1883 Fire courses delivered Online

Duration 2 Days 12 CPD hours This course is intended for Security professionals, System engineers, channel partners, service partners, and end users with at least one year of experience in implementing IT security technologies (Network, Applications, and Systems). Overview This course will enable students to configure, monitor, manage, and optimize the SonicWall Network Security firewall appliances running the new SonicOS 7 to effectively defend against limitless network and cyberthreats and implement SonicWall Boundless Cybersecurity safeguards for seamless protection. Upon completion of the course, students will be able to configure the SonicWall firewall for Secure and Remote Connectivity, Network Optimization, and Advanced Threat Protection. The SonicWall Network Security Administrator (SNSA) for SonicOS 7.0curriculum provides students the required background, knowledge, and hands-on experience to begin designing, implementing, and troubleshooting SonicWall Network Security products. SonicOS 7 is SonicWall?s brand new and most advanced security operating system and is at the core of its latest physical and virtual firewalls, including models from the TZ, NSv, NSa and NSsp Series. SonicOS 7.0 features advanced security, simplified policy management, and critical networking and management capabilities for distributed enterprises and small- to medium-sized businesses with SD-branch support. Course Outline Setting up Basic Firewall Components Unified Threat Management Secure Access Deep Packet Inspection for SSL (DPI-SSL) Content Filtering Services Application Control Scalability and Reliability SD-WAN High Availability Troubleshooting Tools

Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)

Duration 2 Days 12 CPD hours This course is intended for This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the configuration and day-to-day management of Symantec Endpoint Protection in a variety of network environments. Overview By the completion of this course, you will be able to: Manage Virus and Spyware Protection policies. Manage SONAR scans. Manage Firewall and Intrusion Prevention policies. Manage Application and Device Control policies. Manage System Lockdown. Manage Host Integrity. Manage Virtualized clients. This course is designed for the network, IT security, and systems administration professional tasked with implementing and monitoring virus and spyware protection, zero-day protection, and network threat protection solutions. Introduction Course overview The classroom lab environment Introducing Antivirus, Insight, and SONAR Virus and spyware protection needs and solutions Reputation and Insight Administrator-defined scans Auto-Protect Download Insight SONAR Included Virus and Spyware Protection policies Managing Virus and Spyware Protection Policies for Windows Configuring administrator-defined scans Configuring protection technology settings and scans Configuring e-mail scans Configuring advanced options Managing scanned clients Managing Virus and Spyware Protection Policies for Mac and Linux Configuring Virus and Spyware settings for Mac Configuring Virus and Spyware settings for Linux Configuring advanced options Managing Exception Policies Exceptions and exclusions Configuring the Exceptions policy Introducing Network Threat Protection The OSI model and network threats Network threat tools and attack methods Attack and mitigation Managing Firewall Policies Firewall policy overview Defining rule components Modifying firewall rules Configuring built-in rules Configuring protection and stealth settings Configuring Windows integration settings Managing Intrusion Prevention Policies Configuring network and browser intrusion prevention Managing custom signatures Compliance Management Application and Device Control System Lockdown Host Integrity Virtualization Introducing virtualization features Virtual image exception Network and vShield Shared Insight Cache Virtual client tagging Offline image scanner Windows Azure support Additional course details: Nexus Humans Symantec Endpoint Protection 12.X - Manage And Administer training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Symantec Endpoint Protection 12.X - Manage And Administer course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Typical candidates for this course are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies. Overview After you successfully complete this course, expect to be able to: Explain how Aruba's wireless networking solutions meet customers' requirements Explain fundamental WLAN technologies, RF concepts, and 802.11 Standards Learn to configure the Mobility Conductor and Mobility Controller to control access to the Employee and Guest WLAN Control secure access to the WLAN using Aruba Firewall Policies and Roles Recognize and explain Radio