1 – COURSE INTRODUCTION
- Introductions and course logistics
- Review course objectives
2 – INTRODUCTION TO VSPHERE NETWORKING
- Describe VMware vSphere® networking components
- Describe vSphere standard switches
- Describe vSphere distributed switches
- Explain the function VMkernel ports provide
- Explain the services provided by VMkernel ports
3 – INTRODUCTION TO NSX
- Explain what is missing in data centers today
- Describe how network virtualization can help data centers
- Explain how the new complete SDDC model improves data center operations
- Describe the benefits of NSX
- Identify NSX key use cases
4 – NSX ARCHITECTURE
- Describe the NSX architecture
- Identify the planes of NSX operations
- Summarize the planes of NSX operations
- Identify the components of each plane
- Summarize the deployment of NSX Manager
- Describe the deployment of the control plane
- Identify and describe user world agents
- List the data plane components
5 – NSX INFRASTRUCTURE PREPARATION
- Describe the NSX installation overview
- Identify what is involved in planning an NSX deployment
- Verify the NSX Manager and vCenter Server registration
- Describe the deployment and verification of the NSX Controller cluster
6 – NSX LOGICAL SWITCH NETWORKS
- Describe the switching challenges in current data centers
- Explain TZ, VTEP, and VXLAN
- Describe the procedure of preparing the infrastructure for virtual networking
- Summarize logical switching segment ID pools and address ranges
- Discuss the NSX replication modes
- Configure VXLAN transport parameters
- Explain the VXLAN Network Identifier (VNI)
- Define VLANs for VXLAN
- Explain the special CDO logical switch and transport parameters
- Explain logical switch packet walks
7 – NSX LOGICAL ROUTING
- Describe the routing challenges in current data centers
- Explain Hairpinning
- Describe the East-West and North-South routing concepts
- Define the NSX Distributed Logical Router
- Define the NSX Edge services gateway
- Explain the work flows of a DLR
- Explain the logical router, interfaces, and interface addresses
- Describe the logical router traffic flow on the same hosts and Between different hosts
- Describe logical router deployment models
- Explain the packet flows of an NSX Edge services gateway
- Explain the common topologies of an NSX Edge services gateway
8 – ADVANCED NSX LOGICAL ROUTING
- Explain static and dynamic routing
- Describe DLR and NSX Edge static and dynamic routing configuration
- Explain OSPF and BGP routing protocols
- Explain ingress and egress traffic flows
- Describe and configure Equal-Cost Multipathing
- Describe high availability for DLR and NSX Edge service gateways
9 – NSX L2 BRIDGING
- Explain L2 bridging use cases
- Describe software and hardware L2 bridging between VXLAN and VLANs
- Discuss L2 bridging packet flows
10 – NSX EDGE SERVICES
- Describe the NSX Edge Services
- Explain how Network Address Translation (NAT) works
- Describe source and destination NAT
- Explain NAT64
11 – NSX EDGE VPN SERVICES
- Describe the NSX Edge VPN Services
- Describe the VPN use cases
- Explain NSX IPsec VPN services
- Describe the IPsec security protocols: Encapsulating Security Payload
- Configure an NSX Edge for IPsec VPN services
- Explain NSX Edge L2 VPN services
- Configure a L2 VPN on an NSX Edge
- Explain NSX Edge SSL VPN-Plus services
- Explain the SSL VPN-Plus client and installation package
- Configure NSX Edge SSL VPN-Plus server settings
12 – NSX SECURITY SERVICES
- Describe SDDC security challenges
- Explain the evolution of firewalls
- Describe the NSX logical firewalls
- Describe the Distributed Firewall architecture
- Explain how to work with firewall rule sections
- Differentiate L2 and L3 firewall rules
- Describe exclusion lists
- Explain L7 filtering in the DFW
- Define an IP address, MAC address, a security, and service group
- Describe the VMware Tools IP address discovery method
- Explain DHCP and ARP snooping
13 – NSX ADVANCED SECURITY SERVICES
- Describe NSX SpoofGuard
- Explain how to enable NSX SpoofGuard
- Describe the NSX Identity Firewall
- Explain how Identity Firewall works with AD
- Discuss RDSH and its use in Identity Firewall
- Explain Application Rule Manager
- Describe the selection of virtual machines for Application Rule Manager
- Explain how to create a monitoring session
- Describe the publication of firewall rules from Application Rule Manager
14 – NSX INTROSPECTION SERVICES
- Describe the types of introspection services
- Describe the installation and configuration of Guest and Network Introspection
- Explain service chaining
- Define the available advanced services
- Describe Guest Introspection services
- Describe Network Introspection services
- Describe how to view the status of Guest and Network Introspection
- Summarize Guest and Network Introspection alarms, events, and audit messages
15 – CROSS-VCENTER NSX
- Describe cross-vCenter features and use cases
- Describe the components involved in cross-vCenter NSX
- Identify NSX Manager roles and NSX Controller cluster placement
- Deploy universal logical networks
- Describe the deployment models available for cross-vCenter NSX
- Explain the design considerations for cross-vCenter NSX
