Solved

Air Gap Network Topology

  • 27 January 2021
  • 4 replies
  • 900 views

Badge +3

Commvault has some white papers and even a Hands on Lab regarding Ransomware and using Air Gap as a layer of protection.  There are also YouTube videos on the subject.  There is no official Commvault documentation regarding the subject.  Is this Air Gap intended for companies with public facing servers to utilize a DMZ proxy to copy data and configurations inside a firewall?  Should this be used within a private network?

icon

Best answer by MFasulo 27 January 2021, 20:14

View original

4 replies

Userlevel 6
Badge +12

Barefoot, Thank you for looking at that content (the PMs thank you!)  Both the whitepaper and HOL leverage a similar configuration.  As long as machine group 1 can talk outbound to machine group 2 and machine group 3 can talk outbound to machine group2 , the gap can be created (since machine group 2 are powered off).  This classically done on private networks, via VLANs or virtual networks, where the machine group 2 can talk to both.     

If you have any further questions let me know.

 

 

 

Badge +3

MFasulo,

Thanks for the reply and the information!  I’ll let my digital security team determine if they want to setup an Air Gap solution for Commvault.

 

Userlevel 6
Badge +12

MFasulo,

Thanks for the reply and the information!  I’ll let my digital security team determine if they want to setup an Air Gap solution for Commvault.

 

Sounds good.  If they have any questions or concerns let me know.  We can jump on a call.  

Badge +3

MFasulo,

What typically is protected in an air gap solution?  What distiguishes a set of data to be copied into the machine group 2 that is powered off?

Reply