Frequency Bands and channels, and the standards used to regulate them Describe the concept of radio frequency coverage and interference and successful implementation and diagnosis of WLAN systems Identify and differentiate antenna technology options to ensure optimal coverage in various deployment scenarios Describe RF power technology including, signal strength, how it is measured and why it is critical in designing wireless networks Learn to configure and optimize Aruba ARM and Client Match and Client Insight features Learn how to perform network monitoring functions and troubleshooting This course teaches the knowledge, skills and practical experience required to set up and configure a basic Aruba WLAN utilizing the AOS 8.X architecture and features. Using lecture and labs, this course provides the technical understanding and hands-on experience of configuring a single Mobility Conductor with one controller and AP Aruba WLAN. Participants will learn how to use Aruba hardware and AOS8 to install and build a complete, secure controller network with multiple SSIDs. WLAN Fundamentals Describes the fundamentals of 802.11, RF frequencies and channels Explain RF Patterns and coverage including SNR Roaming Standards and QOS requirements Mobile First Architecture An introduction to Aruba Products including controller types and modes OS 8.X Architecture and features License types and distribution Mobility Conductor Mobility Controller Configuration Understanding Groups and Subgroups Different methods to join Mobility Controller with Mobility Conductor Understanding Hierarchical Configuration Secure WLAN configuration Identifying WLAN requirements such as SSID name, encryption, authentication Explain AP groups structure and profiles Configuration of WLAN using the Mobility Conductor GUI AP Provisioning Describes the communication between AP and Mobility controller Explain the AP booting sequence and requirements Explores the APs controller discovery mechanisms Explains how to secure AP to controller communication using CPSec Describes AP provisioning and operations WLAN Security Describes the 802.11 discovery, authentication and association Explores the various authentication methods, 802.1x with WPA/WPA2, Mac auth Describes the authentication server communication Explains symmetric vs asymmetric Keys, encryption methods WIPS is described along with rogue discovery and protection Firewall Roles and Policies An introduction into Firewall Roles and policies Explains Aruba?s Identity based Firewall Configuration of Policies and Rules including aliases Explains how to assign Roles to users Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores OS 8.X Airmatch to calibrate the network How Client Match and Client Insight match steers clients to better APs Guest Access Introduces Aruba?s solutions for Guest Access and the Captive portal process Configuration of secure guest access using the internal Captive portal The configuration of Captive portal using Clearpass and its benefits Creating a guest provisioning account Troubleshooting guest access Network Monitoring and Troubleshooting Using the Mobility Conductor dashboard to monitor and diagnose client, WLAN and AP issues Traffic analysis using APPrf with filtering capabilities A view of AirWave's capabilities for monitoring and diagnosing client, WLAN and AP issues

Duration 5 Days 30 CPD hours This course is intended for ECSS is designed for anyone who wants to enhance their skills and make a career in information security, network security, and computer forensics fields. It can be IT Specialists, Network Administrators, or System Administrators. Overview Upon successful completion of this course, students will learn: Key issues plaguing the information security, network security, and computer forensics. Fundamentals of networks and various components of the OSI and TCP/IP model. Various network security protocols. Various types of information security threats and attacks, and their countermeasures. Social engineering techniques, identify theft, and social engineering countermeasures. Different stages of the hacking cycle Identification, authentication, and authorization concepts Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private Network, and Honeypot. Fundamentals of IDS and IDS evasion techniques. Data backup techniques and VPN security. Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security. Different types of web server and web application attacks, and countermeasures. Fundamentals of ethical hacking and pen testing. Incident handling and response process. Cyber-crime and computer forensics investigation methodology. Different types of digital evidence and digital evidence examination process. Different type of file systems and their comparison (based on limit and features). Gathering volatile and non-volatile information from Windows and network forensics analysis mechanism. Steganography and its techniques. Different types of log capturing, time synchronization, and log capturing tools. E-mails tracking and e-mail crimes investigation. Writing investigation report. This is an entry-level security program covering the fundamental concepts and giving a holistic overview of the key components of information security, computer forensics, and network security. Course Outline Information Security Fundamentals Networking Fundamentals Secure Network Protocols Information Security Threats and Attacks Social Engineering Hacking Cycle Identification, Authentication, and Authorization Cryptography Firewalls Intrusion Detection System Data Backup Virtual Private Network Wireless Network Security Web Security Ethical Hacking and Pen Testing Incident Response Computer Forensics Fundamentals Digital Evidence Understanding File Systems Windows Forensics Network Forensics and Investigating Network Traffic Steganography Analyzing Logs E-mail Crime and Computer Forensics Writing Investigative Report Additional course details: Nexus Humans EC-Council Certified Security Specialist (ECSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Security Specialist (ECSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Typical candidates for this course are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies Overview After you successfully complete this course, expect to be able to: Explain how Aruba's wireless networking solutions meet customers' requirements Explain fundamental WLAN technologies, RF concepts, and 802.11 Standards Learn to configure the Mobility Master and Mobility Controller to control access to the Employee and Guest WLAN Control secure access to the WLAN using Aruba Firewall Policies and Roles Recognize and explain Radio Frequency Bands and channels, and the standards used to regulate them Describe the concept of radio frequency coverage and interference and successful implementation and diagnosis of WLAN systems Identify and differentiate antenna technology options to ensure optimal coverage in various deployment scenarios Describe RF power technology including, signal strength, how it is measured and why it is critical in designing wireless networks Learn to configure and optimize Aruba ARM and Client Match features Learn how to perform network monitoring functions and troubleshooting AR-AMF teaches knowledge, skills & practical exp. to set up & config a basic AR WLAN utilizing OS 8.X architecture & features.using lecture & labs,AR-AMF provides tech. & hands-on exp. of config. a single Mobility Master with 1 controller & AP WLAN WLAN Fundamentals Describes the fundamentals of 802.11, RF frequencies and channels Explain RF Patterns and coverage including SNR Roaming Standards and QOS requirements Mobile First Architecture An introduction to Aruba Products including controller types and modes OS 8.X Architecture and features License types and distribution Mobility Master Mobility Controller Configuration Understanding Groups and Subgroups Different methods to join MC with MM Understanding Hierarchical Configuration Secure WLAN configuration Identifying WLAN requirements such as SSID name, encryption, authentication Explain AP groups structure and profiles Configuration of WLAN using the Mobility Master GUI AP Provisioning Describes the communication between AP and Mobility controller Explain the AP booting sequence and requirements Explores the APs controller discovery mechanisms Explains how to secure AP to controller communication using CPSec Describes AP provisioning and operations WLAN Security Describes the 802.11 discovery, authentication and association Explores the various authentication methods, 802.1x with WPA/WPA2, Mac auth Describes the authentication server communication Explains symmetric vs asymmetric Keys, encryption methods WIPS is described along with rogue discovery and protection Firewall Roles and Policies An introduction into Firewall Roles and policies Explains Aruba?s Identity based Firewall Configuration of Policies and Rules including aliases Explains how to assign Roles to users Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores the new OS 8.X Airmatch to calibrate the network How Client Match and Client Insight match steers clients to better Aps Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores the new OS 8.X Airmatch to calibrate the network How Client Match and Client Insight match steers clients to better Aps Guest Access Introduces Aruba?s solutions for Guest Access and the Captive portal process Configuration of secure guest access using the internal Captive portal The configuration of Captive portal using Clearpass and its benefits Creating a guest provisioning account Troubleshooting guest access Network Monitoring and Troubleshooting Using the MM dashboard to monitor and diagnose client, WLAN and AP issues Traffic analysis using APPrf with filtering capabilities A view of Airwaves capabilities for monitoring and diagnosing client, WLAN and AP issues

