Manage the entire network as a single entity from a single pane of glass with VMware NSX.

Enable your virtual cloud network with full-stack network and security virtualization. Connect and protect applications across your data center, multi-cloud and container infrastructure. NSX reproduces the entire network model in software, so you can create and provision any network topology in seconds and deliver critical apps and services faster and easier.

Overview

This hands-on EDU-NSXTIS3X: VMware NSX-T Data Center for Intrinsic Security training course, equivalent to 5 days of training, provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX-T Data Center for intrinsic security. In this course, you are introduced to all the security features in NSX-T Data Center, including distributed and gateway firewall, Intrusion Detection and Prevention (IDS/IPS), VMware NSX® Intelligence™, and Network Detection and Response (NDR).

In addition, you are presented with common configuration issues and given a methodology to resolve them.

Skills Covered

By the end of the course, you should be able to meet the following objectives:

  • Define information-security-related concepts
  • Explain the different types of firewalls and their use cases
  • Describe the operation of intrusion detection and intrusion prevention systems
  • Differentiate between Malware Prevention approaches
  • Describe the VMware intrinsic security portfolio
  • Implement Zero-Trust Security using VMware NSX® segmentation
  • Configure user and role management
  • Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies
  • Configure and troubleshoot Gateway Security
  • Use VMware vRealize® Log Insightâ„¢ for NSXâ„¢ and VMware vRealize® Network Insightâ„¢ to operate NSX firewalls
  • Explain the security best practices related to grouping, tagging, and rule configuration
  • Describe north-south and east-west service insertion
  • Describe endpoint protection
  • Configure and troubleshoot IDS/IPS
  • Deploy NSX Application Platform
  • Configure and troubleshoot NSX Malware Prevention
  • Describe the capabilities of NSX Intelligence and NSX Network Detection and Response

Prerequisites

You should also have the following understanding or knowledge:

  • Good understanding of TCP/IP services and protocols
  • Knowledge and working experience of network security, including:
    • L2 through L7 firewalling
    • Intrusion detection and prevention systems
    • Malware prevention systems
  • Knowledge of and working experience with VMware vSphere® environments and KVM-based environments

The VMware Certified Technical Associate – Network Virtualization is recommended.

Target Audience

  • Experienced security administrators

Course Curriculum

Module 1: Course Introduction

  • Introductions and course logistics
  • Course objectives

Module 2: Security Basics

  • Define information security related concepts
  • Explain different types of firewalls and their use cases
  • Describe the operation of Intrusion Detection and Intrusion Prevention Systems

Module 3: VMware Intrinsic Security

  • Define VMware intrinsic security strategy
  • Describe VMware intrinsic security portfolio
  • Explain how NSX-T Data Center aligns in the intrinsic security strategy

Module 4: Implementing Zero-Trust Security

  • Define Zero-Trust Security
  • Describe the five pillars of a Zero-Trust Architecture
  • Define NSX segmentation and its use cases
  • Describe the steps needed to enforce Zero-Trust with NSX segmentation

Module 5: User and Role Management

  • Integrate NSX-T Data Center and VMware Identity Managerâ„¢
  • Integrate NSX-T Data Center and LDAP
  • Describe the native users and roles in NSX-T Data Center
  • Create and assign custom user roles

Module 6: Distributed Firewall

  • Configure Distributed Firewall rules and policies
  • Describe the Distributed Firewall architecture
  • Troubleshoot common problems related to Distributed Firewall
  • Configure time-based policies
  • Configure Identity Firewall rules

Module 7: Gateway Security

  • Configure gateway firewall rules and policies
  • Describe the architecture of the gateway firewall
  • Identify and troubleshoot common gateway firewall issues
  • Configure URL analysis and identify common configuration issues

Module 8: Operating Internal Firewalls

  • Use vRealize Log Insight, vRealize Network Insight, and NSX Intelligence to operate NSX firewalls
  • Explain NSX Intelligence visualization and recommendation capabilities
  • Explain security best practices related to grouping, tagging, and rule configuration

Module 9: Network Introspection

  • Explain network introspection
  • Describe the architecture and workflows of NorthSouth and East-West service insertion
  • Troubleshoot North-South and East-West service insertion

Module 10: Endpoint Protection

  • Explain Endpoint Protection
  • Describe the architecture and workflows of endpoint protection
  • Troubleshoot endpoint protection

Module 11: Intrusion Detection and Prevention

  • Describe the MITRE ATT&CK Framework
  • Explain the different phases of a cyber attack
  • Describe how NSX security solutions can be used to protect against cyber attacks
  • Configure and troubleshoot Distributed IDS/IPS
  • Configure and troubleshoot North-South IDS/IPs

Module 12: NSX Application Platform

  • Describe NSX Application Platform and its use cases
  • Identify the topologies supported for the deployment of NSX Application Platform
  • Deploy NSX Application Platform
  • Explain the NSX Application Platform architecture and services
  • Validate the NSX Application Platform deployment and troubleshoot common issues

Module 13: NSX Malware Prevention

  • Identify use cases for NSX Malware Prevention
  • Identify the components in the NSX Malware Prevention architecture
  • Describe the NSX Malware Prevention packet flows for known and unknown files
  • Configure NSX Malware Prevention for east-west and north-south traffic

Module 14: NSX Intelligence and NSX Network Detection and Response

  • Describe NSX Intelligence and its use cases
  • Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities
  • Describe NSX Network Detection and Response and its use cases
  • Explain the architecture of NSX Network Detection and Response in NSX-T Data Center
  • Describe the visualization capabilities of NSX Network Detection and Response

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections
Trainocate exam and cert

Exam & Certification

VMware Certified Professional – Security 2022

The VCP – Security 2022 certification validates a candidates knowledge of VMware’s security solutions and the candidate’s ability to administer the security features and functions of NSX-T Data Center, Workspace ONE, and VMware Carbon Black Cloud.

Training & Certification Guide

This exam tests a candidate’s knowledge of VMware’s security solutions and the candidate’s ability to administer the security features and functions of NSX-T Data Center, Workspace ONE, and VMware Carbon Black Cloud.

Product: NSX-T Data Center 3.0, Workspace ONE 20.X, VMware Carbon Black Cloud

Associated Certification: VCP-SEC 2022

  • Language: English
  • Number of Questions: 70
  • Format: Multiple Choice, Multiple Choice Multiple Selection, Drag and Drop, Matching
  • Duration: 130 Minutes
  • Passing Score: 300

Frequently Asked Questions

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes