunneling and the GENEVE encapsulation
- Configure logical segments and attach hosts using NSX Manager UI
- Describe the function and types of segment profiles
- Create segment profiles and apply them to segments and ports
- Explain the function of MAC, ARP, and TEP tables used in packet forwarding
- Demonstrate L2 unicast packet flow
- Explain ARP suppression and BUM traffic handling
5 NSX-T Data Center Logical Routing
- Describe the logical routing function and use cases
- Introduce the two-tier routing architecture, topologies, and components
- Explain the Tier-0 and Tier-1 Gateway functions
- Describe the logical router components: Service Router and Distributed Router
- Discuss the architecture and function of NSX Edge nodes
- Discuss deployment options of NSX Edge nodes
- Configure NSX Edge nodes and create NSX Edge clusters
- Configure Tier-0 and Tier-1 Gateways
- Examine the single-tier and multitier packet flow
- Configure static routing and dynamic routing, including BGP and OSPF
- Enable ECMP on Tier-0 Gateway
- Describe NSX Edge HA, failure detection, and failback modes
- Configure VRF Lite
6 NSX-T Data Center Bridging
- Describe the function of logical bridging
- Discuss the logical bridging use cases
- Compare routing and bridging solutions
- Explain the components of logical bridging
- Create bridge clusters and bridge profiles
7 NSX-T Data Center Firewalls
- Describe NSX segmentation
- Identify the steps to enforce Zero-Trust with NSX segmentation
- Describe the Distributed Firewall architecture, components, and function
- Configure Distributed Firewall sections and rules
- Configure the Distributed Firewall on VDS
- Describe the Gateway Firewall architecture, components, and function
- Configure Gateway Firewall sections and rules
8 NSX-T Data Center Advanced Threat Prevention
- Explain NSX IDS/IPS and its use cases
- Configure NSX IDS/IPS
- Deploy the NSX Application Platform
- Identify the components and architecture of NSX Malware Prevention
- Configure NSX Malware Prevention for east-west and north-south traffic
- Describe the use cases and architecture of NSX Intelligence
- Identify the components and architecture of VMware NSX® Network Detection and Response™
- Use NSX Network Detection and Response to analyze network traffic events
9 NSX-T Data Center Services
- Describe NSX-T Data Center services
- Explain and configure Network Address Translation (NAT)
- Explain and configure DNS and DHCP services
- Describe VMware NSX® Advanced Load Balancer™ architecture, components, topologies, and use cases.
- Configure NSX Advanced Load Balancer
- Discuss the IPSec VPN and L2 VPN function and use cases
- Configure IPSec VPN and L2 VPN using the NSX Manager UI
10 NSX-T Data Center User and Role Management
- Describe the function and benefits of VMware Identity Manager™ in NSX-T Data Center
- Integrate VMware Identity Manager with NSX-T Data Center
- Integrate LDAP with NSX-T Data Center
- Identify the various types of users, authentication policies, and permissions
- Use role-based access control to restrict user access
11 NSX-T Data Center Federation
- Introduce the NSX-T Data Center Federation key concepts, terminology, and use-cases.
- Explain the onboarding process of NSX-T Data Center Federation
- Describe the NSX-T Data Center Federation switching and routing functions.
- Describe the NSX-T Data Center Federation security concepts
COURSE PREREQUISITES
- Good understanding of TCP/IP services and protocols
- Knowledge and working experience of computer networking, including switching and routing technologies (L2-L3) and L2-L7 firewall
- Knowledge and working experience with VMware vSphere® environments
- Knowledge and working experience with Kubernetes or vSphere with VMware Tanzu™ environments
Solid understanding of concepts presented in the following courses:
- VMware Virtual Cloud Network: Core Technical Skills (Self-paced course)
- VMware Data Center Virtualization: Core Technical Skills (VMDCVCTS)
- Kubernetes Fundamentals (VMKFCO)
