oVirt/RHV/OLVM ImageIO services - for data transfer
Node
oVirt/RHV/OLVM manager
54323/tcp
oVirt/RHV/OLVM ImageIO services - for data transfer
Citrix XenServer/xcp-ng
Note: all hosts in the pool must be defined
Single image (XVA-based)
Source
Destination
Ports
Description
Node
Hypervisor
443/tcp
API access (for data transfer management IP is used, unless transfer NIC parameter is configured in hypervisor details)
Changed-Block Tracking
Source
Destination
Ports
Description
Node
Hypervisor
443/tcp
API access (for data transfer management IP is used, unless transfer NIC parameter is configured in hypervisor details)
Node
Hypervisor
10809/tcp
NBD access (data transfer IP is returned by hypervisor)
Proxmox VE
Export storage repository
Source
Destination
Ports
Description
Node
Hypervisor
22/tcp
SSH access
Hypervisor
Node
If Node is hosting staging space: 111/tcp, 111/UDP, 2049/tcp, 2049/UDP, ports specified in /etc/sysconfig/nfs - variables MOUNTD_PORT (TCP and UDP), STATD_PORT (TCP and UDP), LOCKD_TCPPORT (TCP), LOCKD_UDPPORT (UDP), otherwise please check the documentation of your NFS storage provider
if staging space (export storage domain) is hosted on the Node - NFS access
Node and hypervisor
shared NFS storage
check the documentation of your NFS storage provider
if staging space (export storage domain) is hosted on the shared storage - NFS access
Kubernetes
Connection URL:https://API_HOST:6443
Source
Destination
Ports
Description
Node
Kubernetes API host
22/tcp
SSH access
Node
Kubernetes API host
6443/tcp
API access
Openshift
Connection URL:https://API_HOST:6443
Source
Destination
Ports
Description
Node
Kubernetes API host
6443/tcp
API access
Node
Openshift Workers
2049/tcp, 2049/udp
NFS connection
Openshift Workers
Node
2049/tcp, 2049/udp
NFS connection
Node
Openshift Workers
30000-32767/tcp
access to service exposed by Storware Backup & Recovery plugin
Hyper-V
Source
Destination
Ports
Description
Node
Storware Backup & Recovery Agent
50881/tcp for http connection, 50882/tcp for https connection
Storware Backup & Recovery Agent access and data transfer, firewall rules are added automatically during agent installation
Azure Stack HCI
Source
Destination
Ports
Description
Node
Storware Backup & Recovery Agent
50881/tcp for http connection, 50882/tcp for https connection
Storware Backup & Recovery Agent access and data transfer, firewall rules are added automatically during agent installation
SC//Platform
Export Storage Domain
Connection URL:https://MANAGER_HOST
Source
Destination
Ports
Description
Node
SC//Platform manager
443/tcp
API access
Node
SC//Platform hosts
445/tcp
SMB transfer
SC//Platform hosts
Node
445/tcp
SMB transfer
Disk Attachment
Connection URL:https://MANAGER_HOST
Source
Destination
Ports
Description
Node
SC//Platform manager
443/tcp
API access
Microsoft 365
Source
Destination
Ports
Description
Node
Microsoft 365
443/tcp
Microsoft 365 API access
You can find more detailed descriptions of Office 365 URLs and IP address ranges on this page.
To successfully synchronize M365 user account, it must fulfill following requirements:
has an email,
is not filtered by location, country or office location (user filter in UI),
field user type is set to Member,
has a license or is a shared mailbox.
OS Agent
Source
Destination
Ports
Description
OS Agent
Node
15900/tcp
Node - OS Agent communication
Security Requirements
User Permissions
User vprotect must be a member of group "disk".
Sudo privileges are required for the following commands:
Storware Backup & Recovery Node:
/usr/bin/targetcli
/usr/sbin/exportfs
/usr/sbin/kpartx
/usr/sbin/dmsetup
/usr/bin/qemu-nbd
/usr/bin/guestmount
/usr/bin/fusermount
/bin/mount
/bin/umount
/usr/sbin/parted
/usr/sbin/nbd-client
/usr/bin/tee
/opt/vprotect/scripts/vs/privileged.sh
/usr/bin/yum
/usr/sbin/mkfs.xfs
/usr/sbin/fstrim
/usr/sbin/xfs_growfs
/usr/bin/docker
/usr/bin/rbd
/usr/bin/chown
/usr/sbin/nvme
/bin/cp
/sbin/depmod
/usr/sbin/modprobe
/bin/bash
/usr/local/sbin/nbd-client
/bin/make
Storware Backup & Recovery server:
/opt/vprotect/scripts/application/vp_license.sh
/bin/umount
/bin/mount
SELinux
PERMISSIVE - currently it interferes with the mountable backups (file-level restore) mechanism. Optionally can be changed to ENFORCING if the file-level restore is not required.
