Tag : VCAP6-NV
Written by Christopher Lewis on November 27, 2017 .
Skills and Abilities
Objective 4.1 - Configure and Manage Logical Firewall Services
- Configure Edge and Distributed Firewall rules according to a deployment plan:
- Create/configure Firewall rule sections for specific departments
- Create/configure Identity-based firewall (IDFW) for specific users/groups
- Configure SpoofGuard policies to enhance security
- Filter firewall rules to narrow a scope
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Create a Distributed Firewall Rule
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on November 20, 2017 .
Skills and Abilities
Objective 6.3 - Configure and Manage Universal Logical Security Objects
- Configure Universal MAC Sets
- Configure Universal IP Sets
- Configure Universal Security Groups
- Configure Universal Services and Service Groups
- Configure Universal Firewall Rules
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment with 2 vCenter Servers and 2 Platform Services linked in ELM.
- A working VMware NSX 6.x environment configured for cross-vCenter NSX.
Objective Breakdown
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on October 13, 2017 .
Skills and Abilities
Objective 6.2 - Configure and Manage Universal Logical Network Objects
- Create/configure Universal Logical Switches
- Create/configure Universal Distributed Logical Routers
- Configure local egress
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment configured for Cross-vCenter NSX
Objective Breakdown
Create Universal Logical Switches
This is essentially the same as the creation of NSX Logical Switches (which is covered in Objective 2.1 ) except that you connect them to the Universal Transport Zone rather than a local Transport Zone. However, we’ll cover the steps again below.
Written by Christopher Lewis on October 12, 2017 .
Skills and Abilities
Objective 6.1 - Configure Cross vCenter VMware NSX infrastructure components
- Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment plan:
- Assign Primary role to specified NSX Manager
- Assign Secondary role to specified NSX Manager(s)
- Deploy/Configure Universal Controller Cluster
- Configure Universal segment ID pools
- Create/Manage Universal transport zones
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment with 2 vCenters, 2 PSC configured in ELM configuration.
- A working VMware NSX 6.x Manager deployed to both sites.
Objective Breakdown
Assign Primary role to specified NSX Manager
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on September 11, 2017 .
I previously attempted the VMware Certified Implementation Expert 6 - Network Virtualization and, unfortunately, I wasn’t successful . It was the same old story with most VCAP exams, time simple ran out.
As I am at VMworld this week it seemed rude not to take a second attempt for 1/2 price.
The exam center had a few issues, both with overbooking (it seems the PEX keynote is the ideal time for everyone to take exams!), internet issues (which meant I had time added on by pearson) and missing cursors during the exam. On the plus side, the computers and screens in the VMworld exam center are a significant magnitude better than a normal exam center.
Written by Christopher Lewis on September 7, 2017 .
Skills and Abilities
Objective 4.2 - Configure and Manage Service Composer
- Create/configure Service Composer according to a deployment plan:
- Configure Security Groups
- Configure Security Policies
- Configure Activity Monitoring for a Security Policy
- Create/edit/delete Security Tags
- Create a Security Tag
- Edit a Security Tag
- Assign a Security Tag
- Detach a Security Tag
- Delete a Security Tag
- Configure Network Introspection
- Configure Guest Introspection
Objective Prerequisites
The following prerequisites are assumed for this Objective:
Written by Christopher Lewis on September 7, 2017 .
This post is a number of posts that make up a VCAP6-NV Study guide .
In this post we will look at how to work with NSX Security Tags.
What are NSX Security Tags?
Security Tags are labels which can be associated with a Virtual Machine. Security Tags can then be used (amongst other things) to populate dynamically populate Security Groups with objects.
Adding or removing Security Tags to a VM can be done dynamically in response to various criteria such as antivirus or vulnerability scans, and intrusion prevention systems.
Written by Christopher Lewis on September 6, 2017 .
This post is a number of posts that make up a VCAP6-NV Study guide .
In this post we will look at how to generate a Self Signed SSL Certificate on an existing VMware NSX Edge Service Gateway (ESG) or NSX Edge. Once generated, the SSL certificate could be used for SSL VPN or Load Balancing.
Prerequisites
- A working deployment of VMware NSX.
- A deployed NSX Edge Services Gateway
Generate Self Signed SSL Certificate
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on August 6, 2017 .
On Friday I took the VCAP6-NV Deploy exam. I didn’t manage to get a passing score this time, but that wont stop me from studying some more and taking it again. Given work commitments and holiday, this will probably now be at VMworld in Barcelona.
How does it compare to the other VCAP exams?
Like with all the VCAP6 Deploy exams, the exam is based on the “improved” VMware HOL interface. I personally never took the VCAP5 exams so, I have no opinion on whether it is “improved” or not. One thing is for certain, like the other VCAP6 Deployment exams, time is not your friend. In fact, for this exam, I would go so far as to say that time is you nemesis.
Written by Christopher Lewis on August 2, 2017 .
Skills and Abilities
Objective 3.3 - Configure and Manage Additional VMware NSX Edge Services
- Configure DHCP services according to a deployment plan:
- Create/edit a DHCP IP Pool
- Create/edit DHCP Static Binding
- Configure DHCP relay
- Configure DNS services
- Configure NAT services to provide access to services running on privately addressed virtual machines
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Enabling DHCP
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
- Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
- Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
- Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 5
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 4