Hardening Recommendations

Zerto recommends the following hardening steps to ensure the security and resilience of your Zerto solution:

1.

Access to the Zerto management server (the ZVM service host, or Zerto Cloud Appliance) should be limited to a minimal set of accounts.

2.

Unnecessary network services on the Zerto management server, such as SMB, should be disabled and blocked by a firewall.

3.

The Zerto management server should be patched regularly.

4.

The Zerto management server should not be used for other purposes. For example, unrelated web browsing.

5.

Network traffic to Zerto components should be restricted to the ports and endpoints described in this document.

6.

Network traffic between Zerto components should be as segregated from the rest of the network as possible. For example, a separate VLAN.