VCIX-NV Study Guide
As I prepare for my VMware Certified Implementation Expert (VCIX-NV) exam I thought it would be beneficial to document the “how to” portion of each of the blueprint sections. This allows me to fully understand each topic on the exam as well as provide useful information to the community to help them study for their sitting of the test as well. As I am still working on it, the links will only be available as I finish, but I will be pushing to finish material as quickly as I can as I will be sitting the exam soon. Each section below will consist of a link to a post that will outline what I feel will be useful to know as well as screenshots capturing the processes in my lab environment. Since each section will be a post, I would recommend subscribing to my blog to ensure that you are updated as new posts are finished. If you think there is any other helpful information, please feel free to share and good luck to everyone sitting the exam 🙂
Section 1: Install and Upgrade VMware NSX
Objective 1.1: Deploy VMware NSX Components
- Deploy the NSX Manager virtual appliance
- Integrate the NSX Manager with vCenter Server
- Create IP Pools
- Implement and Configure NSX Controllers
- Prepare Host Clusters for Network Virtualization
- Implement NSX Edge Services Gateway devices
- Implement Logical Routers
- Deploy vShield Endpoints
- Implement Data Security
Objective 1.2: Upgrade VMware NSX Components
- Upgrade vShield Manager 5.5 to NSX Manager 6.x.
- Upgrade NSX Manager 6.0 to NSX Manager 6.0.x
- Upgrade Virtual Wires to Logical Switches
- Upgrade vShield App to NSX Firewall
- Upgrade vShield 5.5 to NSX Edge 6.x
- Upgrade vShield Endpoint 5.x to vShield Endpoint 6.x
- Upgrade to NSX Data Security
Objective 1.3: Configure and Manage Transport Zones
- Create Transport Zones
- Configure the control plane mode for a Transport Zone
- Add clusters to Transport Zones
- Remove clusters from Transport Zones
Section 2: Create and Manage VMware NSX Virtual Networks
Objective 2.1: Create and Administer Logical Switches
- Create/Delete Logical Switches
- Assign and configure IP addresses
- Connect a Logical Switch to an NSX Edge
- Deploy services on a Logical Switch
- Connect/Disconnect virtual machines to/from a Logical Switch
- Test Logical Switch connectivity
Objective 2.2: Configure VXLANs
- Prepare a cluster for VXLAN
- Configure VXLAN transport zone parameters
- Configure the appropriate teaming policy for a given implementation
Objective 2.3: Configure and Manage Layer 2 Bridging
Objective 2.4: Configure and Manage Logical Routers
- Configure default gateway parameters
- Add/Remove static routes
- Configure dynamic routing protocols: OSPF, BGP, IS-IS
- Configure route redistribution
Section 3: Deploy and Manage NSX Network Services
Objective 3.1: Configure and Manage Logical Load Balancing
- Configure the Load Balancer service
- Create/Modify/Remove a service monitor
- Create/Modify/Remove a server pool
- Create/Modify/Remove an application profile and rules
- Create/Modify/Remove virtual servers
Objective 3.2: Configure and Manage Logical Virtual Private Networks (VPNs)
- Enable/Disable IPSec VPN service
- Configure global IPSec VPN parameters
- Generate a Certificate Signing Request (CSR)
- Enable and configure logging
- Implement Network Access SSL VPN-Plus
- Implement Web Access SSL VPN-Plus
- Enable/Disable L2 VPN
- Add and configure a L2 VPN server
- Add and configure a L2 VPN client
Objective 3.3: Configure and Manage DHCP/DNS/NAT
- Add/Modify/Delete a DHCP IP Pool
- Enable/Disable the DHCP service
- Add/Remove a DHCP static binding
- Enable/Disable DNS services
- Configure DNS services
- Add/Modify/Delete a Source NAT (SNAT) rule
- Add/Modify/Delete a Destination NAT (DNAT) rule
Section 4: Perform Operational Maintenance
Objective 4.1: Backup and Restore Network Configurations
- Schedule/Backup/Restore NSX Manager data
- Export/Restore vSphere Distributed Switch configuration
- Import/Export Service Composer profiles
- Export/Import/Load Distributed Firewall configurations
Objective 4.2: Monitor an NSX Implementation
- Configure and manage centralized logging for the NSX Manager and NSX Edge devices
- Create/Edit/Delete a Service Monitor
- Monitor and analyze networking and security metrics with vCenter Operations Manager
- Monitor security policies with Activity Monitoring and ensure they are being enforced correctly