Duration 5 Days 30 CPD hours Overview SDWAN Overview Cisco SDWAN Hardware Deploying the Overlay Configuring vManage Deploying using Templates Creating Policies Monitoring vManage vAnalytics Troubleshooting Tools for VManage In this Implementation and Configuration SDWAN Course, students will deploy and configure SD-WAN Controllers, vEdge Devices, and Cisco IOS-XE Devices. Students will create Multiple Device and CLI Templates that will allow Hundreds of devices to be deployed using only a few Centralized Templates. Students will create Security Policies to enable the Enterprise Firewall, IDS/IPS, URL Filtering, and Web Layer Security to protect and allow Enterprises to deploy Cloud applications as well as Direct Internet Access (DIA). Students will also create Local and Central Policies that enable a Centralized Policy control of WAN Routing and device QOS configuration and enforcement. Students will also learn how Cisco SD-WAN allows Enterprises to deploy an effective Cloud Solutions such as Amazon AWS, Microsoft Azure, and Google Cloud. Students will also learn how to Monitor and Troubleshoot the SD-WAN Solution. SDWAN Overview Describe what a Software-Defined Wide Area Network (SD-WAN) is Describe the secure extensible network Describe the function of the virtual IP fabric created in the SD-WAN solution What is SDWAN Cisco Cloud vs On-premises vs private cloud management Cisco IWAN vs Viptela SDWAN IWAN Migration to SDWAN SDWAN Integration with Cisco Cisco SDWAN Licensing Deploying Cisco SDWAN Controllers On-Prem vs Cloud deployment vManage NMS vBond Orchestrator Deploy the vSmart Controller Controller High Availability Cluster Management Cisco SDWAN Certificates and Whitelists On-Prem vs Cloud Certificate deployment Controller Certificates Hardware Device Certificates Software Device Certificates Certificates Device Whitelists Controller Whitelists Cisco SDWAN Edge Devices vEdge Appliances vEdge Cloud Cisco IOS-XE Platforms Cisco CSR 1000V Router Cisco 54xx Enterprise Network Compute System (ENCS) Cisco SDWAN Fabric and Overview Virtual Fabric Overview Overlay Management Protocol Transport Locators (TLOCs) Multicast TCP Optimization Opening Firewall Ports Software Installation and Upgrade vEdge Routers Deploying vEdge Routers Migrating IOS-XE Devices to Cisco SD-WAN Zero Touch Provisioning Deploy AWS Gateway using the AWS Wizard Cisco SD-WAN Security Solution Security SDWAN IOS-XE Security SDWAN vEdge Security Firewall Ports Control Plane Security Data Plane Security Traffic Segmentation Service Chaining Cloud Security Enterprise Firewall Quality of Service Application Visibility and Recognition Differentiated Services-Quality of Service Critical Applications SLA Path MTU Discovery TCP Performance Optimization Bidirectional Forwarding Detection (BFD) vEdge Router Queuing Configuring vManage Using the vManage Interface Using the vManage Dashboard Administration Configuration SD-WAN Templates Templates Wide Area Application Server (WAAS) Maintenance Configure Cisco Umbrella Quality of Service (QoS) SD-WAN Policies Local Policies vs Central Policies Policies Smart policies (Control, Data, AppRoute, cflowd) SD-WAN Cloud OnRamp SAAS Cloud OnRamp IAAS vAnalytics Applications Network Availability Network Health vAnalytics Dashboard Monitoring vManage Network ACL Log Alarms Audit Log Events Geography View Device Information View Link Information Configure Geographic Coordinates for a Device Troubleshooting Tools for vManage Using vManage to Troubleshoot the environment Operational Commands Rediscover Network CLI Command to troubleshoot the environment. SSH Terminal Additional course details: Nexus Humans ICSDWAN-CT-Implementing, Configuring, Monitoring, and Troubleshooting Cisco (Viptela)SDWAN training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the ICSDWAN-CT-Implementing, Configuring, Monitoring, and Troubleshooting Cisco (Viptela)SDWAN course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Typical candidates for this course are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies. Overview After you successfully complete this course, expect to be able to: Explain how Aruba's wireless networking solutions meet customers' requirements Explain fundamental WLAN technologies, RF concepts, and 802.11 Standards Learn to configure the Mobility Master and Mobility Controller to control access to the Employee and Guest WLAN Control secure access to the WLAN using Aruba Firewall Policies and Roles Recognize and explain Radio Frequency Bands and channels, and the standards used to regulate them Describe the concept of radio frequency coverage and interference and