Live-Online: VMware NSX for Intrinsic Security (V4.x)

This course covers NSX 4.x, the direct successor to NSX-T 3.2.

1. Security Basics

• Defining information security concepts
• Types of firewalls and their use cases
• How IDS/IPS work
• Different approaches to malware prevention

2. VMware Intrinsic Security

• VMware's intrinsic security strategy
• VMware's intrinsic security portfolio
• How NSX fits into the intrinsic security strategy

3. Implementing Zero-Trust Security

• Zero-Trust security definition
• The five pillars of a Zero-Trust architecture
• NSX segmentation and its use cases
• Steps to enforce Zero-Trust with NSX segmentation

4. User and Role Management

• Integrating NSX and VMware Identity Manager™
• Integrating NSX and LDAP
• Native users and roles in NSX
• Creating and assigning custom user roles
• Object-based RBAC in a multi-tenant environment

5. Distributed Firewall

• Configuring distributed firewall rules and policies
• NSX distributed firewall architecture
• Common troubleshooting for NSX distributed firewall
• Configuring time-based policies
• Configuring identity firewall rules
• Configuring the distributed firewall to block malicious IPs

6. Gateway Security

• Configuring gateway firewall rules and policies
• Gateway firewall architecture
• Identifying and troubleshooting common gateway firewall issues
• Configuring TLS inspection to decrypt traffic for internal and external services
• Configuring URL filtering and identifying common configuration issues

7. Operating Internal Firewalls

• Using VMware Aria Operations for Logs and VMware Aria Operations for Networks for NSX firewall operations
• Best practices for grouping, tagging, and rule configuration

8. Network Introspection

• Network introspection
• Architecture and workflows for inserting north-south and east-west services
• Troubleshooting north-south and east-west service insertion

9. Endpoint Protection

• Endpoint protection
• Architecture and workflows of endpoint protection
• Troubleshooting endpoint protection

10. Intrusion Detection and Prevention

• MITRE ATT&CK framework
• Different phases of a cyberattack
• Using NSX security solutions to protect against cyberattacks
• Configuring and troubleshooting distributed IDS/IPS
• Configuring and troubleshooting north-south IDS/IPS

11. NSX Application Platform

• NSX application platform and its use cases
• Supported topologies for deploying the NSX application platform
• Deploying the NSX application platform
• NSX application platform architecture and services
• Validating NSX application platform deployment and troubleshooting common issues

12. NSX Malware Prevention

• Use cases for NSX malware prevention
• Components in the NSX malware prevention architecture
• NSX malware prevention packet flows for known and unknown files
• Configuring NSX malware prevention for east-west and north-south traffic

13. NSX Intelligence and NSX NDR

• NSX Intelligence and its use cases
• NSX Intelligence visualization, recommendation, and network traffic analysis features
• NSX NDR and its use cases
• NSX NDR architecture in NSX
• Visualization features of NSX NDR

• Defining concepts related to information security
• Explaining different types of firewalls and their use cases
• Describing the functionality of intrusion detection and intrusion prevention systems
• Distinguishing between approaches to malware prevention
• Describing the VMware intrinsic security portfolio
• Using NSX segmentation to implement zero-trust security
• Configuring user and role management
• Configuring and troubleshooting distributed firewall, identity firewall, and time-based policies
• Configuring and resolving issues with gateway security
• Using VMware Aria Operations™ for Logs and VMware Aria Operations™ for Networks for operating NSX firewalls
• Explaining best security practices related to grouping, tagging, and rule configuration
• Describing the insertion of north-south and east-west services
• Describing endpoint protection
• Configuring and troubleshooting IDS/IPS issues
• Deploying the NSX application platform
• Configuring and troubleshooting NSX malware prevention
• Describing the features of NSX Intelligence and NSX NDR

This course is aimed at experienced security administrators.

You should have the following knowledge:

• Good understanding of TCP/IP services and protocols
• Knowledge and practical experience in network security, including L2 to L7 firewalls
• Intrusion detection and prevention systems
• Malware prevention systems
• Knowledge and practical experience with VMware vSphere® environments