- Monitor and analyze traffic to and from protected virtual machines with Flow Monitoring
- Monitor statistics, counters and health of networking services
- Monitor health and status of infrastructure components, such as vSphere, NSX Manager, and Control Cluster
- Enable data collection for single/multiple virtual machines
Section 5: Perform Advanced Troubleshooting
Objective 5.1: Troubleshoot Common NSX Installation/Configuration Issues
- Troubleshoot port assignments in an NSX implementation
- Troubleshoot lookup service configuration
- Troubleshoot vCenter Server integration
- Troubleshoot licensing issues
- Troubleshoot permissions issues
- Troubleshoot host preparation issues
- Troubleshoot IP pool issues
Objective 5.2: Troubleshoot Common NSX Component Issues
- Troubleshoot NSX Manager services
- Troubleshoot NSX Controller cluster status, roles and connectivity
- Troubleshoot active NSX Controller connections
- Troubleshoot Logical Switch transport zone and NSX Edge mappings
- Troubleshoot services deployed on Logical Switches
- Troubleshoot Logical Router interface and route mappings
- Troubleshoot VXLAN and Logical Router mapping tables
- Troubleshoot L2 Bridge learned MAC addresses
- Troubleshoot distributed and edge firewall implementations
Objective 5.3: Troubleshoot Common Connectivity Issues
- Troubleshoot virtual machine connectivity to Logical Switches
- Troubleshoot dynamic routing protocols
- Troubleshoot Virtual Private Networks (VPNs)
- Troubleshoot VXLAN, VTEP, and VNI configuration and connectivity
Objective 5.4: Troubleshoot Common Services Issues
- Troubleshoot NSX Management Services issues
- Troubleshoot Service creation/deletion issues
- Troubleshoot Service Group creation/deletion issues
- Troubleshoot DHCP service issues
- Troubleshoot DNS service issues
- Troubleshoot Network Address Translation (NAT) service issues
- Troubleshoot Logical Load Balancer implementation issues
- Troubleshoot Service Composer implementation issues
- Troubleshoot Data Security issues
Section 6: Secure an NSX Environment
Objective 6.1: Configure and Administer Firewall Services
- Create/Modify/Delete an Edge Firewall rule
- Create/Modify/Delete a Distributed Firewall rule
- Configure Source/Destination/Service/Action rule components
- Modify the order/priority of Firewall rules
- Create/Modify/Delete Firewall rule sections
- Create/Modify/Delete Source and Destination Network Address Translation rules
- Create/Modify/Delete SpoofGuard policies
Objective 6.2: Configure and Administer Role Based Access Control
- Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)
- Configure/Modify/Delete user accounts
- Configure/Modify/Delete user roles
- Assign roles to user accounts
- Disable/Enable user accounts
Objective 6.3: Configure and Manage Service Composer
- Create/Modify/Delete Security Groups
- Create/Modify/Delete Security Policies
- Map Security Policies to Security Groups
- Add/Assign/Edit/Delete Security Tags
- View and manage effective services and failures for a Security Policy
- Manage Security Policy priorities
Section 7: Utilize API and CLI Commands to Manage an NSX Deployment
Objective 7.1: Administer and Execute calls using the NSX vSphere API
- Deploy and successfully authenticate an REST API client
- Construct and execute an API call using correct syntax and formatting
- Analyze, modify, and successfully retrieve configuration data using an existing API call
Objective 7.2: Manage and Report on an NSX Environment using the NSX Command Line Interface (CLI)
- Manage and report on an NSX installation status using ESXi Command Line Interface (CLI) commands
- Manage and report on an NSX Infrastructure using NSX Manager, NSX Controller, and ESXi CLI commands
- Manage and report on a Logical Switch using NSX Controller and ESXi CLI commands
- Manage and report on a Logical Router using NSX Controller, NSX Edge, and ESXi CLI commands
- Manage and report on a Distributed Firewall using NSX Manager and ESXi CLI commands
- Manage and report on an Edge Services VPN-Plus device using NSX Edge and client OS CLI commands
- Manage and report on Load Balancers using NSX Edge CLI commands
Credit goes out to Martijn Smit who runs lostdomain.org There was a ton of good information on his (Un)Official VCIX-NV Study Guide that I was able to reference if I got stuck.
