[Veritas-bu] firewall between master and media servers

I'm going to get back on my Firewall soap box.

I don't think running NetBackup across a firewall is an inefficient and
insecure way of backing up.  What seems to work better, and the customers
I've set this up with seem to agree, is having a master on both sides of the
firewall sharing the same robot.

Since you can run Media Manager independent of NetBackup, I say set up two
Media Manger servers, one as the robot control host and volume Database
host, and the other as a slave owing a driver in the robot controlled by
server A.

Now have NetBackup set up as a master on both nodes, now you have a master
on both sides of your firewall, and still one storage of tapes.  Now all you
need are two ports to communicate through the firewall.  One for VMD to
manage tape assignments, and one for tldd, or tl8d or whatever to control
the robot, there may be one more but I'm not positive right now.

This reduces security holes, and makes backups and restores easier.

Just my opinion, but I've been known to have my head up my A** =)

Bob

-----Original Message-----
From: Ian M Terry [mailto:ITerry AT cyberdialogue DOT com]
Sent: Wednesday, February 14, 2001 1:26 PM
To: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] firewall between master and media servers



thanks to all - NAT was the evil villain.  all is rockin now!  just had to
adjust a few firewall rules and disable NATing here and there.

-ian

---++---++---++-
Ian Terry x7024
Systems Administrator
Cyber Dialogue
---++---++---++-

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu