Loading...

RDS Protection Using Native Database Utilities Firewall

Applies to: Alibaba RDS, Azure Database, Google Cloud Database

When you use the Commvault software to perform logical dumps of an RDS database, you need to have a one-way firewall so that the on-premises CommServe and MediaAgent can communicate with the proxy server that resides in the cloud.

The following image shows the solution network overview.

The on-premises site contains the following components:

  • A CommServe computer (CS)
  • A MediaAgent (MA)
  • Virtual server client computers for the databases, for example Oracle.

The cloud contains a Commvault proxy server that communicates with the RDS databases.

To facilitate this communication, create the following client groups:

  • A client group that contains the MediaAgent and the CommServe computer.
  • A client group that contains the proxy server.

After you create the client groups, add the following two network topologies for the feature:

  1. Configuring a One-Way Network Topology for RDS Database Protection. This is a one-way firewall between the two client groups. When you create this topology, the MediaAgent and the CommServe computer can establish a connection with the proxy server.
  2. Configuring a Proxy Network Topology for RDS Database Protection. This is a proxy firewall that uses a proxy between a client group that contains the MediaAgent and the CommServe computer, and a client group that contains the client's databases. When you create this topology, the proxy server that resides in the cloud can establish a connection with the RDS databases.

Last modified: 9/4/2019 6:54:52 AM