Security Connector download and deployment

In ETP, administrators download Enterprise Security Connector from the Security Connector page. An IT administrator must deploy the downloaded file or files as a virtual machine in your network. You can deploy Security Connector on VMware ESXi or Microsoft Hyper-V. For virtual machine requirements and an overview of the steps that are required to set up the security connector, see Setup and virtual machine requirements and Set up the security connector.

As part of the security connector setup process, you define how network traffic flows to and from the security connector. In addition to identifying the corporate DNS server or resolver, you also configure two network interfaces.

During the setup process, you configure the following:
  • Management interface. Defines where traffic flows for administering the VM, exporting logs, and performing other operations for the security connector. You can also configure the management interface through the web-based management page of the virtual machine (Web Console). To secure this interface, you may want to assign it to an isolated virtual local area network (VLAN) in your internal network that is not accessible to general users.

    For the DNS Forwarder, the management interface connects to the Internet and is responsible for resolving the request with ETP through DNS over TLS (DoT).

  • Data interface. For the Security Connector DNS sinkhole, the data interface defines where in your network malicious or suspicious traffic is directed. For the DNS forwarder, the data interface directs traffic to DNS Forwarder. This is the IP address of the DNS forwarder.
  • DNS name servers. Identifies the corporate DNS server or resolver.

After the security connector is configured with the network settings, you must activate it. ETP allows you to generate the one-time code that is required for activation. After the connector is configured and activated, it communicates with ETP. Information about the security connector connection is shown in ETP including the security connector's IP address and the status of the communication.