BackupExec and security policy - need advice

cancel
Showing results for 
Search instead for 
Did you mean: 

BackupExec and security policy - need advice

L4 Transporter

Hi

I'm using Symantec BackupExec 2010 sp3 software. I trye'd to make strict security rules, so security rule that allowing traffic between BE server and servers in DMZ allowing only traffic for backupexec aplications with aplication defaults services.

But this rule was wrong ()backups always failed), I changed aplication defaults port to ANY and for few days it worked.

Today I saw in BE logs error connecting to servers in DMZ. In traffic log I had NDMP traffic denied, so I added to security policy NDMP aplications (I still leave ANY as a services)

I lunched backup and I saw in traffic logs only backupexec as a aplication on two ports 10000 (NDMP) and another one (but its dynamic)

2013-11-21_120649.png

According to Applipedia backupexec uses Standard Ports: tcp/dynamic

In my opinion something is wrong. NDMP should be marked as dependent aplication when you commit or backupexec aplication should allow ndmp traffic by themself.

If I'm wrong please expleain me how it works.

Regards

Slawek

0 REPLIES 0
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!