VMware Cloud Expert

Lab 6 - L7 Security – L7 FW, FQDN filtering & IDPS

Lab 6 and 7 Lecture Material

PDF
PowerPoint

Task 1

Enable the NSX Advanced Firewall Add-on

Before any of these features can be used, you must first enable the add-on onto your SDDC. In this tasks, we’ll walk through the steps of enabling the NSX Advanced Firewall functionality onto your SDDC.

Lab Guide
Start Lab

Task 2

Configure a Context-Aware Firewall Rule

NSX Context-Aware Firewall Rule (L7) enhances visibility at the application level and helps to override the problem of application permeability. Visibility at the application layer helps you to monitor the workloads better from a resource, compliance, and security point of view.

Lab Guide
Start Lab

Task 3

FQDN Filtering

VMC on AWS can allow users to only access specific domains by whitelisting and/or blacklisting FQDNs. In many high-security environments, outgoing traffic is filtered using the Distributed firewall. When you want to access an external service, you usually create IP-based firewall rules.

Lab Guide
Start Lab

Task 4

Distributed IDS/IPS

VMware NSX Distributed IDS/IPS provides security operators with a software-based IDS/IPS solution that enables them to achieve regulatory compliance, create virtual zones and detect lateral movement of threats on east-west traffic.

Lab Guide
Start Lab
Previous Lab
Estimated Progress
45%

Back to Index of Learning Materials

Next Lab