successful implementation and diagnosis of WLAN systems Identify and differentiate antenna technology options to ensure optimal coverage in various deployment scenarios Describe RF power technology including, signal strength, how it is measured and why it is critical in designing wireless networks Learn to configure and optimize Aruba ARM and Client Match and Client Insight features Learn how to perform network monitoring functions and troubleshooting This course teaches the knowledge, skills and practical experience required to set up and configure a basic Aruba WLAN utilizing the OS 8.X architecture and features. Using lecture and labs, this course provides the technical understanding and hands-on experience of configuring a single Mobility Master with one controller and AP Aruba WLAN. Participants will learn how to use Aruba hardware and ArubaOS to install and build a complete, secure controller network with multiple SSIDs. This course provides the underlying material required to prepare candidates for the Aruba Certified Mobility Associate (ACMA) certification exam. WLAN Fundamentals Describes the fundamentals of 802.11, RF frequencies and channels Explain RF Patterns and coverage including SNR Roaming Standards and QOS requirements Mobile First Architecture An introduction to Aruba Products including controller types and modes OS 8.X Architecture and features License types and distribution Mobility Master Mobility Controller Configuration Understanding Groups and Subgroups Different methods to join MC with MM Understanding Hierarchical Configuration Secure WLAN configuration Identifying WLAN requirements such as SSID name, encryption, authentication Explain AP groups structure and profiles Configuration of WLAN using the Mobility Master GUI AP Provisioning Describes the communication between AP and Mobility controller Explain the AP booting sequence and requirements Explores the APs controller discovery mechanisms Explains how to secure AP to controller communication using CPSec Describes AP provisioning and operations WLAN Security Describes the 802.11 discovery, authentication and association Explores the various authentication methods, 802.1x with WPA/WPA2, Mac auth Describes the authentication server communication Explains symmetric vs asymmetric Keys, encryption methods WIPS is described along with rogue discovery and protection Firewall Roles and Policies An introduction into Firewall Roles and policies Explains Aruba?s Identity based Firewall Configuration of Policies and Rules including aliases Explains how to assign Roles to users Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores OS 8.X Airmatch to calibrate the network How Client Match and ClientInsight match steers clients to better APs Guest Access Introduces Aruba?s solutions for Guest Access and the Captive portal process Configuration of secure guest access using the internal Captive portal The configuration of Captive portal using Clearpass and its benefits Creating a guest provisioning account Troubleshooting guest access Network Monitoring and Troubleshooting Using the MM dashboard to monitor and diagnose client, WLAN and AP issues Traffic analysis using APPrf with filtering capabilities A view of Airwaves capabilities for monitoring and diagnosing client, WLAN and AP issues Additional course details: Nexus Humans Aruba Mobility Fundamentals, Rev. 20.11 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Aruba Mobility Fundamentals, Rev. 20.11 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Network and security architects and consultants who design the enterprise and data center networks and VMware NSX environments Overview By the end of the course, you should be able to meet the following objectives: Describe and apply a design framework Apply a design process for gathering requirements, constraints, assumptions, and risks Design a VMware vSphere virtual data center to support NSX-T Data Center requirements Create a VMware NSX Manager™ cluster design Create a VMware NSX Edge™ cluster design to support traffic and service requirements in NSX-T Data Center Design logical switching and routing Recognize NSX-T Data Center security best practices Design logical network services Design a physical network to support network virtualization in a software-defined data center Create a design to support the NSX-T Data Center infrastructure across multiple sites Describe the factors that drive performance in NSX-T Data Center This five-day course provides comprehensive training on considerations and practices to design a VMware NSX-T? Data Center environment as part of a software-defined data center strategy. This course prepares the student with the skills to lead the design of NSX-T Data Center offered in release 3.2, including design principles, processes, and frameworks. The student gains a deeper