Environment: Master Server/Media Server version 7.7.3 RedHat v6.10
Clients have v22.214.171.124 installed RedHat v6.10
My employer wants us to either upgrade to a version of Netbackup that has a version of Java that does not have vulnerabilities or remove the embedded java from the client. Does the client software need the embedded java to properly be backed up by the Master Server? We do plan on upgrading to 126.96.36.199, 9.x is not an option at this point, but the Java in 188.8.131.52 is still considered buggy according to our Corp security group.
In later versions during upgrades/installs, you have the option to remove the JAVA GUI and JRE related files. I believe this started in 8.3.
The Java GUI and JRE packages are currently not installed on this host.
The Java GUI and JRE can be optionally included with NetBackup.
The Java GUI and JRE enable the Backup, Archive, and Restore (BAR) GUI.
Choose an option from the list below.
1) Include the Java GUI and JRE.
2) Exclude the Java GUI and JRE.
You're RedHat version is last supported/compatible for master/media/client in 184.108.40.206 as well.
To my knowledge java is not used, BUT it isn't supported and since v220.127.116.11 has been out of support for years, you will be all alone if something breaks.
Removing java from the clients mean users need to restore from the command line, or from the master server (not recommended).
If you're running an OS that old you have bigger problems than just the imbedded Java having security holes.Your security guys need to get off your back and start beating up the SAs for allowing an 11 year OS to still be deployed in production. The number of security vulnerabilities that have come out since RHEL v6 was released is staggering.
Tell them that once you've got a box with a new OS in your hands you'll be happy to close as many of NBU's security holes as you can with upgrades/patches, but that right now that's your holdup.