Course Code: 15878

Vmware NSX Install, Configure, Manage plus Troubleshooting and Operations Fast Track v6.4

Class Dates:
5 Days
Class Time:


  • Course Overview
  • VMware NSX: Install, Configure, Manage plus Troubleshooting and Operations Fast Track [V6.4] is an intensive five-day, extended-hours course focused on configuring and troubleshooting a VMware NSX® deployment. This course presents NSX as a part of the software-defined data center. You will learn how to use logical switching in NSX to virtualize your switching environment and how to use gateway services, firewall configurations, and security services to help secure and optimize your NSX environment. In addition, you will be presented with various types of technical problems that you will learn how to identify and solve through a systematic process. You will also be introduced to several operational, management, and troubleshooting tools.
  • Audience
  • The primary audience for this course is as follows:

    Experienced system or network administrators


  • The knowledge and skills that a learner should have before attending this course are as follows:
    Completion of the VMware Data Center Virtualization Fundamentals and Introduction to Network Virtualization with NSX course, or that you have the following skills and knowledge:

    Understanding of enterprise switching and routing
    Knowledge of TCP/IP services
    Experience with firewalls and firewall rule sets

Course Details

  • Upon completing this course, the learner will be able to meet these overall objectives:
  • Describe the evolution of the software-defined data center
  • Configure and deploy NSX components for management and control
  • Describe basic NSX layer 2 networking
  • Configure, deploy, and use logical switch networks
  • Configure and use all main features of the VMware NSX® Edge™ services gateway
  • Configure NSX Edge firewall rules to restrict network traffic
  • Configure NSX distributed firewall rules to restrict network traffic
  • Configure Service Composer policies
  • Configure an identity-aware firewall
  • Describe NSX data security
  • Use the cross-vCenter NSX feature
  • Establish and apply a structured approach and methodology for troubleshooting
  • .
  • Identify, analyze, and troubleshoot problems related to NSX logical switching, logical routing, and NSX Edge services
  • Identify, analyze, and troubleshoot network security problems related to the NSX distributed firewall and the NSX Edge firewall
  • Module 1: Course Introduction
  • Introductions and course logistics
  • Course objectives
  • Identify additional resources
  • Module 2: Introduction to vSphere Networking
  • Describe vSphere networking components
  • Describe vSphere standard switches
  • Describe vSphere distributed switches
  • Module 3: Introduction to NSX
  • Describe the benefits of NSX
  • Identify NSX key use cases
  • Module 4: NSX Architecture
  • Describe the NSX architecture
  • Describe the cloud management, management, control, and data planes of NSX
  • Identify the component interactions
  • Describe the NSX Controller cluster and its functions
  • Explain the NSX Controller workload distribution
  • Module 5: NSX Infrastructure Preparation
  • Explain the steps required for an NSX installation
  • Describe what is involved in planning an NSX deployment
  • Describe the NSX Controller cluster and deployment
  • Describe NSX Controller cluster high availability and load distribution
  • Explain how to deploy and configure the NSX Controller cluster
  • Explain the workflow involved in host preparation
  • Module 6: NSX Logical Switch Networks
  • Explain transport zones, VXLANs, and VXLAN tunnel endpoints (VTEPs)
  • Describe the procedure of preparing the infrastructure for virtual networking
  • Describe the configuration of vSphere distributed switches for VXLAN
  • Identify the components involved in NSX logical switching
  • Define VLANs for VXLAN
  • Module 7: NSX Logical Routing
  • Explain the east-west and north-south routing concepts
  • Define the NSX distributed logical router
  • Explain the logical router, interfaces, and interface addresses
  • Describe the management plane and control plane interaction
  • Describe logical router deployment models and two-tier routing for east-west traffic
  • Explain the common topologies of an NSX Edge services gateway
  • Module 8: Advanced NSX Logical Routing
  • Describe how routers connect remote networks
  • Explain route redistribution methods
  • Describe less-than-or-equal (LE) and greater-than-or-equal (GE) configurations.
  • Describe routing event notification enhancements
