Sample Question Intro
HOL: HOL-1703-SDC-1 – VMware NSX: Introduction and Feature Tour
Lab: Module 5 : Distributed Firewall
The security team has requested new rules to protect an externally-facing three-tier app.
VMware web client login: email@example.com / VMware1!
New rule group:
New traffic type:
Allow any external or internal system scan access the web servers for HTTPS or SSH traffic
Allow the web servers to access any system on the application network using the application port.
Allow any system on the application network to access any system on the database network for MySQL traffic.
1) Without creating a new object, ensure all traffic not covered by a firewall rule is denied.
2) Create a new object named “Web-Tier” to group the two web servers.
3) Create a new object for the application traffic so that rules are more readable.
4) Create the rules as described and group them as Customer DB-app.
5) Functionality can be tested using the Customer DB-App Direct Connect favorite in Chrome along with pinging between the app layers.