Introduction
On a modern operating systems, it is likely that some form of threat management system is installed. While in the past, only antivirus and port/application-based firewall solutions were common on hosts, intrusion prevention systems (IPS) are increasingly becoming the norm. These can perform traffic and behaviour analysis, and block suspicious activity.
To a threat management system, the BackupVault ESE client software behaviour can sometimes appear suspicious. If not excluded from threat management system monitoring, these applications can prevent BackupVault ESE from backing up successfully.
Below are some of the errors, warnings, and events from the logs that indicate an AV/firewall issue:
- Could not connect to the Storage Platform
- Failed to save properties file…
- Could not update session settings
- Could not send layout file to StorageServer
- Unable to open remote tunnel connection:…
- Problem with sending backup data for …:
- Backup data response for …: terminated unexpectedly
Installation folders to exclude
- C:\Program Files\BackupVault\ and all sub folders
- C:\ProgramData\BackupVault\ and all sub folders
- C:\Program Files\Redstor Pro\Backup Client ESE\ and all subfolders
- C:\ProgramData\Redstor Pro\ and subfolders
Processes to exclude
- C:\Program Files\BackupVault\Backup Client ESE\a5backup64.exe
- C:\Program Files\BackupVault\Backup Client ESE\SERunner.exe
- C:\Program Files\BackupVault\Backup Client ESE\a5Loader.exe
- C:\Program Files\Redstor Pro\Backup Client ESE\a5backup64.exe
- C:\Program Files\Redstor Pro\Backup Client ESE\a5Loader.exe
- C:\Program Files\Redstor Pro\Backup Client ESE\backupprocli.exe
- Javaw.exe (Launched by SERunner.exe process)
IP Ranges
- 91.224.152.0/24:443
- 91.224.153.0/24:443
- 154.41.210.0/24:443
- 217.158.243.0/24:443
- 80.168.40.0/24:443
All data is transmitted securely over SSL and exclusively using port 443. The roles of IP addresses may change so it is recommended to allow the entirety of both ranges to ensure maximum service availability.
TCP ports to exclude
The other ports used by the Backup Client are randomly selected, but can be manually specified in the a5backup.properties file:
- service.rpc-server.localhost.port=port number 1-65535
- service.rmi.port=port number 1-65535
- service.port=port number 1-65535
The ports must be unique, and not clash with any existing services. Ensure the GUI is closed and that the service is stopped before editing the file.