BroadcomVATCLogo PNG v2
8280  Reviews star_rate star_rate star_rate star_rate star_half

VMware NSX for Intrinsic Security [V4.x]

This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX® for intrinsic security....

Read More
View Full Schedule Train Your Team
$4,250 USD
Duration 5 days
Course Code EDU-NSXIS4
Available Formats Classroom, Virtual

Upcoming Course Dates

  • Apr 7, 2025 - Apr 11, 2025 (5 days)
    Live Virtual | 10:00AM 6:00PM EDT
    Language English
    Select from 1 options below
    Live Virtual |10:00AM 6:00PM EDT
    Live Virtual | 10:00AM 6:00PM EDT
    Enroll
    Enroll Add to quote
Ask a Question Request Other Date Request On-site Course

Overview

This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX® for intrinsic security. This course introduces all the security features in NSX, including Distributed Firewall and Gateway Firewall, Intrusion Detection and Prevention (IDS/IPS), NSX Application Platform, NSX Malware Prevention, VMware NSX® Intelligence™, and VMware NSX® NDR™. In addition, this course presents common configuration issues and gives a methodology to resolve them.

Skills Gained

By the end of the course, you should be able to meet the following objectives:

  • Define the concepts related to information security
  • Explain the different types of firewalls and their use cases
  • Describe the operation of intrusion detection and intrusion prevention systems
  • Differentiate between Malware Prevention approaches • Describe the VMware intrinsic security portfolio
  • Use NSX segmentation to implement Zero-Trust Security
  • Configure user and role management
  • Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies
  • Configure and troubleshoot Gateway Security
  • Use VMware Aria Operations™ for Logs and VMware Aria Operations™ for Networks to operate NSX firewalls
  • Explain the security best practices related to grouping, tagging, and rule configuration
  • Describe north-south and east-west service insertion
  • Describe endpoint protection
  • Configure and troubleshoot IDS/IPS
  • Deploy NSX Application Platform
  • Configure and troubleshoot NSX Malware Prevention
  • Describe the capabilities of NSX Intelligence and NSX NDR

Who Can Benefit

  • Experienced security administrators

Prerequisites

You should also have the following understanding or knowledge:

  • Good understanding of TCP/IP services and protocols
  • Knowledge and working experience of network security, including:
  • L2 through L7 firewalling
  • Intrusion detection and prevention systems
  • Malware prevention systems
  • Knowledge of and working experience with VMware vSphere® environments
  • The VMware Certified Technical Associate - Network Virtualization is recommended.

Course Details

Product Alignment

  • VMware NSX 4.1.0

Course Modules

Course Introduction

  • Introduction and course logistics
  • Course objectives

Security Basics

  • Define the concepts related to information security
  • Explain the different types of firewalls and their use cases
  • Describe the operation of IDS/IPS
  • Differentiate between Malware Prevention approaches

VMware Intrinsic Security

  • Define the VMware intrinsic security strategy
  • Describe the VMware intrinsic security portfolio
  • Explain how NSX aligns with the intrinsic security strategy

Implementing Zero-Trust Security

  • Define Zero-Trust Security
  • Describe the five pillars of a Zero-Trust architecture
  • Define NSX segmentation and its use cases
  • Describe the steps needed to enforce Zero-Trust with NSX segmentation

User and Role Management

  • Integrate NSX and VMware Identity Manager™
  • Integrate NSX and LDAP
  • Describe the native users and roles in NSX
  • Create and assign custom user roles
  • Explain object-based RBAC in a multitenancy environment

Distributed Firewall

  • Configure Distributed Firewall rules and policies
  • Describe the NSX Distributed Firewall architecture
  • Troubleshoot common problems related to NSX Distributed Firewall
  • Configure time-based policies
  • Configure Identity Firewall rules
  • Configure the distributed firewall to block malicious IPs

Gateway Security

  • Configure Gateway Firewall rules and policies
  • Describe the architecture of the Gateway Firewall
  • Identify and troubleshoot common Gateway Firewall issues
  • Configure TLS Inspection to decrypt traffic for both internal and external services
  • Configure URL filtering and identify common configuration issues

Operating Internal Firewalls

  • Use VMware Aria Operations for Logs and VMware Aria Operations for Networks to operate NSX firewalls
  • Explain security best practices related to grouping, tagging, and rule configuration

