To ensure our servers are only accepting connections using secure cryptographic protocols we often need to restrict which protocols are enabled on a server. NSX-T manager appliances include TLSv1.1 and TLSv1.2 enabled by default. This article will walk you through confirming what TLS protocols are enabled as well as how to disable TLS protocol versions to harden your deployment.
We are going to walk through how to successfully configure automatic SFTP backups of our NSX-T manager as well as walk through the folder structure created during each backup and what log messages are generated so you can spot key phases of the backup being passed so you can narrow your troubleshooting if a backup failure occurs. Finally, we will walk through how to automate the cleanup of old backup files.
We are going to walk through configuring an Ubuntu 18.04 LTS server with a dedicated service account to be used for backing up your NSX-T appliances.
An Uplink Profile defines how an N-VDS residing on a respective transport node will map to the physical NICs of a host. The configurable properties of an uplink profile determines how transport nodes connect to the physical network by configuring the number of NICs, teaming policies, VLANs and MTU.
The benefit of creating a custom uplink policy allows you to configure the desired state once and enforce that desired state everywhere. Thus, creating a consistent and reliable deployment.
Transport zones determine which hosts and by extension which virtual machines can use a particular segment (network). Hosts get added to transport zones. When a host is a member of a transport zone it can “see” all the segments that were created under that transport zone. A transport zone can span multiple clusters however, segments cannot span multiple transport zones.
Transport node profiles ensure a consistent, reliable deployment of transport nodes within your infrastructure. We will walk through the configuration of a transport node profile from start to finish.
We are going to walk through the preparation of our ESXi hosts to become Transport Nodes. Once complete, we will be able to start applying NSX-T features and policies to your data center deployment.
We walk through how to deploy the OVF of the NSX-T manager using the OVF wizard from within vCenter server.
CLOUDbyteSECURITY 