-
This advanced course is delivered by VMware directly.
-
This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX-T™ Data Center for intrinsic security. In this course, you are introduced to all the security features in NSX-T Data Center, including distributed and gateway firewall, Intrusion Detection and Prevention (IDS/IPS), VMware NSX® Intelligence™, and Network Detection and Response (NDR).
In addition, you are presented with common configuration issues and given a methodology to resolve them.
-
Course Contents
-
- Course Introduction
- Security Basics
- VMware Intrinsic Security
- Implementing Zero-Trust Security
- User and Role Management
- Distributed Firewall
- Gateway Security
- Operating Internal Firewalls
- Network Introspection
- Endpoint Protection
- Advanced Threat Prevention
You will receive the original course documentation from VMware as an e-book.
-
Target Group
-
• Experienced security administrators
-
Knowledge Prerequisites
-
You should also have the following understanding or knowledge:
• Good understanding of TCP/IP services and protocols
• Knowledge and working experience of network security, including:
• L2-L7 Firewalling
• Intrusion Detection and Prevention Systems
• Knowledge and working experience of VMware vSphere® environments and KVM-based environmentsThe VMware Certified Technical Associate - Network Virtualization is recommended.
| 1 Course Introduction |
| Introductions and course logistics |
| Course objectives |
| 2 Security Basics |
| Define information security related concepts |
| Explain different types of firewalls and their use cases |
| Describe the operation of Intrusion Detection and Intrusion Prevention Systems |
| 3 VMware Intrinsic Security |
| Define VMware intrinsic security strategy |
| Describe VMware intrinsic security portfolio |
| Explain how NSX-T Data Center aligns in the intrinsic security strategy |
| 4 Implementing Zero-Trust Security |
| Define Zero-Trust Security |
| Describe the five pillars of a Zero-Trust Architecture |
| Define NSX segmentation and its use cases |
| Describe the steps needed to enforce Zero-Trust with NSX segmentation |
| 5 User and Role Management |
| Integrate NSX-T Data Center and VMware Identity Manager™ |
| Integrate NSX-T Data Center and LDAP |
| Describe the native users and roles in NSX-T Data Center |
| Create and assign custom user roles |
| 6 Distributed Firewall |
| Configure Distributed Firewall rules and policies |
| Describe the Distributed Firewall architecture |
| Troubleshoot common problems related to Distributed Firewall |
| Configure time-based policies |
| Configure Identity Firewall rules |
| 7 Gateway Security |
| Configure gateway firewall rules and policies |
| Describe the architecture of the gateway firewall |
| Identify and troubleshoot common gateway firewall issues |
| Configure URL analysis and identify common configuration issues |
| 8 Operating Internal Firewalls |
| Use vRealize Log Insight, vRealize Network Insight, and NSX Intelligence to operate NSX firewalls |
| Explain NSX Intelligence visualization and recommendation capabilities |
| Explain security best practices related to grouping, tagging, and rule configuration |
| 9 Network Introspection |
| Explain network introspection |
| Describe the architecture and workflows of North-South and East-West service insertion |
| Troubleshoot North-South and East-West service insertion |
| 10 Endpoint Protection |
| Explain Endpoint Protection |
| Describe the architecture and workflows of endpoint protection |
| Troubleshoot endpoint protection |
| 11 Advanced Threat Prevention |
| Describe the MITRE ATT&CK Framework |
| Explain the different phases of a cyber attack |
| Describe how NSX security solutions can be used to protect against cyber attacks |
| Configure and troubleshoot Distributed IDS/IPS |
| Describe the capabilities of Network Detection and Response |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
You can find the complete description of this course with dates and prices ready for download at as PDF.-
This advanced course is delivered by VMware directly.
-
This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX-T™ Data Center for intrinsic security. In this course, you are introduced to all the security features in NSX-T Data Center, including distributed and gateway firewall, Intrusion Detection and Prevention (IDS/IPS), VMware NSX® Intelligence™, and Network Detection and Response (NDR).
In addition, you are presented with common configuration issues and given a methodology to resolve them.
-
Course Contents
-
- Course Introduction
- Security Basics
- VMware Intrinsic Security
- Implementing Zero-Trust Security
- User and Role Management
- Distributed Firewall
- Gateway Security
- Operating Internal Firewalls
- Network Introspection
- Endpoint Protection
- Advanced Threat Prevention
You will receive the original course documentation from VMware as an e-book.
-
Target Group
-
• Experienced security administrators
-
Knowledge Prerequisites
-
You should also have the following understanding or knowledge:
• Good understanding of TCP/IP services and protocols
• Knowledge and working experience of network security, including:
• L2-L7 Firewalling
• Intrusion Detection and Prevention Systems
• Knowledge and working experience of VMware vSphere® environments and KVM-based environmentsThe VMware Certified Technical Associate - Network Virtualization is recommended.
| 1 Course Introduction |
| Introductions and course logistics |
| Course objectives |
| 2 Security Basics |
| Define information security related concepts |
| Explain different types of firewalls and their use cases |
| Describe the operation of Intrusion Detection and Intrusion Prevention Systems |
| 3 VMware Intrinsic Security |
| Define VMware intrinsic security strategy |
| Describe VMware intrinsic security portfolio |
| Explain how NSX-T Data Center aligns in the intrinsic security strategy |
| 4 Implementing Zero-Trust Security |
| Define Zero-Trust Security |
| Describe the five pillars of a Zero-Trust Architecture |
| Define NSX segmentation and its use cases |
| Describe the steps needed to enforce Zero-Trust with NSX segmentation |
| 5 User and Role Management |
| Integrate NSX-T Data Center and VMware Identity Manager™ |
| Integrate NSX-T Data Center and LDAP |
| Describe the native users and roles in NSX-T Data Center |
| Create and assign custom user roles |
| 6 Distributed Firewall |
| Configure Distributed Firewall rules and policies |
| Describe the Distributed Firewall architecture |
| Troubleshoot common problems related to Distributed Firewall |
| Configure time-based policies |
| Configure Identity Firewall rules |
| 7 Gateway Security |
| Configure gateway firewall rules and policies |
| Describe the architecture of the gateway firewall |
| Identify and troubleshoot common gateway firewall issues |
| Configure URL analysis and identify common configuration issues |
| 8 Operating Internal Firewalls |
| Use vRealize Log Insight, vRealize Network Insight, and NSX Intelligence to operate NSX firewalls |
| Explain NSX Intelligence visualization and recommendation capabilities |
| Explain security best practices related to grouping, tagging, and rule configuration |
| 9 Network Introspection |
| Explain network introspection |
| Describe the architecture and workflows of North-South and East-West service insertion |
| Troubleshoot North-South and East-West service insertion |
| 10 Endpoint Protection |
| Explain Endpoint Protection |
| Describe the architecture and workflows of endpoint protection |
| Troubleshoot endpoint protection |
| 11 Advanced Threat Prevention |
| Describe the MITRE ATT&CK Framework |
| Explain the different phases of a cyber attack |
| Describe how NSX security solutions can be used to protect against cyber attacks |
| Configure and troubleshoot Distributed IDS/IPS |
| Describe the capabilities of Network Detection and Response |
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
You can find the complete description of this course with dates and prices ready for download at as PDF.