Overview:

This five-day, fast-paced course provides comprehensive training on how to install, configure, and manage a VMware NSX-T™ Data Center environment. This course covers key NSX-T Data Center features and functionality offered in the NSX-T Data Center 3.0 release, including the overall infrastructure, logical switching, logical routing, networking and security services, micro-segmentation and firewalls, and more.

Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course.

This course is also available in an On Demand format. For more information, select this link: VMware NSX-T Data Center: Install, Configure, Manage [V3.0] – On Demand.

Product Alignment
• NSX-T Data Center 3.0

Objectives:

By the end of the course, you should be able to meet the following objectives:
•  Describe VMware Virtual Cloud Network and the NSX-T Data Center architecture
•  Describe the NSX-T Data Center components and main functions
•  Explain the NSX-T Data Center key features and benefits
•  Deploy and configure NSX-T Data Center infrastructure
•  Configure layer 2 logical switching and bridging
•  Explain the tiered routing architecture and configure gateways
•  Configure advanced services such as VPN and load balancing
•  Describe the NSX-T Data Center security model with micro-segmentation
•  Configure Distributed Firewall and Gateway Firewall to protect east-west and north-south traffic
•  Explain advanced security enforcement with URL analysis, IDS, and partner service insertion
•  Integrate VMware Identity Manager™ or LDAP with NSX-T Data Center and configure role-based access
control
•  Describe NSX-T Data Center Federation use-cases and architecture for switching, routing, and security.

Intended Audience:
•  Experienced system administrators or network administrators

Prerequisites:

•  Good understanding of TCP/IP services and network security and working experience with firewalls
•  Working experience of enterprise switching and routing

Solid understanding of concepts presented in the following courses:
•  VMware Data Center Virtualization Fundamentals
•  VMware Introduction to Network Virtualization with NSX
•  VMware Network Virtualization Fundamentals

Outline:

1  Course Introduction

•  Introductions and course logistics
•  Course objectives

2  VMware Virtual Cloud Network and NSX-T Data Center

•  Introduce VMware’s Virtual Cloud Network vision
•  Discuss NSX-T Data Center solutions, use cases, and benefits
•  Explain NSX-T Data Center architecture and components
•  Describe VMware NSX® product portfolio and features
•  Explain the management, control, data, and consumption planes and function

3  Deployment Preparing the NSX-T Data Center Infrastructure

•  Describe NSX Management Cluster
•  Deploy VMware NSX® Manager™ nodes on VMware ESXi and KVM hypervisors
•  Navigate through the NSX Manager UI
•  Explain data-plane components such as N-VDS, transport nodes, transport zones, profiles, and more
•  Perform transport node preparation and establish the data center infrastructure
•  Verify transport node status and connectivity

4  NSX-T Data Center Logical Switching

•  Introduce key components and terminology in logical switching
•  Describe the function and types of L2 segments
•  Explain tunneling and the GENEVE encapsulation
•  Configure logical segments and attach hosts using NSX Manager UI
•  Describe the function and types of segment profiles
•  Create segment profiles and apply them to segments and ports
•  Explain the function of MAC, ARP, and TEP tables used in packet forwarding
•  Demonstrate L2 unicast packet flow
•  Explain ARP suppression and BUM traffic handling

5  NSX-T Data Center Logical Routing

•  Describe the logical routing function and use cases
•  Introduce the two-tier routing architecture, topologies, and components
•  Explain the Tier-0 and Tier-1 Gateway functions
•  Describe the logical router components: Service Router and Distributed Router
•  Discuss the architecture and function of VMware NSX® Edge™ nodes
•  Discuss deployment options of NSX Edge nodes
•  Configure NSX Edge nodes and create NSX Edge clusters
•  Configure Tier-0 and Tier-1 Gateways
•  Examine the single-tier and multitier packet flow
•  Configure static routing and dynamic routing
•  Enable ECMP on Tier-0 Gateway
•  Describe NSX Edge HA, failure detection, and failback modes

6  NSX-T Data Center Bridging

•  Describe the function of logical bridging
•  Discuss the logical bridging use cases
•  Compare routing and bridging solutions
•  Explain the components of logical bridging
•  Create bridge clusters and bridge profiles

7  NSX-T Data Center Security

•  Introduce the NSX-T Data Center security approach and model
•  Describe the micro-segmentation benefits and use cases
•  Describe the Distributed Firewall architecture, components, and function
•  Configure Distributed Firewall sections and rules
•  Describe the Gateway Firewall architecture, components, and function
•  Configure Gateway Firewall sections and rules
•  Describe URL analysis and distributed intrusion system importance and use-cases.
•  Describe the service insertion functionality for east-west and north-south security
•  Discuss the integration and benefits of partner security solutions with NSX-T Data Center

8  NSX-T Data Center Services

•  Describe NSX-T Data Center services
•  Explain and configure Network Address Translation (NAT) and NAT 64
•  Explain and configure DNS and DHCP services
•  Describe the load-balancing function, topologies, components, and use cases
•  Configure L4-L7 load balancing
•  Discuss the IPSec VPN and L2 VPN function and use cases
•  Configure IPSec VPN and L2 VPN using NSX Manager UI

9  NSX-T Data Center Monitoring

•  Explain the importance and functionality of VMware NSX Intelligence™
•  Navigate through the NSX Topology UI and identify the various key elements in the UI
•  Discuss the importance and use-cases of alarms and events

10  NSX-T Data Center User and Role Management

•  Describe the function and benefits of VMware Identity Manager in NSX-T Data Center
•  Integrate VMware Identity Manager with NSX-T Data Center
•  Integrate LDAP with NSX-T Data Center
•  Identify the various types of users, authentication policies, and permissions
•  Use role-based access control to restrict user access
•  Explain the built-in roles in VMware Identity Manager and role assignment to users

11  NSX-T Data Center Federation

•  Introduce the NSX-T Data Center Federation key concepts, terminology, and use-cases.
•  Explain the onboarding process of NSX-T Data Center Federation
•  Describe the NSX-T Data Center Federation switching and routing functions.
•  Describe the NSX-T Data Center Federation security concepts and routing functions