Hi Ravin_A,
Nothing has changed in the ports requirements for NetBackup 8. A link to the PDF:
https://www.veritas.com/content/support/en_US/doc/ka6j00000000A5ZAAU
The information you were referring to is the secure communications that was implemented from NetBackup 8. This uses TLS and certificates to ensure comm's between the Master and client are secure and encrypted - however it still uses the normal ports, no change there.
If you want your database backups to work, then yes you will need connectivity between the Master and Client. The section below is taken from the bottom of page 10 of the document I linked above:
The client requires access to the master server to initiate user and client-initiated operations such as application backups for Oracle and SQL Server. The client must also be able to connect to the media servers in the following
circumstances:
- If non-default connect options are configured for the client.
- When using the client-side de-duplication, the client must also be able to communicate with the following:
- All servers in a PureDisk Storage Pool, including the Storage Pool Authority (SPA), and Content Routers (CR).
If you cannot open the firewall and file-system backups are working for this client, you could do a database dump to flat files on disk and then backup from there. Not the best solution, but it would work. One of the other issues is, depending on how busy this Oracle system is - how often do you need to back up your redo logs?
If you really want a hot database backup, then you are going to have to open your firewall (or convince those in charge it is required). It can be restricted to only the DMZ clients, Master and Media server IP's. Even if you were using VMware SAN based backups, there is still some network comm's needed. The only other alternative is to put a Master and Media server in your DMZ to backup just the DMZ clients. A bit of overkill, but means you don't have to open your corporate network to the DMZ.
Hope this helps,
Steve