This five-day, comprehensive, fast-paced training course presents VMware NSX as a part of the software-defined data center. You will learn how to use logical switching in VMware NSX to virtualize your switching environment. The course also details logical routing to enable you to dynamically route between different virtual environments.  You will also learn how to use gateway services, firewall configurations, and security services to help secure and optimize your VMware NSX environment.
Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course.

Product Alignment
•  VMware NSX 6.4

Course Introduction

    Introductions and course logistics
    Review course objectives

Introduction to vSphere Networking

    Describe VMware vSphere® networking components
    Describe vSphere standard switches
    Describe vSphere distributed switches
    Explain the function VMkernel ports provide
    Explain the services provided by VMkernel ports

Introduction to NSX

    Explain what is missing in data centers today
    Describe how network virtualization can help data centers
    Explain how the new complete SDDC model improves data center operations
    Describe the benefits of NSX
    Identify NSX key use cases

NSX Architecture

    Describe the NSX architecture
    Identify the planes of NSX operations
    Summarize the planes of NSX operations
    Identify the components of each plane
    Summarize the deployment of NSX Manager
    Describe the deployment of the control plane
    Identify and describe user world agents
    List the data plane components

NSX Infrastructure Preparation

    Describe the NSX installation overview
    Identify what is involved in planning an NSX deployment
    Verify the NSX Manager and vCenter Server registration
    Describe the deployment and verification of the NSX Controller cluster

NSX Logical Switch Networks

    Describe the switching challenges in current data centers
    Explain TZ, VTEP, and VXLAN
    Describe the procedure of preparing the infrastructure for virtual networking
    Summarize logical switching segment ID pools and address ranges
    Discuss the NSX replication modes
    Configure VXLAN transport parameters
    Explain the VXLAN Network Identifier (VNI)
    Define VLANs for VXLAN
    Explain the special CDO logical switch and transport parameters
    Explain logical switch packet walks

NSX Logical Routing

    Describe the routing challenges in current data centers
    Explain Hairpinning
    Describe the East-West and North-South routing concepts
    Define the NSX Distributed Logical Router
    Define the NSX Edge services gateway
    Explain the work flows of a DLR
    Explain the logical router, interfaces, and interface addresses
    Describe the logical router traffic flow on the same hosts and Between different hosts
    Describe logical router deployment models
    Explain the packet flows of an NSX Edge services gateway
    Explain the common topologies of an NSX Edge services gateway

Advanced NSX Logical Routing

    Explain static and dynamic routing
    Describe DLR and NSX Edge static and dynamic routing configuration
    Explain OSPF and BGP routing protocols
    Explain ingress and egress traffic flows
    Describe and configure Equal-Cost Multipathing
    Describe high availability for DLR and NSX Edge service gateways

NSX L2 Bridging

    Explain L2 bridging use cases
    Describe software and hardware L2 bridging between VXLAN and VLANs
    Discuss L2 bridging packet flows

NSX Edge Services

    Describe the NSX Edge Services
    Explain how Network Address Translation (NAT) works
    Describe source and destination NAT
    Explain NAT64

NSX Edge VPN Services

    Describe the NSX Edge VPN Services
    Describe the VPN use cases
    Explain NSX IPsec VPN services
    Describe the IPsec security protocols: Encapsulating Security Payload
    Configure an NSX Edge for IPsec VPN services
    Explain NSX Edge L2 VPN services
    Configure a L2 VPN on an NSX Edge
    Explain NSX Edge SSL VPN-Plus services
    Explain the SSL VPN-Plus client and installation package
    Configure NSX Edge SSL VPN-Plus server settings

NSX Security Services

    Describe SDDC security challenges
    Explain the evolution of firewalls
    Describe the NSX logical firewalls
    Describe the Distributed Firewall architecture
    Explain how to work with firewall rule sections
    Differentiate L2 and L3 firewall rules
    Describe exclusion lists
    Explain L7 filtering in the DFW
    Define an IP address, MAC address, a security, and service group
    Describe the VMware Tools IP address discovery method
    Explain DHCP and ARP snooping

NSX Advanced Security Services

    Describe NSX SpoofGuard
    Explain how to enable NSX SpoofGuard
    Describe the NSX Identity Firewall
    Explain how Identity Firewall works with AD
    Discuss RDSH and its use in Identity Firewall
    Explain Application Rule Manager
    Describe the selection of virtual machines for Application Rule Manager
    Explain how to create a monitoring session
    Describe the publication of firewall rules from Application Rule Manager

NSX Introspection Services

    Describe the types of introspection services
    Describe the installation and configuration of Guest and Network Introspection
    Explain service chaining
    Define the available advanced services
    Describe Guest Introspection services
    Describe Network Introspection services
    Describe how to view the status of Guest and Network Introspection
    Summarize Guest and Network Introspection alarms, events, and audit messages

Cross-vCenter NSX

    Describe cross-vCenter features and use cases
    Describe the components involved in cross-vCenter NSX
    Identify NSX Manager roles and NSX Controller cluster placement
    Deploy universal logical networks
    Describe the deployment models available for cross-vCenter NSX
    Explain the design considerations for cross-vCenter NSX

Experienced system or network administrators

•  Understanding of enterprise switching and routing
•  Knowledge of TCP/IP services
•  Experience with firewalls and firewall rule sets
•  Understanding of concepts presented in the VMware Data Center Virtualization Fundamentals course
•  Understanding of the concepts presented in the VMware Introduction to Network Virtualization with NSX    course

By the end of the course, you should be able to meet the following objectives:
•  Configure and deploy VMware NSX components for management and control
•  Describe basic VMware NSX layer 2 networking
•  Configure, deploy, and use logical switch networks
•  Configure and deploy VMware NSX distributed router appliances to establish east-west connectivity
•  Configure and deploy VMware NSX® Edge™ services gateway appliances to establish north-south
   connectivity
•  Configure VMware NSX L2 bridging
•  Configure and use all main features of the NSX Edge services gateway
•  Configure NSX Edge firewall rules to restrict network traffic
•  Configure VMware NSX distributed firewall rules to restrict network traffic
•  Configure Service Composer policies
•  Configure an identity-aware firewall
•  Describe VMware NSX data security
•  Use the cross-vCenter VMware NSX feature

This course prepares you for the following certification:
•  VMware Certified Professional 6 – Network Virtualization (VCP6-NV)

• VMware Certified Professional 6 – Network Virtualization (VCP6-NV)