Veritas NetBackup™ 8.0 Security and Encryption Guide
- Increasing NetBackup security
- Security deployment models
- Port security
- About NetBackup daemons, ports, and communication
- Additional port information for products that interoperate with NetBackup
- About configuring ports
- Auditing NetBackup operations
- Configuring Enhanced Auditing
- Access control security
- NetBackup Access Control Security (NBAC)
- Configuring NetBackup Access Control (NBAC)
- Configuring Access Control host properties for the master and media server
- Access Control host properties dialog for the client
- Troubleshooting Access Management
- Windows verification points
- UNIX verification points
- Verification points in a mixed environment with a UNIX master server
- Verification points in a mixed environment with a Windows master server
- About determining who can access NetBackup
- Viewing specific user permissions for NetBackup user groups
- Security certificates in NetBackup
- Overview of security certificates in NetBackup
- About the Security Management utilities
- About host name-based certificates
- About host ID-based certificates
- Using the Certificate Management utility to issue and deploy host ID-based certificates
- About certificate deployment security levels
- Setting up trust with the master server (Certificate Authority)
- About reissuing host ID-based certificates
- About Token Management for host ID-based certificates
- About revoking host ID-based certificates
- Security certificate deployment in a clustered NetBackup setup
- About deployment of a host ID-based certificate on a clustered NetBackup host
- About deploying a new host ID-based certificate
- Data at rest encryption security
- About NetBackup client encryption
- Configuring standard encryption on clients
- About configuring standard encryption from the server
- Configuring legacy encryption on clients
- About configuring legacy encryption from the client
- About configuring legacy encryption from the server
- Additional legacy key file security for UNIX clients
- Data at rest key management
- About the Key Management Service (KMS)
- Installing KMS
- Configuring KMS
- About key groups and key records
- Overview of key record states
- Configuring NetBackup to work with KMS
- About using KMS for encryption
- KMS database constituents
- Command line interface (CLI) commands
- About exporting and importing keys from the KMS database
- Troubleshooting KMS
Standard NetBackup ports
Table: List of daemons and ports used in a standard NetBackup environment shows the standard ports in a NetBackup environment. Some daemons are associated only with add-on products. The Notes column indicates the products that use the daemon.
Table: List of daemons and ports used in a standard NetBackup environment
Source | Port name and/or number | Destination | Notes |
---|---|---|---|
NetBackup master server | VNETD / 13724 | NetBackup master server, media server, or client | Network daemon, VNETD. |
NetBackup media server | VNETD / 13724 | NetBackup master server, media server, or client | Network daemon, VNETD. |
Client | VNETD / 13724 | NetBackup master server | Network daemon, VNETD. |
NetBackup master server | veritas_pbx 1556 | NetBackup master server, media server, or client | Veritas private branch exchange service, VxPBX. |
NetBackup media server | veritas_pbx 1556 | NetBackup master server, media server, or client | Veritas private branch exchange service, VxPBX. |
Client | veritas_pbx 1556 | NetBackup master server | Veritas private branch exchange service, VxPBX. |
NetBackup master server, media server, or client | 13783 | NetBackup master server | NetBackup authentication service, VxAT. In the case of NetBackup versions that are older than 7.1, the nbatd process listens on the port 13783 for back-level media servers and clients. NetBackup hosts of version 7.1 and later connect using the PBX port. |
NetBackup master server or media server | 13722 | NetBackup master server | NetBackup Authorization Service, VxAZ. In the case of NetBackup versions that are older than 7.1, the nbazd process listens on the port 13722 for back-level media servers and clients. NetBackup hosts of version 7.1 and later connect using the PBX port. |
In a NetBackup environment, the source port number for connections to the well-known destination port numbers (provided in the table) is always derived from the source component's client port window or the client reserved port window. A typical NetBackup environment uses additional daemons and ports as described in the following topics: