This is estimated to be a 3-4 month project, onsite in the United States. We can discuss reimbursement for travel and expenses. The weeks may not all be consecutive - likely will be some gaps. During gaps engineer may travel back home.
May also have the option to only have the first 2-weeks onsite in the United States - with the rest remotely.
1. Deploy NSX-T Environment
- Deploy NSX Manager in High Availability mode
- Deploy controllers & edge nodes/clusters as required
- Install NSX VIBs on all ESXi hosts
- Configure Compute manager for NSX
- Configure initial Security Groups
2. NSX Distributed Firewall Rule & Application Discovery
- Review current virtual machines and applications
- Identify Applications and application owners
- Identify common application types and create Service Groups
- Work with customer teams to discover initial set of firewall rules requirements
3. Deploy defined rule set for Security Groups
- Working with customer teams, develop initial rule set for each security group
- Deploy rules for Security Groups with allow all at the end & logging
4. Review of Security Group Access
- Review "allow all" traffic logs two weeks after deployment in #3 and adjust rules
- Perform a 2nd review of "allow all" traffic two weeks after adjustment - and adust again as required
- Change final "allow all" rule to deny all and monitor/remediation issues as required
5. Documentation of environment. Training of customer technical staff on NSX administration.