commvault.com commvault.com
Question

Software cache function in hardened environments

  • 21 May 2024
  • 1 reply
  • 33 views
C
Rank
Badge +5
  • Christo Commvault Certified Expert
  • Commvault Certified Expert
  • 5 replies

Hello,
 

I have an environment in which the commservers are separated on the domain and network side as well as on the hardware side from the clients to be secured (HW firewall, segmentation, backup domain, standalone ESXI for CV commservers etc). This means that no push installation from the commserve works. We had then installed clients with a software cache in the target domains, but now installing from them no longer works either. VMware NSX and other hardening measures were introduced.

Is there a description/process flow somewhere of how exactly the remote push installation works and what could be limiting it here? 

Does the client to be installed access the software cache via SMB or is the data sent there? 

Who makes the access via WMI/DCOM (Commserve, SoftwareCache Client) and can this be controlled? 

Thanks for information.

1 reply

A
Rank
Userlevel 6
Badge +14

Hello @Christo 
Thanks for the great question. 

In the scenario you have a new client that you want to add into the CS by push install but the CS cannot access this server at all you can use proxy servers and remote cache to achieve this. 

 

The following goes over all the requirements and methods: 

https://documentation.commvault.com/2023e/expert/prerequisites_for_installations_using_commcell_console.html

In you case it sounds like it was working and since adding the new hardening steps it no longer works. I recommend reviewing the documentation again to test each requirement. 

one thing that is not mentioned is how we move the packages from the remote cache to the client. that will be the standard RPC from the cache server pushing it to the client. 

 

Kind regards

Albert Williams

The best way to learn anything, is to question everything

Reply


Terms & ConditionsCookie settings