Network Topologies - Commvault Command Center

Network topologies provide a simplified template to deploy network route configurations to CommCell^® components. There are three network topology groups to configure: One-Way, Two-Way, or Network Gateway. Once the simplified topology is configured, advanced network route settings remain available at the client group and client levels to further configure settings if desired.

To use network typologies, client computers groups must be created first.

Network topologies for client computer groups:

For One-Way Network Topology

• Servers
• DMZ Servers

For Two-Way Network Topology

• Servers
• Infrastructure Machines

For Proxy Network Topology

• Servers
• Infrastructure Machines
• DMZ Gateways

One-Way Network Topology Groups

• Servers – The clients in the Servers group can be the CommServe server, MediaAgents, or client components. By default, there is a system created computer group called Infrastructure that can be leveraged for network topologies. When creating a network topology, the Servers group has restricted communication on a specific port with the DMZ Servers group.

• DMZ Servers – These are the systems located in the untrusted networks, such as the DMZ. When implementing the network topology, the DMZ Servers group has blocked communication with the Servers group.

One-Way Network topology client computer groups

Two-Way Firewall Topology Groups

• Servers – These are the systems on the first side of the firewall. When implementing the network topology, the Servers group has restricted communication on a specific port with the Infrastructure Machines group.
• Infrastructure Machines – The clients in the Servers group can be the CommServe server, MediaAgents, or client components. When implementing the network topology, the Infrastructure Machines group has restricted communication on a specific port with the Servers group.

Two-Way Network topology client computer groups

Network Gateway Topology Groups

• Servers – These are the clients that are using the proxy to reach the Infrastructure Machines group on the internal network. It has restricted communication on a specific port with the DMZ Gateway Group but has blocked communication with the Infrastructure Machines group.
• Infrastructure Machines – These are your CommCell^® components such as the CommServe^® server and the MediaAgents. By default, there is a system created computer group called Infrastructure that can be leveraged for network topologies. When creating a network topology, the Infrastructure Machines group has restricted communication on a specific port with the DMZ Gateways group but has blocked communication with the the Servers group.
• DMZ Gateways – These are the systems that acts as gateways in the DMZ to relay any communication between the Servers group and the Infrastructure Machines group. When creating a network topology, the DMZ Gateways group has blocked communication with both the Servers and Infrastructure Machines groups. By default, there is a system created Proxy Clients group. Any system that are defined to act as network gateways are automatically associated with this group.

Proxy Network topology client computer groups

Configure a Network Topology

Before configuring a topology, create the required server groups if needed. You can then launch the network topology configuration wizard.

Automatic Tunneling

Since service pack 15, the network configuration is easier than ever. The Commvault^® components communicate using the traditional communication port and dynamic ports. If the system notices that the dynamic ports are blocked and therefore unavailable, it automatically encapsulates data transfers through a tunnel port. There is no need to configure any network topologies in Commvault^® software.

The only requirement is that the communication port (8400) and tunnel port (8403) are opened and accessible between the components.

Automatic tunneling requirements