Dell EMC PowerProtect DDVE on Google Cloud Platform 7.9 Installation and Administration Guide

Architecture overview

DDVE is a virtual deduplication appliance that provides data protection for entry, enterprise, and service provider environments.

The following diagram represents the architecture of the DDVE on Google Cloud Platform solution.

Legend:

1. To keep data traffic between DDVE and the bucket within the GCP infrastructure, Dell EMC recommends that you create Private Google Access. This configuration keeps DDVE from depending on a NAT Gateway or Public IP address to access the bucket.
2. To keep data transfers secure, Dell EMC recommends a VPN connection to replicate data from an on-premises host to DDVE in the cloud or the opposite way.
3. DDVE is categorized as a backend server. It must be kept in a private subnet with a private address. Never set a public IP address for DDVE.
4. Dell EMC recommends that you create the bucket in the region where the DDVE instance is running. Multiregional bucket is also supported and should be used if the user is in a location where no data center is available as a regional location. A separate bucket for each DDVE is required.

5. All DDVE instances must be secured with the appropriate security group entries.

   Typically SSH (Port 22) or HTTPS (Port 443) is used for DDVE inbound access.

   HTTPS (443) must be allowed for outbound bucket access for DDVE.

   TCP ports 2049 and 2051 are used for DD Boost and replication purposes.

   See the DDVE documentation for more information and for a complete list of ports.