32 Comments
HI Sean
Really very good site Sean , good luck
i am preparing for VCIX-NV exam which hands on labs from vmware i must try it before exam also if you have any recommendations please add it ,
Br
Mokhtar
Hi Mokhtar,
Thanks for the kind words, glad to hear you like my site! I have all my recommendations and thoughts for the VCIX test here. Check it out, and good luck!
Thanks,
Sean
Hello, this link where you say you give all your recommendations requires a login: http://www.virtually-limitless.com/wp-admin/post.php?post=1822&action=edit
Could you please check and tell me if VMware’s HOL are enough to be ready to this exam. It seems VMware’s Fast Track course has no open classes.
Regards!
Hi Mauricio,
I can tell you from experience, and some of my colleagues experiences, that HOL is NOT enough to pass this exam. I would recommend my study guide, other study guides, HOL, personal labs, and ICM.
Thanks,
Sean
Took my first crack at the exam, got jammed up 1/3rd the way through, text would not let me complete, but got a 169 so I was on the right track. My own faulkt, tried to undu too much and jacked up the test engine 😉
Looking forward to attempt 2 for a home run pass 😀 Good luck on yours!
Good luck on your second attempt! I’m sure you will get it.
Hi,
Is this a real lab which will be comming in VCIX exam if yes then i will practice this only! please suggest
Thankyou
Hello,
Yes, the VCIX is a lab based exam.
Thanks,
Sean
How can i registration your website?
You can enter your email on the right side of the website.
Thanks!
Sean
How is your vDS and port groups configured? One vDS across both compute and mgt cluster? Separate vDS for compute and mgt clusters? Can you share your IP scheme across networks?
Hi Tommy,
I only used one VDS, but in production, I would recommend a separate VDS for management.
IP Scheme was mainly just 192.168.1.0/16, 192.168.2.0/16, 192.168.3.0/16, etc. For logical switches I used 172.16.x.x.
Thanks,
Sean
Hi Sean,
I just went through the above mentioned points which covers a to z topics for NCIV-NV. I just subscribed to your blog. The way things are explained is very impressive. I hope this will help me for getting good exposure in NV.
Thanks,
Sean
Hi Abhinav,
Thanks for the kind words!
Sean
I want to be professional in VMware environment.
Hi Sean!
Just registered for my VCIX – NV Exam. You shared knowledge has been of great help. It has helped me prepare for the exam. Thank you!
Hi Stalin,
You’re welcome, glad to help and good luck on the exam!
Sean
I am unable to download the complete Guide Do you have the Guide in a pdf ??
Hi Gaurav,
I do not have it in PDF, sorry.
Thanks,
Sean
Thanks Sean, this is very helpful. Looking to start my prep for VCIX-NV.Appreciate all the effort you put into this and sharing with all.
Regards.
Dinesh
Dear Sean,
Thanks for you are sharing valuable effort and knowledge.
Best Regards,
SOETHI
No problem Soethi! Thanks for the kind words!
Hi Sean, thanks for the awesome site. I would like to know how long you took to prepare for the exam.
Your site is very helpful to me.
And I would like to see the page below 
http://www.virtually-limitless.com/wp-admin/post.php?post=1822&action=edit
Could you share with me?
Thank you so much, it’s a very good compilation and resource to prepare for the exam, I passed on the second attempt.
How is the exam structured? Do they give you a complete network diagram and ask you to config the whole network or do the ask bits and peaces questions for you to fix things they break. My exam is coming up.
Is it small independent questions you have to answer or do you have to build and deploy a whole complete network?
My exam date is coming and i need some focus points?
I Sean , Can you recommend getting lab access, or anything else ,helping to get better understanding in the environment rather then just HOLs, I am having visualising issues with HOL as I can’t build from scratch and getting the real image of the network .
What Can I do to help it out .
Hi Sean,
Am facing problem to remove one of my logical switch in my home NSX lab.
I have removed all the VM and LDR connection from the Logical switch but when i try to delete its telling”The object testty is in use, this operation cannot be performed. Remove all configuration referring to this object and retry operation.”
I am now stuck to proceed .Please help me to get rid off.
Is there any cli based command to delete that switch?
Thanks in advance
Hi Sean
Your blog was very useful for clearing my VCIX-NV Exam.
It helped in clear understanding of the concepts & it was very helpful.
Thanks to you.
Hello Sean,
Thanks for sharing your experience. could you please share the design of your lab with IP schema to simulate your environment.
You should make a PDF like Martijn Smit who runs lostdomain.org; that would be like really helpful.