Study Guide

July 12, 2018

Road to VCAP6-NV: Objective 6.2 – Configure and Manage Universal Logical Network Objects

In this blog post I will cover section 6 objective 6.2 of the VCAP6-NV Deploy exam.

Objective 6.2 – Configure and Manage Universal Logical Network Objects

Skills and Abilities

Create/configure Universal Logical Switches
Create/configure Universal Distributed Logical Routers
Configure local egress

Create/configure Universal Logical Switches

Universal logical switches can only be created from the primary NSX manager and when connected to a universal transport zone.

To create a universal logical switch, navigate to Networking & Security > Logical Switches. Click the green “+”. Enter a name for the logical switch. Click Change next to Transport Zone.

uni01 Read Full Article

July 6, 2018

Road to VCAP6-NV: Objective 5.3 – Configure and Manage Role Based Access Control

In this blog post I will cover section 5 objective 5.3 of the VCAP6-NV Deploy exam.

Objective 5.3 – Configure and Manage Role Based Access Control

Skills and Abilities

• Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)
• Manage User rights:

Assign roles to user accounts
Change a user role
Delete/disable/enable a user account

Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)

You can register a Windows domain with NSX Manager and vCenter. The NSX Manager will get the user and group info from Active Directory and that can be used to create identity based security groups and firewall rules and for activity monitoring. To register a Windows domain with NSX Manager, navigate to Networking & Security > System > Users and Domains. I’ve already configured this but in a new instance, click the green “+”.

Read Full Article

June 19, 2018

Road to VCAP6-NV: Objective 5.2 – Monitor a VMware NSX Implementation

In this blog post I will cover section 5 objective 5.2 of the VCAP6-NV Deploy exam.

Objective 5.2 – Monitor a VMware NSX Implementation

Skills and Abilities

• Configure logging for NSX components according to a deployment plan
• Monitor health of networking services
• Monitor health and status of infrastructure components:

vSphere
NSX Manager
Control Cluster

• Enable data collection for single/multiple virtual machines

Configure logging for NSX components according to a deployment plan

To configure logging for our ESXi host, navigate to the host and click Configure > Advanced System Settings. You can click Edit and search for syslog. Edit the settings for Syslog.global.logHost and enter in your syslog server’s FQDN or IP and port number.

Read Full Article

June 8, 2018

Road to VCAP6-NV: Objective 5.1 – Backup and Restore Network Configurations

In this blog post I will cover section 5 objective 5.1 of the VCAP6-NV Deploy exam.

Objective 5.1 – Backup and Restore Network Configurations

Skills and Abilities

Schedule/Backup/Restore NSX Manager data
Export/Restore vSphere Distributed Switch configuration
Export/Import Service Composer profiles
Save/Export/Import/Load Distributed Firewall configurations

Schedule/Backup/Restore NSX Manager data

Having backups of your NSX environment is highly recommended in case you ever need to restore your config back to a working state in the event of a failure. A NSX backup will contain all of the NSX configuration, including controllers, logical switches, logical routers, firewall rules and other things that were configured within NSX. It is also good to have the vCenter database and distributed switch configs backed up so that you have a complete recovery point.

To begin setting up the backup, log in to the NSX Manager.

Read Full Article

April 27, 2018

Road to VCAP6-NV: Objective 4.2 – Configure and Manage Service Composer

In this blog post I will cover section 4 objective 4.2 of the VCAP6-NV Deploy exam.

Objective 4.2 – Configure and Manage Service Composer

Skills and Abilities

Create/configure Service Composer according to a deployment plan:
- Configure Security Groups
- Configure Security Policies
- Configure Activity Monitoring for a Security Policy
Create/edit/delete Security Tags
Configure Network Introspection
Configure Guest Introspection

Read Full Article

February 16, 2018

Road to VCAP6-NV: Objective 3.2 – Configure and Manage Logical Virtual Private Networks (VPNs)

In this blog post I will cover section 3 objective 3.2 of the VCAP6-NV Deploy exam.

Objective 3.2 – Configure and Manage Logical Virtual Private Networks (VPNs)

Configure IPSec VPN service to enable site to site communication
Configure SSL VPN service to allow remote users to access private networks
Configure L2 VPN service to stretch multiple logical networks across geographical sites

Read Full Article

January 25, 2018

Road to VCAP6-NV: Objective 3.1 – Configure and Manage Logical Load Balancing

In this blog post I will cover section 3 objective 3.1 of the VCAP6-NV Deploy exam.

Objective 3.1 – Configure and Manage Logical Load Balancing

Configure the appropriate Load Balancer model for a given application topology
Configure SSL off-loading
Configure a service monitor to define health check parameters for a specific type of network traffic
Optimize a server pool to manage and share backend servers
Configure an application profile and rules
Configure virtual servers

Read Full Article

October 25, 2017

Road to VCAP6-NV: Objective 2.3 – Configure and Manage Routing

In this blog post I will cover section 2 objective 2.3 of the VCAP6-NV Deploy exam.

Objective 2.3 – Configure and Manage Routing

Deploy the appropriate NSX Edge (ESG/LDR) device according to a deployment plan
Configure centralized and distributed routing
Configure default gateway parameters
Configure static routes
Select and configure appropriate dynamic routing protocol according to a deployment plan:
- OSPF
- BGP
- IS-IS
Configure route redistribution to support a multi-protocol environment

Read Full Article

October 19, 2017