This section describes the approach to deploy a new TCA Airgap appliance to the private network and synchronize the artifacts data from another TCA Airgap appliance which was mirrored with the needed artifacts data on the internet.
In this topology, one TCA Airgap appliance is deployed to the public network or DMZ where it can access internet. You need to configure your firewall or proxy to allow the TCA Airgap appliance to communicate with the the sites containing the artifacts data. For more information about the whitelist, see Synchronizing artifacts data from Broadcom official websites. This TCA Airgap appliance is always located on the public network to synchronize the artifacts data on demand.
You can deploy one or more TCA Airgap appliances to their private networks to serve their TCA systems. The TCA appliance wired to a private network cannot communicate to the internet but must be allowed to communicate to the TCA Airgap appliance deployed on the public network to mirror its artifacts data.
Prerequisites
A public virtual network with north-bound firewall configured to allow accessing the official sites serving for artifacts data downloading.
A private virtual network with internal firewall configured to allow accessing the TCA Airgap appliance port 443 and 8043 on the public network.