VMware NSX-T Data Center for Intrinsic Security [V3.2]

Teaching methodology

The course includes educational laboratories in which each student will be able to work in order to complete training exercises that will provide practical experience in using the instrument, for each of the topics covered during the course.

Who should participate

Experienced security administrators

Prerequisites

• Good knowledge of TCP/IP services and protocols.
• Network security knowledge and work experience, including:
• firewalling da L2 a L7
• Intrusion detection and prevention systems
• Malware prevention systems
• Knowledge and experience working with VMware vSphere® environments and KVM based environments.

Outgoing knowledge/skills

By the end of the course, you should be able to achieve the following objectives:

• Define information security concepts
• Explain the different types of firewalls and their use cases.
• Describe how intrusion detection and prevention systems work.
• Distinguish malware prevention approaches
• Describe VMware’s intrinsic security portfolio
• Implement zero-trust security using VMware NSX® segmentation.
• Configure user and role management
• Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies.
• Setting up and troubleshooting Gateway Security
• Utilizzare VMware vRealize® Log Insight™ for NSX™ e VMware vRealize® Network Insight™ per gestire i firewall NSX.
• Explain security best practices around grouping, tagging, and configuring rules.
• Describe the insertion of north-south and east-west services.
• Describe endpoint protection
• Configure and troubleshoot IDS/IPS
• Implement the NSX application platform
• Configure and troubleshoot NSX Malware Prevention
• Describe the features of NSX Intelligence and NSX Network Detection and Response

Educational program

1 Introduction to the course

• Introduction and logistics of the course
• Objectives of the course

2 Security Fundamentals

• Define information security concepts
• Explain the different types of firewalls and their use cases
• Describe how IDS/IPS works
• Distinguish malware prevention approaches

3 VMware Intrinsic Security

Define VMware’s intrinsic security strategy
Describe VMware’s intrinsic security portfolio
Explain how the NSX-T Data Center aligns with the intrinsic safety strategy.

4 Implementing Zero-Trust Security

• Define zero-trust security
• Describe the five pillars of a Zero-Trust Architecture
• Define NSX segmentation and its use cases
• Describe the steps required to implement zero-trust security with NSX segmentation.

5 User and role management

• Integration of NSX-T Data Center and VMware Identity Manager
• Integrare NSX-T Data Center e LDAP
• Describe users and roles native to the NSX-T Data Center
• Create and assign custom user roles

6 Distributed firewall

• Configure distributed firewall rules and policies
• Describe the NSX distributed firewall architecture.
• Troubleshoot common NSX Distributed Firewall issues
• Configure time-based policies
• Configure Identity Firewall rules

7 Gateway security

• Configure gateway firewall rules and policies
• Describe the Firewall Gateway architecture
• Identify and resolve common Gateway firewall problems.
• Configure TLS inspection to decrypt traffic for internal and external services.
• Configure URL filtering and identify common configuration issues.

8 Management of internal firewalls

• Utilizzare vRealize Log Insight for NSX e vRealize Network Insight per gestire i firewall NSX.
• Explain security best practices around grouping, tagging, and configuring rules.

9 Introspection of the network

• Explain network introspection
• Describe the architecture and workflows of North-South and East-West service insertion.
• Troubleshoot entering north-south and east-west services.

10 Endpoint Protection

• Explain endpoint protection
• Describe the endpoint protection architecture and workflows
• Troubleshoot endpoint security

11 Intrusion Detection and Prevention

• Describe the MITER ATT&CK framework
• Explain the different stages of a cyber attack
• Describe how NSX security solutions can be used to protect against cyberattacks.
• Configure and troubleshoot distributed IDS/IPS
• Configure and troubleshoot north-south IDS/IPS.

12 NSX Application Platform

• Describe the NSX application platform and its use cases.
• Identify supported topologies for deploying NSX Application Platform.
• Deploy the NSX Application Platform
• Explain the NSX Application Platform architecture and services
• Validate your NSX Application Platform deployment and troubleshoot common issues.

13 NSX Malware Prevention

• Identify NSX Malware Prevention use cases.
• Identify the components of the NSX Malware Prevention architecture.
• Describe NSX Malware Prevention packet streams for known and unknown files.
• Configure NSX Malware Prevention for east-west and north-south traffic.

14 NSX Intelligence e NSX Network Detection and Response

• Describe NSX Intelligence and its use cases
• Explain the network traffic viewing, recommendation, and analysis capabilities of NSX Intelligence.
• Describe NSX Network Detection and Response and its use cases
• Explain the architecture of NSX Network Detection and Response in NSX-T Data Center
• Describe the visualization capabilities of NSX Network Detection and Response

Duration – 5 days

Delivery – in Classroom, On Site, Remote

PC and SW requirements:

• Internet connection
• Web browser, Google Chrome
• Zoom

Language
Instructor: English
Labs: English
Slides: English