  • Configure equal-cost multipath (ECMP) routing
  • Describe high availability for NSX Edge service gateways
  • Module 9: NSX L2 Bridging
  • Explain L2 bridging use cases
  • Describe software and hardware L2 bridging between VXLAN and VLANs
  • Discuss L2 bridging packet flows
  • Module 10: NSX Edge Services
  • Describe the NSX Edge services
  • Explain how network address translation (NAT) works
  • Describe source NAT and destination NAT
  • Explain NAT64
  • Explain the function of load balancing
  • Explain the one-armed and inline load-balancing architectures
  • Explain the DHCP and DNS services of NSX Edge
  • Module 11: NSX Edge VPN Services
  • Describe the NSX Edge VPN services
  • Describe the VPN use cases
  • Configure an L2 VPN on an NSX Edge device
  • Configure an NSX Edge device for IPsec VPN services
  • Explain NSX Edge SSL VPN-Plus services
  • Configure NSX Edge SSL VPN-Plus server settings
  • Module 12: NSX Security Services
  • Describe the policy enforcement of the distributed firewall
  • Describe virtualization context-awareness
  • Explain custom network and security containers
  • Describe the architecture of an NSX Edge firewall
  • Explain DHCP snooping
  • Explain ARP snooping
  • Module 13: NSX Advanced Security Services
  • Describe NSX SpoofGuard
  • Identify how tags enable dynamic security service chains
  • Explain Service Composer groups, policies, tags
  • Describe the Identity Firewall architecture
  • Explain Application Rule Manager
  • Explain how to create a monitoring session
  • Module 14: NSX Introspection Services
  • Describe the types of introspection services
  • Describe the installation and configuration of Guest Introspection and Network Introspection
  • Summarize Guest Introspection and Network Introspection alarms, events, and audit messages
  • Module 15: Cross-vCenter NSX
  • Describe cross-vCenter NSX features and use cases
  • Identify NSX Manager roles and NSX Controller cluster placement
  • Deploy universal logical networks
  • Explain the design considerations for cross-vCenter NSX
  • Module 16: Troubleshooting Methodology
  • Develop a structured troubleshooting approach
  • Differentiate between symptoms and root causes
  • Identify and isolate problems residing in various areas
  • Apply an appropriate methodology and procedure to troubleshooting
  • Module 17: NSX Troubleshooting and Operational Tools
  • Discuss NSX operational requirements
  • Use the native NSX tools (such as the central CLI, the NSX dashboard, and Application Rule Manager) to solve various types of problems
  • Use vRealize Network Insight to identify and analyze problems
  • Use vRealize Log Insight Content Pack for NSX in troubleshooting and operations
  • Module 18: Troubleshooting and Operating NSX Infrastructure
  • Explain the NSX infrastructure and component communications
  • Troubleshoot NSX Manager and the management plane
  • Troubleshoot NSX Controller and the control plane
  • Troubleshoot problems in host preparation
  • Module 19: Troubleshooting and Operating NSX Logical Switches
  • Explain VXLAN and logical switching components
  • Verify the VXLAN and logical switch configuration and status
  • Identify and troubleshoot common L2 configuration errors
  • Use the GUI, the CLI, packet capture, traceflow, and other tools to troubleshoot logical switching problems
  • Module 20: Troubleshooting and Operating NSX Logical Routers
  • Describe the NSX logical routing architecture
  • Explain routing components, functions, and communications
  • Verify logical router configuration settings
  • Use packet capture on routers and perform packet walk
  • Use the GUI, the CLI, traceflow, and other tools to troubleshoot various logical routing problems
  • Module 21: Troubleshooting and Operating NSX Edge Services
  • Verify edge services (such as DHCP and DNS) configuration settings and operational status
  • Troubleshoot various types of VPN services (SSL VPN-Plus, L2 VPN, and IPsec VPN)
  • Verify the configuration and status of logical load balancers
  • Troubleshoot common load-balancing and high availability scenarios
  • Module 22: Troubleshooting and Operating NSX Security Services
  • Discuss the NSX distributed firewall architecture, components, communication channels, and features
  • Use the CLI and other tools to troubleshoot the configuration and operations of the NSX distributed firewall and the NSX Edge firewall
  • Explain and troubleshoot the Service Composer components and architecture
  • Troubleshoot common problems related to Identity Firewall
  • Verify Guest Introspection deployment configuration and functions, and troubleshoot common problems