You must provide a set of external services before you deploy the components of the VMware Validated Design. External Services Overview for Consolidated SDDCExternal services include Active Directory, DHCP, DNS, NTP, SMTP Mail Relay, FTP, and certificate services. VLANs, IP Subnets, and Application Virtual NetworksBefore you start deploying the SDDC, you must allocate VLANs and IP subnets to the different types of traffic in the SDDC, such as ESXi management, vSphere vMotion, and others. For application virtual networks, you must plan separate IP subnets for these networks. DNS NamesBefore you deploy the SDDC by following this validated design, you must create a DNS configuration of fully qualified domain names (FQDNs) and map them to the IP addresses of the management application nodes. Time SynchronizationSynchronized systems over NTP are essential for vCenter Single Sign-On certificate validity, and for the validity of other certificates. Consistent system clocks are critical for the proper operation of the components in the SDDC because in certain cases they rely on vCenter Single Sign-on. Active Directory Users and GroupsBefore you deploy and configure the SDDC in this validated design, you must provide a specific configuration of Active Directory users and groups. You use these users and groups for application login, for assigning roles in a tenant organization and for authentication in cross-application communication. Certificate ReplacementBefore you deploy the SDDC, you must configure a certificate authority and generate certificate files for the management products. According to this validated design you replace the default VMCA- or self-signed certificates of the SDDC management products with certificates that are signed by a Certificate Authority (CA) during deployment. Datastore RequirementsFor certain features of the SDDC components, such as backup and restore, log archiving and content library, you must provide NFS exports as storage. You must also provide a validated datastore to the shared edge and compute cluster for storing NSX Controller and edge instances and tenant workloads.