Veritas NetBackup™ Read This First Guide for Secure Communications
- How secure communication works with master server cluster nodes
- Communication failure scenarios
- Secure communication support for other hosts in NetBackup domain
How communication happens when a host cannot directly connect to the master server
In a demilitarized zone (DMZ), NetBackup clients may not be able to directly send requests (for certificate deployment and so on) to the master server. The HTTP tunnel on the media server is used to accept the web service requests sent by the client hosts and forward them to the master server. The configuration of the HTTP tunneling is automatic and no setup is required. The NetBackup client and the media server must be 8.1 or later for HTTP tunneling to work.
Irrespective of the certificate deployment security level that is set on the master server, you require an authorization token to deploy a host ID-based certificate on a host in a demilitarized zone.
For more information on clients in a DMZ, refer to the NetBackup Security and Encryption Guide.
https://www.veritas.com/support/en_US/doc-viewer.21733320-127424841-0.v125482382-127424841.html