+13
Hello Team,
In case of VMware backup in a HPE StoreOnce (backup repository), I’m wondering what’s the recommended method to deploy the MediaAgent. Be physical or virtual?
In case of virtual, I see the advantage to configure VM backups with hotadd.
In case of physical, probably you have more security & reliability, but still looking for best practice.
Please for your feedback,
Nikos
Hello
Commvault is agnostic to whether the MediaAgent is physical or virtual. It all depends on your preferences and how you want to deploy your environment.
Thank you,
Collin
+23
It might depend on how you have your storeonce configured. I know it has FC capability which could work under a VM, but personally I’d steer away from FC passthrough or virtualization for this use case. I think in all other scenarios you are free to choose between physical or VM.
+13
Hello both
Is true that Commvault is agnostic to physical or virtual for MA’s, but what you prefer in this StoreOnce scenario?
In case of physical, are you going to have more security, because MA will be outside of VMware farm?
Thank you in advance,
Nikos
Hello
There are many aspects to something being “secure” so I would need clarification of what you are referring to. In general, there is no difference between a Physical and Virtual MediaAgents. Security is generally determined by your environment and how everything is setup, with the addition of Network restrictions and Antivirus. A MediaAgent being Physical does not inherently make it more secure than a Virtual MediaAgent or vice-versa.
Thank you,
Collin
+13
Dear
Thanks for your reply.
I totally understand and agree with you, but my concern about “security” is if MA is VM, in case of a attack in the VMware environment, is going to affected from the first moment.
But on the contrary, in the case that ΜΑ it is physical, I assume will be much difficult to compromised.
Best regards,
Nikos
Hello
I am not familiar enough with the setup and security aspects of ESXi to advise you if “simply being virtual” is less secure than being physical. It would all depend on how your environment is configured, if the servers are in a DMZ or not, how open to the internet your environment is, if the Commvault infrastructure is in an isolated network that only other Commvault machines can talk to, etc… Also there are other points of entry such as network shares where a machine can get infected and then infect your MediaAgent through the network share if it lacking proper security measures.
Personally I would be more concerned with the way the Environment is setup and implemented rather than if the MediaAgent is physical or virtual since the virus or ransomware has to get into your environment in the first place.
Thank you,
Collin
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
