VMware NSX Microsegmentation

3 days


In this intensive three-day course, you will explore the security-focused features of VMware NSX 6.3, including the distributed firewall and the Service Composer, to help drive your microsegmentation deployment to success.

Product Alignment

- NSX 6.3


Experienced system administrators, network administrators, and engineers or system integrators responsible for implementing security policy in the software-defined data center

Skills Gained

By the end of the course, you should be able to meet the following objectives:

  • Describe the software-defined data center
  • Explain the NSX components and their function in the infrastructure
  • Deploy NSX for microsegmentation
  • Describe the distributed firewall architecture
  • Configure and manage NSX with VMware vSphere Web Client
  • Configure distributed firewall policies
  • Use the Service Composer to automate security policy application
  • Understand partner integration workflows
  • Troubleshoot the distributed firewall from the VMware ESXi command-line interface (CLI)
  • Troubleshoot the distributed firewall from the NSX central CLI



You should understand security concepts.

Course Outline

Course Introduction

  • Introductions and course logistics
  • Course objectives
  • Describe the content of this course
  • Familiarize yourself with the benefits of the VMware Education Learning Zone
  • Identify additional resources

NSX and the Software-Defined Data Center

  • Describe the software-defined data center
  • Understand the differences in security approach between the traditional data center and the software-defined data center

Management Plane Components

  • Understand the management, control, and data planes
  • Describe VMware NSX Manager
  • Describe the NSX infrastructure and component communications
  • Install NSX components for host preparation
  • Troubleshoot host preparation problems
  • Introduce the NSX central CLI

Data Plane Components

  • Describe the distributed firewall components and explain how they communicate with each other
  • Validate proper functioning of data plane components through the ESXi CLI
  • Validate proper functioning of data plane components through the NSX central CLI

NSX Edge Firewall

  • Describe the NSX Edge firewall
  • Explain how the distributed firewall and NSX Edge firewall rules are managed by NSX Manager
  • Validate and troubleshoot the NSX Edge firewall through the NSX Edge CLI

NSX Distributed Firewall

  • Describe the NSX distributed firewall
  • Explain how NSX service chaining dynamically responds to changing security conditions
  • Explain how the distributed firewall, the filtering module, and traffic redirection modules work together
  • Use the ESXi CLI to troubleshoot the distributed firewall
  • Use the NSX central CLI to troubleshoot the distributed firewall

NSX Service Composer

  • Describe the Service Composer
  • Describe the Service Composer architecture
  • Use the Service Composer to create dynamic security policy

NSX Identity-Based Firewalling

  • Describe the identity-aware firewall
  • Configure the NSX identity-based firewall

NSX Partner Integration Solutions

  • Explain the architecture of Guest Introspection with third-party devices

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. It's a cost effective option.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

Upcoming Dates

  • GREEN This class is Guaranteed To Run.
  • SPVC - Self-Paced Virtual Class.
  • Click a Date to Enroll.
Course Location Days Cost Date
Virtual Virtual3 2250 £2250 2019-10-09