understanding of the NSX-T Data Center architecture and how it can be used to create solutions to address the customer?s business needs. Course Introduction Introduction and course logistics Course objectives Design Concepts Identify design terms Describe framework and project methodology Describe VMware Validated Design? Identify customers? requirements, assumptions, constraints, and risks Explain the conceptual design Explain the logical design Explain the physical design NSX Architecture and Components Recognize the main elements in the NSX-T Data Center architecture Describe the NSX management cluster and the management plane Identify the functions and components of management, control, and data planes Describe the NSX Manager sizing options Recognize the justification and implication of NSX manager cluster design decisions Identify the NSX management cluster design options NSX Edge Design Explain the leading practices for edge design Describe the NSX Edge VM reference designs Describe the bare-metal NSX Edge reference designs Explain the leading practices for edge cluster design Explain the effect of stateful services placement Explain the growth patterns for edge clusters Identify design considerations when using L2 bridging services NSX Logical Switching Design Describe concepts and terminology in logical switching Identify segment and transport zone design considerations Identify virtual switch design considerations Identify uplink profile, VMware vSphere© Network I/O Control profile, and transport node profile design considerations Identify Geneve tunneling design considerations Identify BUM replication mode design considerations NSX Logical Routing Design Explain the function and features of logical routing Describe NSX-T Data Center single-tier and multitier routing architectures Identify guidelines when selecting a routing topology Describe the BGP and OSPF routing protocol configuration options Explain gateway high availability modes of operation and failure detection mechanisms Identify how multitier architectures provide control over stateful service location Identify VRF Lite requirements and considerations Identify the typical NSX scalable architectures NSX Security Design Identify different security features available in NSX-T Data Center Describe the advantages of an NSX Distributed Firewall Describe the use of NSX Gateway Firewall as a perimeter firewall and as an intertenant firewall Determine a security policy methodology Recognize the NSX-T Data Center security best practices NSX Network Services Identify the stateful services available in different edge cluster high availability modes Describe failover detection mechanisms Explain the design considerations for integrating VMware NSX© Advanced Load Balancer? with NSX-T Data Center Describe stateful and stateless NSX-T Data Center NAT Identify benefits of NSX-T Data Center DHCP Identify benefits of metadata proxy Describe IPSec VPN and L2 VPN Physical Infrastructure Design Identify the components of a switch fabric design Assess Layer 2 and Layer 3 switch fabric design implications Review guidelines when designing top-of-rack switches Review options for connecting transport hosts to the switch fabric Describe typical designs for VMware ESXi? compute hypervisors with two pNICs Describe typical designs for ESXi compute hypervisors with four or more pNICs Describe a typical design for a KVM compute hypervisor with two pNICs Differentiate dedicated and collapsed cluster approaches to SDDC design NSX Multilocation Design Explain scale considerations in an NSX-T Data Center multisite design Describe the main components of the NSX Federation architecture Describe the stretched networking capability in Federation Describe stretched security use cases in Federation Compare Federation disaster recovery designs NSX Optimization Describe Geneve Offload Describe the benefits of Receive Side Scaling and Geneve Rx Filters Explain the benefits of SSL Offload Describe the effect of Multi-TEP, MTU size, and NIC speed on throughput Explain the available N-VDS enhanced datapath modes and use cases List the key performance factors for compute nodes and NSX Edge nodes

Duration 5 Days 30 CPD hours This course is intended for Network and security architects and consultants who design the enterprise and data center networks and NSX environments Overview By the end of the course, you should be able to meet the following objectives: Describe and apply a design framework Apply a design process for gathering requirements, constraints, assumptions, and risks Design a VMware vSphere virtual data center to support NSX requirements Create a VMware NSX Manager™ cluster design Create a VMware NSX Edge™ cluster design to support traffic and service requirements in NSX Design logical switching and routing Recognize NSX security best practices Design logical network services Design a physical network to support network virtualization in a software-defined data center Create a design to support the NSX infrastructure across multiple sites Describe the factors that drive performance in NSX This five-day course provides comprehensive training on considerations and practices to design a VMware NSX© environment as part of a software-defined data center strategy. This course prepares the student with the skills to lead the design of an NSX environment, including design principles, processes, and frameworks. The student gains a deeper understanding of the NSX architecture and how it can be used to create solutions to address the customer?s business needs. Course Introduction Introduction and course logistics Course objectives NSX Design Concepts Identify design terms Describe framework and project methodology Describe the role of VMware Cloud Foundation? in NSX design Identify customers? requirements, assumptions, constraints, and risks Explain the conceptual design Explain the logical design Explain the physical design NSX Architecture and Components Recognize the main elements in the NSX architecture Describe the NSX management cluster and the management plane Identify the functions and components of management, control, and data planes Describe the NSX Manager sizing options Recognize the justification and implication of NSX Manager cluster design decisions Identify the NSX management cluster design options NSX Edge Design Explain the leading practices for edge design Describe the NSX Edge VM reference designs Describe the bare-metal NSX Edge reference designs Explain the leading practices for edge cluster design Explain the effect of stateful services placement Explain the growth patterns for edge clusters Identify design considerations when using L2 bridging services NSX Logical Switching Design Describe concepts and terminology in logical switching Identify segment and transport zone design considerations Identify virtual switch design considerations Identify uplink profile and transport node profile design considerations Identify Geneve tunneling design considerations Identify BUM replication mode design considerations NSX Logical Routing Design Explain the function and features of logical routing Describe the NSX single-tier and multitier routing architectures Identify guidelines when selecting a routing topology Describe the BGP and OSPF routing protocol configuration options Explain gateway high availability modes of operation and failure detection mechanisms Identify how multitier architectures provide control over stateful service location Identify EVPN requirements and design considerations Identify VRF Lite requirements and considerations Identify the typical NSX scalable architectures NSX Security Design Identify different security features available in NSX Describe the advantages of an NSX Distributed Firewall Describe the use of NSX Gateway Firewall as a perimeter firewall and as an intertenant firewall Determine a security policy methodology Recognize the NSX security best practices NSX Network Services Identify the stateful services available in different edge cluster high availability modes Describe failover detection mechanisms Compare NSX NAT solutions Explain how to select DHCP and DNS services Compare policy-based and route-based IPSec VPN Describe an L2 VPN topology that can be used to interconnect data centers Explain the design considerations for integrating VMware NSX© Advanced Load Balancer? with NSX Physical Infrastructure Design Identify the components of a switch fabric design Assess Layer 2 and Layer 3 switch fabric design implications Review guidelines when designing top-of-rack switches Review options for connecting transport hosts to the switch fabric Describe typical designs for VMware ESXi? compute hypervisors with two pNICs Describe typical designs for ESXi compute hypervisors with four or more pNICs Differentiate dedicated and collapsed cluster approaches to SDDC design NSX Multilocation Design Explain scale considerations in an NSX multisite design Describe the main components of the NSX Federation architecture Describe the stretched networking capability in Federation Describe stretched security use cases in Federation Compare the Federation disaster recovery designs NSX Optimization and DPU-Based Acceleration Describe Geneve Offload Describe the benefits of Receive Side Scaling and Geneve Rx Filters Explain the benefits of SSL Offload Describe the effect of Multi-TEP, MTU size, and NIC speed on throughput Explain the available enhanced datapath modes and use cases List the key performance factors for compute nodes and NSX Edge nodes Describe DPU-Based Acceleration Define the NSX features supported by DPUs Describe the hardware and networking configurations supported with DPUs