Network Introspection

  • Explain network introspection
  • Describe the architecture and workflows of north-south and east-west service insertion
  • Troubleshoot north-south and east-west service insertion

Endpoint Protection

  • Explain endpoint protection
  • Describe the architecture and workflows of endpoint protection
  • Troubleshoot endpoint protection

Intrusion Detection and Prevention

  • Describe the MITRE ATT&CK framework
  • Explain the different phases of a cyber attack
  • Describe how NSX security solutions can be used to protect against cyber attacks
  • Configure and troubleshoot Distributed IDS/IPS
  • Configure and troubleshoot North-South IDS/IPS

NSX Application Platform

  • Describe NSX Application Platform and its use cases
  • Identify the topologies supported for the deployment of NSX Application Platform
  • Deploy NSX Application Platform
  • Explain the NSX Application Platform architecture and services
  • Validate the NSX Application Platform deployment and troubleshoot common issues

NSX Malware Prevention

  • Identify use cases for NSX Malware Prevention
  • Identify the components in the NSX Malware Prevention architecture
  • Describe the NSX Malware Prevention packet flows for known and unknown files
  • Configure NSX Malware Prevention for east-west and north-south traffic

NSX Intelligence and NSX NDR

  • Describe NSX Intelligence and its use cases
  • Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities
  • Describe NSX NDR and its use cases
  • Explain the architecture of NSX NDR in NSX
  • Describe the visualization capabilities of NSX NDR
Read Less
|
View Full Schedule

Schedule

1 options available

  • Apr 7, 2025 - Apr 11, 2025 (5 days)
    Live Virtual | 10:00AM 6:00PM EDT
    Language English
    Select from 1 options below
    Live Virtual |10:00AM 6:00PM EDT
    Live Virtual | 10:00AM 6:00PM EDT
    Enroll
    Enroll Add to quote

FAQ

Does the course schedule include a Lunchbreak?

Classes typically include a 1-hour lunch break around midday. However, the exact break times and duration can vary depending on the specific class. Your instructor will provide detailed information at the start of the course.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does Ascendient Learning deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

What does vendor-authorized training mean?

As a vendor-authorized training partner, we offer a curriculum that our partners have vetted. We use the same course materials and facilitate the same labs as our vendor-delivered training. These courses are considered the gold standard and, as such, are priced accordingly.

Is the training too basic, or will you go deep into technology?

It depends on your requirements, your role in your company, and your depth of knowledge. The good news about many of our learning paths, you can start from the fundamentals to highly specialized training.

How up-to-date are your courses and support materials?

We continuously work with our vendors to evaluate and refresh course material to reflect the latest training courses and best practices.

Are your instructors seasoned trainers who have deep knowledge of the training topic?

Ascendient Learning instructors have an average of 27 years of practical IT experience and have also served as consultants for an average of 15 years. To stay current, instructors spend at least 25 percent of their time learning new, emerging technologies and courses.

Do you provide hands-on training and exercises in an actual lab environment?

Lab access is dependent on the vendor and the type of training you sign up for. However, many of our top vendors will provide lab access to students to test and practice. The course description will specify lab access.

Will you customize the training for our company’s specific needs and goals?

We will work with you to identify training needs and areas of growth.  We offer a variety of training methods, such as private group training, on-site of your choice, and virtually. We provide courses and certifications that are aligned with your business goals.

How do I get started with certification?

Getting started on a certification pathway depends on your goals and the vendor you choose to get certified in. Many vendors offer entry-level IT certification to advanced IT certification that can boost your career. To get access to certification vouchers and discounts, please contact info@ascendientlearning.com.

Will I get access to content after I complete a course?

You will get access to the PDF of course books and guides, but access to the recording and slides will depend on the vendor and type of training you receive.

How do I request a W9 for Ascendient Learning?

View our filing status and how to request a W9.

Reviews

Very good material, the instructor was clear explaining the topics, and the labs were easy to follow it.

vary good online learning. instructor is vary good the way he explained every thing.

You get detailed labs to guide you through the technical material giving you a hands on method of learning otherwise difficult material.

Course was great and the instructor had an answer for anything that was asked during the course.

The format of the class was concise. I learned new skills to use at my workplace.