Category : NSX

Written by Christopher Lewis on June 19, 2018 .

VMware have just released the latest version of their networking monitoring tool, VMware vRealize Network Insight 3.8.

The cool new features include:

  • vRealize Log Insight integration.
  • Increased monitoring of AWS Availability Zones.
  • Cisco ASA support.

Check out the Release Notes

Network Insight NSX VMware

Written by Christopher Lewis on June 11, 2018 .

With the release of VMware vSphere 6.7, the feature parity between the legacy flex and HTML5 client is getting closer. In addition, with the release of VMware NSX-v 6.4.1 more VMware NSX-v features are also available in the HTML5 client (as seen below).

Note: At one of the keynotes at VMworld 2017 Europe, Ray O’farrell committed to the HTML5 client would have FULL feature parity at the next MAJOR release.

NSX-V VMware vSphere

Written by Christopher Lewis on November 27, 2017 .

Skills and Abilities

Objective 4.1 - Configure and Manage Logical Firewall Services

  • Configure Edge and Distributed Firewall rules according to a deployment plan:
    • Create/configure Firewall rule sections for specific departments
    • Create/configure Identity-based firewall (IDFW) for specific users/groups
  • Configure SpoofGuard policies to enhance security
  • Filter firewall rules to narrow a scope

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Create a Distributed Firewall Rule

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on November 20, 2017 .

Skills and Abilities

Objective 6.3 - Configure and Manage Universal Logical Security Objects

  • Configure Universal MAC Sets
  • Configure Universal IP Sets
  • Configure Universal Security Groups
  • Configure Universal Services and Service Groups
  • Configure Universal Firewall Rules

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment with 2 vCenter Servers and 2 Platform Services linked in ELM.
  • A working VMware NSX 6.x environment configured for cross-vCenter NSX.

Objective Breakdown

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 13, 2017 .

Skills and Abilities

Objective 6.2 - Configure and Manage Universal Logical Network Objects

  • Create/configure Universal Logical Switches
  • Create/configure Universal Distributed Logical Routers
  • Configure local egress

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment configured for Cross-vCenter NSX

Objective Breakdown

Create Universal Logical Switches

This is essentially the same as the creation of NSX Logical Switches (which is covered in Objective 2.1 ) except that you connect them to the Universal Transport Zone rather than a local Transport Zone. However, we’ll cover the steps again below.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 12, 2017 .

Skills and Abilities

Objective 6.1 - Configure Cross vCenter VMware NSX infrastructure components

  • Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment plan:
    • Assign Primary role to specified NSX Manager
    • Assign Secondary role to specified NSX Manager(s)
  • Deploy/Configure Universal Controller Cluster
  • Configure Universal segment ID pools
  • Create/Manage Universal transport zones

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment with 2 vCenters, 2 PSC configured in ELM configuration.
  • A working VMware NSX 6.x Manager deployed to both sites.

Objective Breakdown

Assign Primary role to specified NSX Manager

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 25, 2017 .

I have worked in “the industry” for the last 17+ years, so picking up new technologies and learning as much as I can (or at least as much I need to know to be dangerous) has become second nature to me.

If I was just starting out in IT today, I’m not sure where I would start. I know when I started back in the day with software packaging with WISE Package Studio, Networking was a dark art. Still today, some of its intricacies are a mystery to me and thats not because it is particularly difficult, its because there is only so much time in the day and so much you can know.

NSX NSX-V VCAP6 VCP6 vExpert VMware

Written by Christopher Lewis on September 11, 2017 .

I previously attempted the VMware Certified Implementation Expert 6 - Network Virtualization and, unfortunately, I wasn’t successful . It was the same old story with most VCAP exams, time simple ran out.

As I am at VMworld this week it seemed rude not to take a second attempt for 1/2 price.

The exam center had a few issues, both with overbooking (it seems the PEX keynote is the ideal time for everyone to take exams!), internet issues (which meant I had time added on by pearson) and missing cursors during the exam. On the plus side, the computers and screens in the VMworld exam center are a significant magnitude better than a normal exam center.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 7, 2017 .

Skills and Abilities

Objective 4.2 - Configure and Manage Service Composer

  • Create/configure Service Composer according to a deployment plan:
    • Configure Security Groups
    • Configure Security Policies
    • Configure Activity Monitoring for a Security Policy
  • Create/edit/delete Security Tags
    • Create a Security Tag
    • Edit a Security Tag
    • Assign a Security Tag
    • Detach a Security Tag
    • Delete a Security Tag
  • Configure Network Introspection
  • Configure Guest Introspection

Objective Prerequisites

The following prerequisites are assumed for this Objective:

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 7, 2017 .

This post is a number of posts that make up a VCAP6-NV Study guide .

In this post we will look at how to work with NSX Security Tags.

What are NSX Security Tags?

Security Tags are labels which can be associated with a Virtual Machine. Security Tags can then be used (amongst other things) to populate dynamically populate Security Groups with objects.

Adding or removing Security Tags to a VM can be done dynamically in response to various criteria such as antivirus or vulnerability scans, and intrusion prevention systems.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO