2. EnsureDR Prerequisites

EnsureDR Prerequisites


To make EnsureDR works correctly, there are some prerequisites to set up in advance.



The EDRM/EDR management server with 16 GB RAM, 4 CPUs, disk size 250 GB, and a single NIC.

The EDRC controller server with 8 GB RAM, 4 CPUs, disk size 50 GB disk, and a single NIC.

Both servers (EDRM/EDR and EDRC) should be located on the DR location of a testing environment.

The latest VMware VM tools must be installed on both servers and assigned a static IP.

Servers must have a single NIC only.

The correct time zone should be set for both servers.

Both servers should be joined to a domain.


Domain account which is the local administrator on both EDRM/EDR and EDRC servers.

VMware Credentials

Our best practice is to use a single AD account that has administrator rights inside the VMware environment. In case your company policy doesn’t allow you to use the same AD account inside the VMware environment with administrator privileges, you can create a dedicated VMware account from VMware vCenter Web UI.


Bubble network configured on target ESXi host isolated from the production environment. If the target is a cluster and has multiple hosts, a physical or VLAN that can close the connection between them in the bubble such as VMware DVSWITCH or close the VLAN on a physical switch with no Gateway so VMs can communicate with each other between hosts in a close the DR environment.


For each EDR-Runner to be able to communicate with the EDRM, the outbound side of port 5876 needs to be opened (so EDRM can communicate with it). Each EDR-Runner has the standalone EDR client installed, so it should also be able to communicate (outgoing from the EDR-Runner machine to the relevant machine) with the Replication vendors, the VMWare Virtual Center, and the machines to be tested in the EDR needed ports (80, 135, 443, 445, 1433, LDAP port, and ICMP port).

For each EDR-Runner, you need to also be able to communicate outbound with the EDRM DB on port 5432.

The EDRM machine itself should have inbound rules for 5432, 5876, and 443 for accessing the web application.

It is recommended to also open the outbound portion of 9200 from EDRM to support Cloud Logs gathering – for remote support purposes (this is not mandatory).

SMTP port should be open for the reporting from the EDRM server to the local mail server. Usually, the SMTP port number is 25, but it can be different. Please ask your mail administrator for the correct port number.


If you have Anti-Virus software running inside the EnsureDR management server, add an exclusion for:

  • API.exe
  • edr_service.exe
  • EDRC_E2.exe
  • EDRMS.exe
  • EDRRunner.exe
  • EnsureDR.exe

Reporting Mail

SMTP mail service available for the EnsureDR server to send the report via mail such as local exchange or Office365/Gmail.

Supported Data Movers

• Zerto (version 5 - 8)

• Zerto Azure to Azure and on-prem to Azure (version 8)

• VMware SRM. Storage Replication or vSphere Replication (version 5 - 8.13)

• Carbonite Replication, Double-Take (version 7 – 8.4)

• Netapp with NFS/ISCSI/Fiber Channel (ontap version 9 and above)

• EMC RecoverPoint for VM (version 5 and above)

• Veeam Replication/Backup (version 11.0)

• Veeam SQL only (version 10.0)

• Cohesity (version 6.5)

• Azure ASR - on-prem to Azure (Rollup 50)

• Rubrik (version 5.2 and above)

Supported Browser

Google Chrome


Users Access Control should be disabled on both servers. If you have GPO which sets it back, please remove this EDRM/EDR and EDRC servers from that domain group policy.


For more information please take a look at the article https://support.ensuredr.com/176217-Prerequisite-Requirements-to-Install-EnsureDR-4070-