You can configure the Azure ExpressRoute circuit and Azure Private Link (Private Endpoint) for Air Gap Protect.
Configuring Azure ExpressRoute
As the ExpressRoute is completely transparent to Air Gap Protect, no additional approval or configuration is required for Air Gap Protect. (For information about configuring the Azure ExpressRoute circuit, see https://docs.microsoft.com/en-ca/azure/expressroute/expressroute-howto-circuit-portal-resource-manager.)
Configuring Azure Private Link (Private Endpoint)
-
Configure Air Gap Protect in Commvault software. For more information, see Configuring Air Gap Protect.
-
Contact Commvault Customer Support and obtain a Storage Resource ID. You can contact CommvaultCustomer Support by logging a ticket in the Maintenance Advantage Customer Support Portal.
-
Create a Private Endpoint using the Storage Resource ID in your own Azure subscription. For more information, see Create a private endpoint.
-
Contact Commvault Customer Support and provide the name of the Private Endpoint that you created, to request approval.
-
Once the Private Endpoint is approved, verify that the value for the CONNECTION STATE for the endpoint is displayed as Approved.
-
Update your DNS server to resolve your storage account endpoint to the Private Link's IP address.
Notes
-
To obtain the storage account endpoint, see Obtaining the Storage Account Name.
-
The network policy must be disabled for the subnet containing the Private Endpoint. Specifically, the following subnet properties must be disabled:
-
privateLinkServiceNetworkPolicies: Disabled
-
privateEndpointNetworkPolicies: Disabled
-
-