+8I plan to replicate backup image to remote site. How to deploy real air gap in Azure & AWS? any best practice?
1, if I enable MA power management, hacker could logon Azure portal and power on the server
2, backup image save on Azure storage account, hacker could delete whole storage account/
+19+8Azure storage account provide “Data Protection” feature, like enable soft delete for container and blob, etc, what is best pracrice?
+19There were/are public cloud architecture guide for both Azure and AWS giving some guidance how to build well architectured Commvault infrastructures on AWS and Azure see for the latter:
+8could you guide which page list well architecture for Azure air gap on your link? couldn’t find it
+23Page 30 of the doc covers WORM (i.e immutable storage) that will prevent anyone from deleting data for the defined period.
Network based airgap solutions can be find on this page. Also consider that Commvault can write data directly to azure without a Media Agent in the cloud - which is also way more cost effective.
+8Thanks for your guide on the link. For the first option, we use Azure VWAN to connect two regions, how to connect server A to server B in two different region by Azure backbone?
Air gapping can be achieved by using one of the following methods:
Use VM power management to automatically shut down a MediaAgent virtual machine when not in use.
Create blackout windows on storage targets or network devices using scripts and workflows.
+19You connect server A to server B by routing the traffic through the Azure VWAN connection. As for your definition of air gapping.; well you can use power management to further reduce the chance of someone taking over the MA. Not sure what you are thinking to accomplish with a blackout window on a storage target or network device, but just take some time to read through the documentation and the information provided and otherwise please talk to your account team or get some assistance.
+5Here is a white paper that may offer some insight,
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
