Course outline
Duration : 5 days |
© AFI Expertise inc. | |
This five-day, fast-paced course provides comprehensive training on how to install, configure, and manage a VMware NSX-T™ Data Center environment. This course covers key NSX-T Data Center features and functionality offered in the NSX-T Data Center 2.4 release, including the overall infrastructure, logical switching, logical routing, networking and security services, micro-segmentation and firewalls, and so on. | |
Audience | Experienced system administrators or network administrators |
Prerequisites | • Good understanding of TCP/IP services • Working experience of enterprise switching and routing • Good understanding of network security and working experience with firewalls • Solid understanding of concepts presented in the following courses: o VMware Data Center Virtualization Fundamentals o VMware Introduction to Network Virtualization with NSX o VMware Network Virtualization Fundamentals |
Objectives | By the end of the course, you should be able to meet the following objectives: • Describe VMware Virtual Cloud Network and the NSX-T Data Center architecture • Describe the NSX-T Data Center components and main functions • Explain the NSX-T Data Center key features and benefits • Deploy and configure NSX-T Data Center infrastructure • Configure layer 2 logical switching and bridging • Explain the tiered routing architecture and configure gateways • Configure advanced services such as VPN and load balancing • Describe the NSX-T Data Center security model with micro-segmentation • Configure Distributed Firewall and Gateway Firewall to protect east-west and north-south traffic • Explain advanced security enforcement with partner service insertion • Integrate VMware Identity Manager™ with NSX-T Data Center and configure Role-Based Access Control • Gather relevant information and perform basic troubleshooting with various tools |
Teaching method | Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course. |
Contents | 1. Course Introduction • Introductions and course logistics • Overview of modules and course objectives 2. VMware Virtual Cloud Network and NSX-T Data Center • Introduce VMware’s Virtual Cloud Network vision • Discuss NSX-T Data Center solutions, use cases, and benefits • Explain NSX-T Data Center architecture and components • Describe VMware NSX® product portfolio and features • Explain the management, control, data, and consumption planes and function 3. NSX-T Data Center Infrastructure Deployment • Describe NSX Management Cluster • Deploy VMware NSX® Manager™ nodes on VMware ESXi™ and KVM hypervisors • Navigate through the NSX Manager UI • Explain data plane components such as N-VDS, transport nodes, transport zones, profiles, and more • Perform transport node preparation and establish the data center infrastructure • Verify transport node status and connectivity 4. NSX-T Data Center Logical Switching • Introduce key components and terminology in logical switching • Describe the types of L2 segments and function • Explain tunneling and the GENEVE encapsulation • Configure logical segments and attach hosts using NSX Manager UI • Describe the function and types of segment profiles • Create segment profiles and apply them to segments and ports • Explain the function of MAC, ARP, and TEP tables used in packet forwarding • Demonstrate L2 unicast packet flow • Explain ARP suppression and BUM traffic handling 5. NSX-T Data Center Logical Routing • Describe the logical routing function and use cases • Introduce the two-tier routing architecture, topologies, and components • Explain the Tier-0 and Tier-1 Gateway functions • Describe the logical router components: Service Router and Distributed Router • Discuss the architecture and function of VMware NSX® Edge™ nodes • Discuss deployment options of NSX Edge nodes • Configure NSX Edge nodes and create NSX Edge clusters • Configure Tier-0 and Tier-1 Gateways • Examine the single-tier and multitier packet flow • Configure static routing and dynamic routing • Enable ECMP on Tier-0 Gateway • Describe NSX Edge HA, failure detection, and failback modes 6. NSX-T Data Center Logical Bridging • Describe the function of logical bridging • Discuss the logical bridging use cases • Compare routing and bridging solutions • Explain the components of logical bridging • Create bridge clusters and bridge profiles 7. NSX-T Data Center Services • Describe NSX-T Data Center services • Explain and configure Network Address Translation (NAT) • Explain and configure DNS and DHCP services • Describe the load-balancing function, topologies, components, and use cases • Configure L4-L7 load balancing • Discuss the IPSec VPN and L2 VPN function and use cases • Configure IPSec VPN and L2 VPN using NSX Manager UI 8. NSX-T Data Center Security • Introduce the NSX-T Data Center security approach and model • Describe the micro-segmentation benefits and use cases • Describe the Distributed Firewall architecture, components, and function • Configure Distributed Firewall sections and rules • Describe the Gateway Firewall architecture, components, and function • Configure Gateway Firewall sections and rules • Describe Network Introspection service insertion for east-west and north-south security • Describe Endpoint Protection and use cases • Discuss the integration and benefits of partner security solutions with NSX-T Data Center 9. User and Role Management • Describe the function and benefits of VMware Identity Manager in NSX-T Data Center • Integrate VMware Identity Manager with NSX-T Data Center • Identify the various types of users, authentication policies, and permissions • Use Role-Based Access Control to restrict user access • Explain the built-in roles in VMware Identity Manager and role assignment to users 10. NSX-T Data Center Basic Troubleshooting • Introduce the troubleshooting methodology and process • Use various methods to collect local and remote log files • Describe troubleshooting tools, such as IPFIX, Traceflow, Packet Capture, SPAN, and so on • Solve basic problems related to installation, switching, routing, and firewalls • Use CLI commands to verify the component configuration and status in NSX-T Data Center |