Servers

The EDRM/EDR management server with 16 GB RAM, 4 CPUs, disk size 250 GB, and a single NIC

The EDRC controller server with 8 GB RAM, 4 CPUs, disk size 50 GB disk, and a single NIC

Both servers (EDRM/EDR and EDRC) should be located on the DR location of a testing environment

The latest VMware VM tools must be installed on both servers and assigned a static IP

Servers must have a single NIC only

The correct time zone should be set for both servers

Both servers should be joined to a domain

Credentials

Domain account which is the local administrator on both EDRM/EDR and EDRC servers

VMware Credentials

Our best practice is to use a single AD account that has administrator rights inside the VMware environment. In case your company policy doesn’t allow you to use the same AD account inside the VMware environment with administrator privilege, you can create a dedicated VMware account from VMware vCenter Web UI

Networking

Bubble network configured on target ESXi host isolated from production environment, if target is cluster and has multiple hosts, physical or VLAN should close connection between them in bubble like VMware DVSWITCH or close VLAN on physical switch with no gateway so VMs can communicate with each other between hosts in a cramped disaster recovery environment

Firewall

For each EDR-Runner to be able to communicate with the EDRM, the outbound side of port 5876 needs to be opened (so EDRM could communicate with it). Each EDR-Runner has the standalone EDR client installed, so it should also be able to communicate (outgoing from the EDR-Runner machine to the relevant machine) with the Replication vendors, the VMWare Virtual Center and the machines to be tested in the EDR needed ports (80,135,443,445,1433, LDAP port, and ICMP port).

For each EDR-Runner, you need also to be able to outbound communicate with the EDRM DB on port 5432.

The EDRM machine itself should have inbound rules for 5432, 5876, and 443 for accessing the web application.

It is recommended to also open outbound port of 9200 from EDRM to support Cloud Logs gathering – for remote support purposes (this is not mandatory)

SMTP port should be open for the reporting from the EDRM server to the local mail server. Usually, the SMTP port number is 25 but can be different. Please ask your mail administrator for the correct port number

Anti-Virus

If you have Anti-Virus running inside the EnsureDR management server, add an exclusion for:

• API.exe
• edr_service.exe
• EDRC_E2.exe
• EDRMS.exe
• EDRRunner.exe
• EnsureDR.exe

Reporting mail

SMTP mail service available for the EnsureDR server to send the report via mail such as local exchange or Office365/Gmail

Supported data movers

• Azure ASR - on-prem to Azure (Rollup 50)

• Carbonite Replication, Double-Take (version 7 – 8.4)

• Cohesity (version 6.5)

• EMC RecoverPoint for VM (version 5 and above)

• NetApp with NFS/ISCSI/Fiber Channel (ONTAP version 9 and above)

• Rubrik (version 5.2 and above)

• Veeam Replication/Backup (version 11.0)

• Veeam SQL only (version 10.0)

• VMware SRM. Storage Replication or vSphere Replication (version 5 - 8.3)

• Zerto (version 5 - 8)

• Zerto Azure to Azure and on-prem to Azure (version 8)

Supported Browser

Google Chrome

UAC

Users Access Control should be disabled on both servers. If you have GPO which sets it back, please remove this EDRM/EDR and EDRC servers from that domain group policy.