VMware NSX for Intrinsic Security (V4.x)

This course covers NSX 4.x, the direct successor to NSX-T 3.2.

1. Security Basics

• Defining information security concepts
• Types of firewalls and their use cases
• How IDS/IPS work
• Different approaches to malware prevention

2. VMware Intrinsic Security

• VMware's intrinsic security strategy
• VMware's intrinsic security portfolio
• How NSX fits into the intrinsic security strategy

3. Implementing Zero-Trust Security

• Zero-Trust security definition
• The five pillars of a Zero-Trust architecture
• NSX segmentation and its use cases
• Steps to enforce Zero-Trust with NSX segmentation

4. User and Role Management

• Integrating NSX and VMware Identity Manager™
• Integrating NSX and LDAP
• Native users and roles in NSX
• Creating and assigning custom user roles
• Object-based RBAC in a multi-tenant environment

5. Distributed Firewall

• Configuring distributed firewall rules and policies
• NSX distributed firewall architecture
• Common troubleshooting for NSX distributed firewall
• Configuring time-based policies
• Configuring identity firewall rules
• Configuring the distributed firewall to block malicious IPs

6. Gateway Security

• Configuring gateway firewall rules and policies
• Gateway firewall architecture
• Identifying and troubleshooting common gateway firewall issues
• Configuring TLS inspection to decrypt traffic for internal and external services
• Configuring URL filtering and identifying common configuration issues

7. Operating Internal Firewalls

• Using VMware Aria Operations for Logs and VMware Aria Operations for Networks for NSX firewall operations
• Best practices for grouping, tagging, and rule configuration

8. Network Introspection

• Network introspection
• Architecture and workflows for inserting north-south and east-west services
• Troubleshooting north-south and east-west service insertion

9. Endpoint Protection

• Endpoint protection
• Architecture and workflows of endpoint protection
• Troubleshooting endpoint protection

10. Intrusion Detection and Prevention

• MITRE ATT&CK framework
• Different phases of a cyberattack
• Using NSX security solutions to protect against cyberattacks
• Configuring and troubleshooting distributed IDS/IPS
• Configuring and troubleshooting north-south IDS/IPS

11. NSX Application Platform

• NSX application platform and its use cases
• Supported topologies for deploying the NSX application platform
• Deploying the NSX application platform
• NSX application platform architecture and services
• Validating NSX application platform deployment and troubleshooting common issues

12. NSX Malware Prevention

• Use cases for NSX malware prevention
• Components in the NSX malware prevention architecture
• NSX malware prevention packet flows for known and unknown files
• Configuring NSX malware prevention for east-west and north-south traffic

13. NSX Intelligence and NSX NDR

• NSX Intelligence and its use cases
• NSX Intelligence visualization, recommendation, and network traffic analysis features
• NSX NDR and its use cases
• NSX NDR architecture in NSX
• Visualization features of NSX NDR