Dell EMC PowerProtect DDVE in VMware Cloud 7.8 Installation and Administration Guide

Architecture overview

DDVE is a virtual deduplication appliance that provides data protection for entry, enterprise, and service provider environments.

The following diagram represents the architecture of the DDVE on VMware Cloud solution.

Legend:

1. To keep data traffic between DDVE and the S3 bucket within the AWS infrastructure, it is recommended that you create an S3 endpoint. The S3 endpoint keeps DDVE from depending on a NAT Gateway or Public IP address to access the S3 bucket.
2. To keep data transfers secure, Dell EMC recommends a VPN connection to replicate data from an on-premises host to DDVE in the cloud or the opposite way.
3. DDVE is categorized as a backend server. It must be kept in a private subnet with a private address. Never set a public IP address for DDVE.
4. The S3 bucket must be created in the same region where the DDVE is running. There must be a separate bucket for each DDVE.

5. All DDVE instances must be secured with the appropriate security group entries.

   Typically SSH (Port 22) or HTTPS (Port 443) is used for DDVE inbound access.

   HTTPS (443) must be allowed for outbound S3 bucket access for DDVE.

   TCP ports 2049 and 2051 are used for DD Boost and replication purposes.

   See the DDVE documentation for more information and for a complete list of ports.