Securing NSXALB Using NSX
Presentation on securing NSXALB with NSX at UK VMUG The outline of the presentation is how to use the pre-populated security groups deployed by NSXALB into NSX to secure the platform.
Presentation on securing NSXALB with NSX at UK VMUG The outline of the presentation is how to use the pre-populated security groups deployed by NSXALB into NSX to secure the platform.
In this series, I’ll go over the lab environment, which I share with https://www.simplygeek.co.uk/ History: My home lab started at home with two servers and https://www.simplygeek.co.uk/ having the same setup. In 2020, the UK saw a huge increase in electricity and fuel costs, so these systems couldn’t be run 24/7 due to sheer cost. Having … Read more
NSX IDS Configuration workflow: Enabling NSX IDSP To enable distributed IDSP for standalone hosts or clusters where traffic passes through NSX virtual network segments – VLAN-backed and overlay. Note: The configuration flow to enable NSX-distributed IDS/IPS is as follows: Security > [Policy Management] IDS/IPS & Malware Prevention > Settings > Shared Within the Define Scope for Malware Prevention & IDS/IPS Deployment, select the cluster … Read more
Create an NSX-T manager health check within AVI: As previously mentioned in this post AVI and heath check we want the ability to run an API health check against each node of the pool (NSX manager nodes). Before we create the virtual service we need to create a health monitor for the NSX-T managers. To … Read more
The NSX-T Management Cluster comprises of three NSX-T Manager nodes to provide high availability and scalability. To support a single access point for the NSX-T Manager user interface and API, you can assign a VIP address for the NSX-T Management Cluster. Once the VIP is set, any UI and API requests to NSX-T are redirected … Read more
In this post, we will go through the process of deploying an AVI Controller cluster. The reason for deploying this as a cluster is to emulate a production deployment. AVI is supported on a single controller, but you lose control plane high availability. If your resource-constrained in your lab (AVI controllers are rather big), If … Read more
Introduction Server & infrastructure automation now plays an essential role in systems administration due to the disposable nature of modern environments. Tools such as Ansible are typically used to streamline the process of automating server setup by establishing standard procedures for new servers while also reducing human error associated with manual setups. It also offers the ability to … Read more
I’ve had the privilege of working with VMware’s BU and the Livefire teams on an IDFW design that can be consumed at scale. Hopefully, people can make use of my findings. Note: That this design can be consumed by VDI. but in this example i’m am using RDSH. Requirements: Just some critical information in the … Read more
NSX-T IDFW (identity firewall) is a great feature that enables customers to create Active Directory group-based Distributed Firewall (DFW) rules within an NSX-T deployment. One of the biggest challenges specifically in larger Active Directory deployments is the total number of users and a total number of groups that NSX-T 3.1.x can consume. At the current … Read more
A brief recap from part 1 Deployed 4x VMs, with ubuntu 20.04 Created an inventory list of the nodes Update the VM’s Deployed the prerequisites Deployed Docker-ce Deploy Non-Root user Add K8 repositories Disable Swap Deploy Master Configuaration Deploy Worker Configuaration