Menu Icon

Available Training Rooms


Course Details

  • Course Overview
  • Course Objective
  • Who Can Benefit
  • Prerequisites
  • Syllabus

Virtualization shows new opportunities for securing your data and systems. Virtualizing your data center frequently brings new challenges, requiring your IT staff to expect new, and in some cases unfamiliar, roles and responsibilities. This five-day course trains you how to use the VMware software-defined data center (SDDC) product portfolio and tools to better manage administrator access, harden your VMware vSphere® environment, and secure data at rest and in motion. This course additionally teaches about the end-user computing (EUC) security, as well as compliance and automation to enable you to ensure that your deployments align with your security policies.

By the end of the course, you should be able to meet the following objectives:

  • Define the concepts involved in securing an SDDC and protecting the data in the data center
  • Successfully manage vSphere administrator access to hosts and the VMware vCenter Server® system based on identified job roles and requirements
  • Apply security best practices of vSphere components based on organizational security policies
  • Successfully configure data protection for data at rest and data in motion
  • Effectively manage protection for server and desktop-class virtual machines, endpoints, and networks
  • Define VMware AirWatch® functionality to protect mobile computing and EUC deployments
  • Execute activity monitoring and logging, and explore relevant logs to meet compliance requirements
  • Effectively use VMware NSX® security groups, policies, and tags to automate deployment and security processes
  • Effectively use automation to respond to security-related events
Experienced system administrators
  • System integrators 
  • Cloud administrators
  • Operational developers

This class requires completion of any one of the following courses:

  •  VMware vSphere 6.x: Install, Configure, Manage
  •  VMware vSphere 6.x: Fast Track

An understanding of corporate or enterprise network implementations

  • Experience working at the command prompt and with scripting tools likes Windows PowerShell is highly recommended.

1. Course Introduction

Introductions and course logistics
Course objectives

2. Security Concepts

Key IT security principles for the SDDC
Differences between securing traditional infrastructures and virtual infrastructures
Identity and access management concepts for the SDDC
Methods to secure your virtual infrastructure components
EUC and mobile computing risks
Guest operating system access security
Hardening concepts and how they apply to virtual infrastructure components

3. vSphere Security Identity and Access Management

Role-based access control concepts for vSphere and View
Configuring role-based access control for ESXi, vCenter Server, and View
Configuring vSphere single sign-on for administrative access
Password hardening options
Configuring ESXi local user management and integration with Active Directory
ESXi security profiles and access to services

4. vSphere Hardening

ESXi host hardening
Implementing lockdown mode on ESXi hosts
Configuring ESXi host-based firewall settings
vCenter Server hardening
Tools to reduce infrastructure vulnerabilities
Implementing hardening best practices based on the vSphere Hardening Guide

5. Data Protection

Data encryption technology
Data-at-rest encryption options for server and desktop virtual machines
View endpoint protection best practices
Datastore security options
View PCoIP encryption
VMware Operating System Optimization Tool for desktop and server virtual machines
Introducing VMware AirWatch for mobile and desktop security
VMware AirWatch and VMware NSX integration
Configuring vSphere security certificate management using VMware Certificate Authority and VMware Endpoint Certificate services
Using the Certificate Automation Tool to manage vSphere certificates
Establishing and using an IPsec VPN
Using the VMware Endpoint Certificate Store

6. Network Security

Managing network data in an SDDC
Security policies and settings of vSphere switches
Configuring vSphere advanced security features for distributed switches
Using the VMware NSX distributed firewall and distributed router to implement microsegmentation
Protecting and managing north-south traffic with VMware NSX® Edge™ services gateway and physical firewalls
Managing access to the vSphere management network
Using VMware NSX® Virtual Switch™ features to implement network security
Designing clusters and racks to minimize vulnerabilities
Limiting access to vSphere management networks
Hardening network infrastructure components

7. Virtual Machine, Mobility, and Application Protection

Securing virtual machine guest operating systems
Mobile device security with VMware AirWatch
Using VMware NSX with Service Composer for Endpoint Protection
Using distributed firewalls and microsegmentation to isolate and protect virtual machines
Using VMware NSX identity-based firewalls to control network traffic based on Active Directory user IDs
Additional VMware NSX functionality using integration with third-party solutions

8. Data Center Monitoring and Compliance

Using vRealize Log Insight to identify and analyze security-related log entries
Implementing a distributed logging environment
vRealize Configuration Manager compliance checkers
vRealize Configuration Manager compliance monitoring

9. Automating Data Center Security

Using VMware functions and tools to enforce consistent organizational security policies during infrastructure deployment
Automating responses to security events
Implementing security automation with security groups, security policies, and security tags
Automatically applying security settings to newly provisioned virtual machines based on VMware NSX security policies



Public Program Schedule

Course Name Duration Brochure Location Schedule Enroll
There is no upcoming Public Batch Schedule, you can ask for Private Batch or for On-Demand Learning

Download the syllabus


The highest standard, The happiest learners

Our Enterprise Clients


  • If I have a VCA level certification, do I still have to take the required course for the VCP level ?
  • How do I redeem VMware Training and Consulting Credits?
  • What are the class room timings?
  • How does a live-online class differ from a standard classroom delivery?
  • When and where can I write exam? What is validity of exam voucher?
  • Who would be the trainer?
  • What do I get as part of training and is the training practical?
  • How do I pay?
  • What are your cancellation & refund policy?

Yes. VCA certification does not count towards the VCP requirements. You will still need to complete a qualifying course and pass the relevant exam(s).

VMware Consulting and Training Credits are pre-paid services dollars which can be redeemed for any combination of VMware packaged consulting, custom consulting or training. Credits provide customers with the flexibility to allocate budget for services and use the services when needed. To redeem credits for education classes, follow the standard registration process. When the payment question comes up, select pay with PSO credits. More information will be provided by contacting our representative.

Class timings are 9:30 am to 5:30 pm(IST)

Our live online classes are conducted in the same manner as our classroom classes, using the same manuals and lab equipment. Just as in our classroom classes, each online student is assigned a set of remote lab equipment including an ESXi host and various pre-configured Virtual machines, as the specific class they are attending requires. The students connect to the lab environment using Microsoft’s Remote Display Protocol (RDP) in order to perform the lab exercises. The vast majority of our online students find the class experience equivalent to or better than a classroom delivered class.

Exams can be taken in any PearsonVUE centres in India. Validity is 1 year from date of purchase.

All our trainers are VMware Certified Instructors. Our representatives will share the trainer profile once you start interacting with them.

Class will be 50:50 mixture of theory and practical. You will get class id, labs soft copy of courseware and participation certificate from VMware.

We accept all modes of payment. If you are being nominated by your organization, your organization need to release PO before the course start date. If you are an individual you can pay through credit / debit cards, online transfer (RTGS/NEFT) to our account 7 days prior to the course start date

  • In a highly unlikely event of cancellation of batch from our end, we shall refund 100% that is paid by you. If client choose to cancel for any reasons, below is the terms
  • If you cancel or reschedule your registration 5 or more calendar days before the scheduled start date of the class – No cancellation charges
  • If you cancel or reschedule your registration less than 5 calendar days before the scheduled start date of the class – cancellation charges 100% of the course fee
  • If you do not show up for the event, or cancel on the day of the event - cancellation charges 100% of the course fee

Other Related Courses

Related courses will be updated soon...