Student Self Paced Training – Day 2

  • SDDC Overview
  • Features and Operations
  • SDDC Networking
  • AWS Native Integration
  • Integrating VMC with an On Premises Data Center
  • Configuring Hybrid Linked Mode
  • NSX Advanced Security
  • SDDC Groups and VPC Connectivity
  • HCX deployment, interconnect, and migrations
  • Disaster Recovery with Site Recovery
  • VMware Cloud Disaster Recovery
  • Cloud Management
  • Cloud Health
  • SDDC Design Workshop
Day 2
Lab 4 and 5
Lab 4 and 5 Lecture Materials
Lab 4, Task 1 In this lab we will acces the on premises environment with VDI
Accessing the On-Premises Environment
Lab 4, Task 2 In this task, we will modify the firewall rule to restrict the management of workloads running in VMC on AWS from your On-Premises lab environment only.
Restrict SDDC vCenter Access to the On-Premises Environment
Lab 4, Task 3 In this lab we are going to start with looking at the basic tasks you can perform in the VMware Cloud on AWS user interface when you are administering the platform. We'll take a close look and discover, through a very intuitive interface, where you perform specific administrative tasks.
Configure IPSec VPN
Lab 4, Task 4 We will now confirm connectivity through the IPSec VPN tunnel. In doing this we must first create the required Firewall policy on the Compute and Management Gateways in the SDDC to allow incoming communications.
Modify SDDC Firewall and Test VPN Connectivity
Lab 4, Task 5 In this lab task, we will adjust the Firewall setting on the Compute Gateway of the SDDC to allow communications.
Allow Access Between On-Premises and SDDC
Lab 5, Task 1 Hybrid Linked Mode allows you to link your VMware Cloud on AWS vCenter Server instance with an on-premises vCenter Single Sign-On domain. If you link your cloud vCenter Server to a domain that contains multiple vCenter Server instances linked using Enhanced Linked Mode, all of those instances are linked to your cloud SDDC.
Review Cloud Gateway Appliance Settings
Lab 5, Task 2 In this lab task, we will create a new Active Directory Group to map to HLM and the cloud admins VMC vCenter group.
Create an HLM Admin Group
Lab 5, Task 3 We will now configure Hybrid Linked mode by registering the On-Premises vCenter and SDDC vCenter to the Cloud gateway, we’ll also provide an Active Directory Group that will be assigned Cloud Admin Privileges
Allow Access Between On-Premises and SDDC
Lab 6 and 7
Lab 6 and 7 Lecture Materials
Lab 6, Task 1 Before any of these features can be used, you must first enable the add-on onto your SDDC. In this tasks, we'll walk through the steps of enabling the NSX Advanced Firewall functionality onto your SDDC.
Enable the NSX Advanced Firewall Add-on
Lab 6, Task 2 NSX Context-Aware Firewall Rule (L7) enhances visibility at the application level and helps to override the problem of application permeability. Visibility at the application layer helps you to monitor the workloads better from a resource, compliance, and security point of view.
Configure a Context-Aware Firewall Rule
Lab 6, Task 3 VMC on AWS can allow users to only access specific domains by whitelisting and/or blacklisting FQDNs. In many high-security environments, outgoing traffic is filtered using the Distributed firewall. When you want to access an external service, you usually create IP-based firewall rules.
FQDN Filtering
Lab 6, Task 4 VMware NSX Distributed IDS/IPS provides security operators with a software-based IDS/IPS solution that enables them to achieve regulatory compliance, create virtual zones and detect lateral movement of threats on east-west traffic.
Distributed IDS/IPS
Lab 7, Task 1 In this lab, we will first create an SDDC Group with a single SDDC, the purpose of this exercise is to show that an SDDC group can contain a single SDDC, but also to highlight that the VMware Transit connect of the SDDC Group can be used to allow high-bandwidth, low-latency connectivity from SDDC(s) in a group to Native AWS VPC(s).
Create a Single SDDC SDDC Group
Lab 7, Task 2 Integrate an AWS VPC to VMware Transit Connect
Connect a Native VPC to your SDDC Group
Lab 7, Task 3 Identify the FSx Service for Consumption.
Consume a Native AWS Service Across the Transit Connect
Continue to Day 3
  • SDDC Overview
  • Features and Operations
  • SDDC Networking
  • AWS Native Integration
  • Integrating VMC with an On Premises Data Center
  • Configuring Hybrid Linked Mode
  • NSX Advanced Security
  • SDDC Groups and VPC Connectivity
  • HCX deployment, interconnect, and migrations
  • Disaster Recovery with Site Recovery
  • VMware Cloud Disaster Recovery
  • Cloud Management
  • Cloud Health
  • SDDC Design Workshop

These simulated labs are broken down into small, consumable tasks which roll up into the lab objectives.  If you would also like to review the lecture materials, please see the “All lecture materials” or click on the PDF or PowerPoint buttons for each lab.