Category : NSX-V

Written by Christopher Lewis on June 11, 2018 .

With the release of VMware vSphere 6.7, the feature parity between the legacy flex and HTML5 client is getting closer. In addition, with the release of VMware NSX-v 6.4.1 more VMware NSX-v features are also available in the HTML5 client (as seen below).

Note: At one of the keynotes at VMworld 2017 Europe, Ray O’farrell committed to the HTML5 client would have FULL feature parity at the next MAJOR release.

NSX-V VMware vSphere

Written by Christopher Lewis on November 27, 2017 .

Skills and Abilities

Objective 4.1 - Configure and Manage Logical Firewall Services

  • Configure Edge and Distributed Firewall rules according to a deployment plan:
    • Create/configure Firewall rule sections for specific departments
    • Create/configure Identity-based firewall (IDFW) for specific users/groups
  • Configure SpoofGuard policies to enhance security
  • Filter firewall rules to narrow a scope

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment.

Objective Breakdown

Create a Distributed Firewall Rule

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on November 20, 2017 .

Skills and Abilities

Objective 6.3 - Configure and Manage Universal Logical Security Objects

  • Configure Universal MAC Sets
  • Configure Universal IP Sets
  • Configure Universal Security Groups
  • Configure Universal Services and Service Groups
  • Configure Universal Firewall Rules

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment with 2 vCenter Servers and 2 Platform Services linked in ELM.
  • A working VMware NSX 6.x environment configured for cross-vCenter NSX.

Objective Breakdown

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 13, 2017 .

Skills and Abilities

Objective 6.2 - Configure and Manage Universal Logical Network Objects

  • Create/configure Universal Logical Switches
  • Create/configure Universal Distributed Logical Routers
  • Configure local egress

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment.
  • A working VMware NSX 6.x environment configured for Cross-vCenter NSX

Objective Breakdown

Create Universal Logical Switches

This is essentially the same as the creation of NSX Logical Switches (which is covered in Objective 2.1 ) except that you connect them to the Universal Transport Zone rather than a local Transport Zone. However, we’ll cover the steps again below.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on October 12, 2017 .

Skills and Abilities

Objective 6.1 - Configure Cross vCenter VMware NSX infrastructure components

  • Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment plan:
    • Assign Primary role to specified NSX Manager
    • Assign Secondary role to specified NSX Manager(s)
  • Deploy/Configure Universal Controller Cluster
  • Configure Universal segment ID pools
  • Create/Manage Universal transport zones

Objective Prerequisites

The following prerequisites are assumed for this Objective:

  • A working VMware vSphere 6.x environment with 2 vCenters, 2 PSC configured in ELM configuration.
  • A working VMware NSX 6.x Manager deployed to both sites.

Objective Breakdown

Assign Primary role to specified NSX Manager

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 11, 2017 .

I previously attempted the VMware Certified Implementation Expert 6 - Network Virtualization and, unfortunately, I wasn’t successful . It was the same old story with most VCAP exams, time simple ran out.

As I am at VMworld this week it seemed rude not to take a second attempt for 1/2 price.

The exam center had a few issues, both with overbooking (it seems the PEX keynote is the ideal time for everyone to take exams!), internet issues (which meant I had time added on by pearson) and missing cursors during the exam. On the plus side, the computers and screens in the VMworld exam center are a significant magnitude better than a normal exam center.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 7, 2017 .

Skills and Abilities

Objective 4.2 - Configure and Manage Service Composer

  • Create/configure Service Composer according to a deployment plan:
    • Configure Security Groups
    • Configure Security Policies
    • Configure Activity Monitoring for a Security Policy
  • Create/edit/delete Security Tags
    • Create a Security Tag
    • Edit a Security Tag
    • Assign a Security Tag
    • Detach a Security Tag
    • Delete a Security Tag
  • Configure Network Introspection
  • Configure Guest Introspection

Objective Prerequisites

The following prerequisites are assumed for this Objective:

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 7, 2017 .

This post is a number of posts that make up a VCAP6-NV Study guide .

In this post we will look at how to work with NSX Security Tags.

What are NSX Security Tags?

Security Tags are labels which can be associated with a Virtual Machine. Security Tags can then be used (amongst other things) to populate dynamically populate Security Groups with objects.

Adding or removing Security Tags to a VM can be done dynamically in response to various criteria such as antivirus or vulnerability scans, and intrusion prevention systems.

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on September 6, 2017 .

This post is a number of posts that make up a VCAP6-NV Study guide .

In this post we will look at how to generate a Self Signed SSL Certificate on an existing VMware NSX Edge Service Gateway (ESG) or NSX Edge. Once generated, the SSL certificate could be used for SSL VPN or Load Balancing.

Prerequisites

  • A working deployment of VMware NSX.
  • A deployed NSX Edge Services Gateway

Generate Self Signed SSL Certificate

Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!

VMware NSX-V VCAP6-NV VCIX6-NV HOWTO

Written by Christopher Lewis on August 16, 2017 .

The 2nd half vExpert announcement just dropped into my inbox and I’m extremely humbled to be added to the growing list of ~150 people worldwide that have been awarded the vExpert subcategory accolade of VMware vExpertNSX.

The vExpert award is a acknowledgement of the contributions made by individuals to the VMware community. It is not too ealy to start working on building your content for the vExpert 2018 submission which will be later this year!

NSX-V vExpert vExpertNSX