VMware NSX-T Data Center: What’s New [v3.2]
In this three-day hands-on training, you explore the new features and enhancements of VMware NSX-T™ Data Center 3.2. All new security features of NSX-T Data Center 3.2 will be showcased, including NSX Application Platform, NSX Malware Prevention, NSX Intrusion Detection and Prevention, URL Filtering, VMware NSX® Intelligence™ and VMware NSX® Network Detection and Response™.
The course also discusses the architectural and operational changes introduced in version 3.2 and the improvements made to OSPF, VMware NSX® Advanced Load Balancer™ and NSX Federation.
COD: NSXTWN32
CATEGORY: VMware
Teaching methodology
The course includes educational laboratories in which each student will be able to work in order to complete training exercises that will provide practical experience in using the instrument, for each of the topics covered during the course.
Who should participate
Network and security administrators, IT managers, VMware partners, and individuals responsible for implementing and managing NSX-T Data Center implementations.
Prerequisites
This course requires completion of the VMware NSX-T Data Center: Install, Configure, Manage course or equivalent knowledge and administration experience with NSX-T Data Center 3.0 or higher.
A solid understanding of fundamental Kubernetes concepts is also required.
The following knowledge would be helpful:
- Knowledge of TCP/IP services and protocols.
- Knowledge and work experience of computer networks, including switching and routing technologies (L2-L3) and firewalls L2-L7.
- Knowledge and experience working with VMware vSphere® environments.
- Knowledge and experience working with Kubernetes or vSphere with Tanzu environments.
Outgoing knowledge/skills
By the end of the course, you should be able to achieve the following objectives:
- Describe the architectural and operational improvements in NSX-T Data Center 3.2
- Configurare OSPF in NSX-T Data Center 3.2
- Describe the architecture and security features of NSX-T Data Center 3.2
- Configure distributed firewall on VDS for security use cases
- Configure URL filtering and identity firewall on NSX Edge nodes
- Configure NSX Intrusion Detection and Prevention for East-West traffic.
- Implementation of the NSX application platform
- Configure NSX Malware Prevention for east-west and north-south traffic.
- Analyze network security posture and threats with NSX Intelligence and NSX Network Detection and Response
- Implementation of NSX Advanced Load Balancer components
- Describe the NSX Federation enhancements in NSX-T Data Center 3.2
Educational program
1 Introduction to the course
- Introduction and logistics of the course
- Objectives of the course
2 NSX Architecture and Operations
- Examine the key components of the NSX-T data center architecture.
- Explain the management plan and policy promotion tool
- Compare live traffic analysis to traditional network traffic analysis methods.
- Identify how Fabric View helps visualize the underlying network fabric of a topology.
- Recognize improvements to historical trends for network and system monitoring.
- Explain how the fabric MTU health check can be used to identify an MTU mismatch.
3 OSPF routing protocol
- Explain the fundamental concepts of OSPF routing
- Define OSPF use cases in NSX-T Data Center
- Explain Tier-0 gateway topologies with OSPF
- Configure OSPF in an NSX-T data center
4 NSX Security Overview
- Describe the NSX security architecture and its main components.
- Identify NSX Distributed Security use cases
- Identify NSX Gateway Security use cases
- Describe NSX network detection and response
5 Distributed Firewall on VDS: Use Cases for Security
- Identify the firewall requirements deployed on VDS
- Configure distributed firewall on VDS
- Validate firewall configurations deployed on VDS
6 Gateway security
- Identify use cases for URL filtering
- Describe the URL filtering architecture
- Configure URL filtering
- Describe the use cases, architecture and components of Identity Firewall
- Configure Identity Firewall for north-south traffic.
7 Intrusion Detection and Prevention
- Describe the MITER ATT&CK framework
- Explain the stages of a cyber attack.
- Describe the characteristics and methods used by intrusion detection and prevention systems.
- Identificare i casi d’uso di VMware NSX® Distributed IDS/IPS™.
- Describe the terminology and architecture of NSX Distributed IDS/IPS
- Configurare NSX Distributed IDS/IPS
8 NSX Application Platform
- Describe the NSX Application Platform and its use cases
- Defining vSphere core concepts with Tanzu
- Distribuire NSX Application Platform su vSphere con Tanzu
- Explain the NSX Application Platform architecture and services
- Scale and scale the NSX application platform
9 Malware Prevention
- Describe techniques used in cyber threat prevention
- Identify NSX Malware Prevention use cases.
- Identify the components of the NSX Malware Prevention architecture.
- Describe NSX Malware Prevention packet streams for known and unknown files.
- Configure NSX Malware Prevention for east-west and north-south traffic.
10 NSX Intelligence e NSX Network Detection and Response
- Describe the architecture and main components of NSX Intelligence.
- Installare NSX Intelligence
- Describe the improvements of NSX Intelligence in terms of display, recommendations and detection of suspicious traffic.
- Describe the NSX Network Detection and Response architecture and use cases
- Attivare NSX Network Detection and Response
- Describe the visualization capabilities of NSX Network Detection and Response.
11 NSX Advanced Load Balancer
- Describe the NSX Advanced Load Balancer and its use cases
- Explain the architecture of the NSX Advanced Load Balancer
- Distribuire NSX Advanced Load Balancer
- Explain the components of the NSX Advanced Load Balancer and how they handle traffic
- Configuring virtual IP addresses, virtual services and server pools
- Perform basic troubleshooting of virtual services, server pools, and service engines.
12 NSX Federation Enhancements
- Recognize NSX Federation use cases
- Describe the main architectural components of NSX Federation.
- Explain LDAP support for the Global Manager
- Explain the purpose of firewall drafts on NSX Global Manager.
- Explain NSX Federation support for tag-based replication
- Describe how to monitor NSX Federation components
Duration – 3 days
Delivery – in Classroom, On Site, Remote
PC and SW requirements:
- Internet connection
- Web browser, Google Chrome
- Zoom
Language
Instructor: English
Labs: English
Slides: English
