Online Backup - Firewall Configuration
- Online Backup Media Presentations
- What is Online Backup
- Online Backup & Firewalls
- Online Backup Data Encryption
- Online Backup e-Notifications
- Restore File System Backups
- Online Backup Installation & Small Business Server2003
- Online Backup Microsoft Exchange Server
- Online Backup for Exchange, Lotus Notes and Novell GroupWise (Brick Level)
- Online Backup for Microsoft SQL Server
- Online Backup for Oracle Database Server
- Online Backup for Netware
- Migrate Service from MSDE to SQL 2005
- Online Backup - Service Account Logon
- Online Backup - Bare Metal Restore
Online Backup - Firewall Configuration
In order to operate successfully, SecuriData's online backup software needs to establish a connection to SecuriData's online backup datacenter.
If your business has a firewall installed and configured, you need to allow access to ports 4401 & 4403 TCP & UDP.
Online Backup - Client Firewall Configuration
In a standard firewall configuration there is an inside network interface (i.e. your LAN with SecuriData’s Online Backup Software) and an outside network interface (i.e. the Internet or WAN). The inside network is considered to be 'trusted', while the outside network is not.
Connections with SecuriData’s online backup datacenter are always initiated by SecuriData’s Online Backup Software residing on the customers server or LAN (SecuriData’s Datacenter never initiates a connection to the customer’s site) Therefore, you must allow port 4401 for the TCP protocol for the inside network interface.
If you do not use DHCP for the SecuriData Online Backup host computer, you have additional flexibility:
- You can specify in the firewall that only the SecuriData Online Backup host computer's IP address can use port 4401.
- Depending on your firewall's configuration, you may even be able to set up a range of IP addresses.
Transparency
1. Most default firewall configurations provide transparency for users inside your firewall, but not for the users outside the wall. SecuriData’s Online Backup needs transparency for the connection with SecuriData’s datacenter. Therefore, you must either set transparency ON for the internal network interface or allow the connection on port 4401 to be transparent. This will depend on the type of firewall you are using.
2. There is no need for transparency on the outside network interface.
Ports
1. The basic configuration required to setup your firewall for SecuriData’s Online Backup activities (backup/restore) is to allow port 4401 for the TCP protocol.
Monitoring the SecuriData’s Online Backup with the Java (GUI) from an outside connection:
1. You must allow port 4403 (TCP and UDP) in addition to port 4401.
2. If SecuriData’s Online Backup host computer has more than one network interface (assuming the SecuriData’s Online Backup computer is running Windows NT / 2000 / XP / Server 2003, Small Business Server 2003) and has default gateways on each interface, then you must modify the routing table manually to include the network from which the SecuriData online backup host machine is connecting.
Conclusion
To summarize - if you want full control of the SecuriData’s Online Backup user interface from the GUI, enable port 4401 (TCP) with transparency, as well as enabling port 4403 (TCP and UDP).