Does anyone know why Zerto disables lockdown mode and SSH into my hosts everyday using root account?
This is a security violation I cannot explain to my security team as to why, when it shows up on an audit report. I have yet to locate any documentation with an explanation.
It does this to verify that the credentials are still valid, I suppose there are cases in which Zerto needs SSH access to the host (maybe when upgrading VRAs?).
Brian from Zerto here.
It’s the expected behavior for users to see firewall running tasks in the vCenter. Listed tasks: Open firewall ports Start service Change lockdown mode
Open firewall ports: In order to allow ZVM talk to hosts, the necessary ports need to be enabled.
Start service: Start the services in the host to allow hosts to become reachable.
Change lockdown mode: If you put the host into a lockdown mode, you can only connect and manage your hosts and your VMs through vCenter Server. Your connection is denied if you want to connect directly to the host via host client. Therefore, this behavior should disable the lockdown mode in order to allow ZVM directly talks to the hosts.
Was this helpful?