Deep dive on VMware NSX and implementation best practices.
Security considerations – Cluster design – Distributed Firewall rules
Important to remember to create an exclusion for your vCenter and External Platform controller from the Distributed Firewall rulesets being deployed if you have default rules or you may “accidentally” disable access to your vCenter and it’s communication to/from the NSX Mgmt platform.
Policy Policy Policy – This simplifies your network security.
Leverage vCenter objects and especially Security Groups to abstract workloads. This will allow for more dynamic policies and are setup as static memberships or dynamic memberships. Of course by definiton dynamic groups are much more flexible.
Security tags are stored in the NSX Mgr database separately from vCenter tags. These are defined as part of service composer blueprints.
This LiveFire training focused on NSX-v and not NSX-t.
Please excuse any typos as I was typing this on my iPad.