Course

VMware NSX for Intrinsic Security [V4.x] («VMINTR»)

This hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX® for intrinsic security.
Duration 5 days
Price 3'950.–
Course documents Original electronic VMware courseware (eKit)
Version NSX 4.x is the direct successor of NSX-T 3.2

Course facts

Key Learnings
  • Defining the concepts related to information security
  • Explaining the different types of firewalls and their use cases
  • Describing the operation of intrusion detection and intrusion prevention systems
  • Differentiating between Malware Prevention approaches
  • Describing the VMware intrinsic security portfolio
  • Using NSX segmentation to implement Zero-Trust Security
  • Configuring user and role management
  • Configuring and troubleshooting Distributed Firewall, Identity Firewall, and time-based policies
  • Configuring and troubleshooting Gateway Security
  • Using VMware Aria Operations™ for Logs and VMware Aria Operations™ for Networks to operate NSX firewalls
  • Explaining the security best practices related to grouping, tagging, and rule configuration
  • Describing north-south and east-west service insertion
  • Describing endpoint protection
  • Configuring and troubleshooting IDS/IPS
  • Deploying NSX Application Platform
  • Configuring and troubleshooting NSX Malware Prevention
  • Describing the capabilities of NSX Intelligence and NSX NDR
Content

This course covers NSX 4.x, the direct successor to NSX-T 3.2. More info on the product name change and the release notes can be found here https://docs.vmware.com/en/VMware-NSX/4.0/rn/vmware-nsx-4001-release-notes/index.html and here https://kb.vmware.com/s/article/67207.

1 Course Introduction

  • Introduction and course logistics
  • Course objectives

2 Security Basics

  • Define the concepts related to information security
  • Explain the different types of firewalls and their use cases
  • Describe the operation of IDS/IPS
  • Differentiate between Malware Prevention approaches

3 VMware Intrinsic Security

  • Define the VMware intrinsic security strategy
  • Describe the VMware intrinsic security portfolio
  • Explain how NSX aligns with the intrinsic security strategy

4 Implementing Zero-Trust Security

  • Define Zero-Trust Security
  • Describe the five pillars of a Zero-Trust architecture
  • Define NSX segmentation and its use cases
  • Describe the steps needed to enforce Zero-Trust with NSX segmentation

5 User and Role Management

  • Integrate NSX and VMware Identity Manager™
  • Integrate NSX and LDAP
  • Describe the native users and roles in NSX
  • Create and assign custom user roles
  • Explain object-based RBAC in a multitenancy environment

6 Distributed Firewall

  • Configure Distributed Firewall rules and policies
  • Describe the NSX Distributed Firewall architecture
  • Troubleshoot common problems related to NSX Distributed Firewall
  • Configure time-based policies
  • Configure Identity Firewall rules
  • Configure the distributed firewall to block malicious IPs

7 Gateway Security

  • Configure Gateway Firewall rules and policies
  • Describe the architecture of the Gateway Firewall
  • Identify and troubleshoot common Gateway Firewall issues
  • Configure TLS Inspection to decrypt traffic for both internal and external services
  • Configure URL filtering and identify common configuration issues

8 Operating Internal Firewalls

  • Use VMware Aria Operations for Logs and VMware Aria Operations for Networks to operate NSX firewalls
  • Explain security best practices related to grouping, tagging, and rule configuration

9 Network Introspection

  • Explain network introspection
  • Describe the architecture and workflows of north-south and east-west service insertion
  • Troubleshoot north-south and east-west service insertion

10 Endpoint Protection

  • Explain endpoint protection
  • Describe the architecture and workflows of endpoint protection
  • Troubleshoot endpoint protection

11 Intrusion Detection and Prevention

  • Describe the MITRE ATT&CK framework
  • Explain the different phases of a cyber attack
  • Describe how NSX security solutions can be used to protect against cyber attacks
  • Configure and troubleshoot Distributed IDS/IPS
  • Configure and troubleshoot North-South IDS/IPS

12 NSX Application Platform

  • Describe NSX Application Platform and its use cases
  • Identify the topologies supported for the deployment of NSX Application Platform
  • Deploy NSX Application Platform
  • Explain the NSX Application Platform architecture and services
  • Validate the NSX Application Platform deployment and troubleshoot common issues

13 NSX Malware Prevention

  • Identify use cases for NSX Malware Prevention
  • Identify the components in the NSX Malware Prevention architecture
  • Describe the NSX Malware Prevention packet flows for known and unknown files
  • Configure NSX Malware Prevention for east-west and north-south traffic

14 NSX Intelligence and NSX NDR

  • Describe NSX Intelligence and its use cases
  • Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities
  • Describe NSX NDR and its use cases
  • Explain the architecture of NSX NDR in NSX
  • Describe the visualization capabilities of NSX NDR
Target audience

This course is aimed at experienced security administrators.

Requirements

You should have the following understanding or knowledge:

  • Good understanding of TCP/IP services and protocols
  • Knowledge and working experience of network security, including L2 through L7 firewalling
  • Intrusion detection and prevention systems
  • Malware prevention systems
  • Knowledge of and working experience with VMware vSphere® environments

The «VMware Certified Technical Associate – Network Virtualization» certification is recommended.

Certification

VMware Certification: Click here for an overview of the VMware certifications.

Additional information

In this course you will receive electronic course materials. The documents will be sent to you by VMware prior to the course to the address you provided when you registered. You have the option of bringing your own tablet or laptop so that you can read the content and exercises in parallel to your lessons. In addition, you have your documents already saved in the right place.

Download

Questions

Any questions?
First name
Last name
Company optional
Email
Phone
I would like to book this course as a company course
First name
Last name
Company
Email
Phone
Number of participants
Desired course location
Start date (DD.MM.YYYY)
End date (DD.MM.YYYY)
We currently do not have any dates scheduled.

We currently do not have any dates scheduled.

But we can arrange one for you. We will be happy to advise you individually on your course planning.

Contact us
We currently do not have any dates scheduled.