Akamai Technologies
  • Product docs
  • API docs
  • Release notes
  • Community
Enterprise Security Connector>Set up the security connector>Deploy Security Connector
Enterprise Threat Protector Help
  • Welcome to Enterprise Threat Protector
  • Let's configure ETP for your enterprise
  • Log in to ETP
  • ETP Status page
  • Enterprise Center
    • Enterprise Center dashboard
      • Predefined dashboards
      • Widget catalog
      • Dashboard dimensions
      • Add a dashboard
      • Create a widget
      • Edit a widget
      • Clone a dashboard
      • Copy the URL of a dashboard
      • Download a PDF of a dashboard
    • Set up Enterprise Threat Protector
      • DNS Security Setup
      • Selective Proxy Setup
      • Full Proxy Setup
      • Identity Provider Setup
  • DNS forwarding
    • View DNS server information
    • Configure DNS forwarders on Microsoft Windows Server 2008 R2 and 2016
    • Configure DNS forwarding on BIND
    • Configure DNS forwarding on Blue Coat ProxySG
    • Configure a DNS proxy on a Palo Alto Networks firewall
    • Configure DNS recursion on Citrix NetScaler
    • Configure DNS forwarders on Infoblox
    • Configure split-DNS forwarding on Cisco routers
    • Configure DNS forwarding on Unbound
  • Configure your enterprise firewall
  • Enterprise Threat Protector roles
  • Locations
    • Create a location
    • Edit a location
    • Add a sub-location
    • Edit a sub-location
    • Delete a location or sub-location
    • Assign a policy to a location
    • Search for a location
    • Allow or block traffic from unidentified IP addresses
    • Location CSV files
      • Download CSV with all locations
      • Download the locations CSV template file
      • Modify the CSV template file
      • Add new locations with a CSV file
      • Delete locations with a CSV file
      • Download a CSV with invalid DNS locations
    • Locations and dynamic DNS
  • Policies
    • Acceptable use policy
      • Acceptable use policy categories
      • New, updated, and discontinued AUP categories
      • Migrate block settings from discontinued AUP categories
    • User authentication and group policies
      • Authentication policy
      • Require authentication to access a website or web application
      • Grant access to specific users or groups
    • Threat categories
    • Policy actions
    • Policy conflicts
    • Custom headers
      • Headers for common SaaS applications
      • Setting up a custom header for Dropbox
      • Setting up a custom header for Google G Suite
      • Setting up custom headers for Microsoft 365
      • Setting up custom headers for YouTube
      • Add a custom header
    • Create a policy
    • Edit a policy
    • Copy a policy
    • Delete a policy
    • Assign a location to a policy
    • Search for a policy
    • Security templates
      • Apply a security template to a policy
    • SafeSearch and YouTube restricted mode
      • Enable SafeSearch
      • Configure YouTube restricted mode
    • Proxy logging mode
      • Select a proxy logging mode
    • Bypass Microsoft 365 traffic
    • Local breakout for bypass domains
    • Add email addresses for alert notifications
    • Default action
    • Configure origin ports
    • Summary of policy actions
  • Identity providers
    • Add an identity provider
    • Edit an identity provider
    • Delete an identity provider
    • Delete multiple identity providers
    • Make IdPs Deployment Ready
    • Deploy multiple identity providers
    • Set up Okta as an identity provider
      • Import Active Directory (AD) users and groups into Okta
      • Create a new application in Okta
      • Add Okta as an identity provider
      • Assign AD to the Okta identity provider
    • Set up Active Directory Federation Services (AD FS) as a third-party SAML identity provider
      • Add AD FS as a third-party SAML identity provider
      • Associate an identity connector with a directory
      • Assign AD to AD FS identity provider
      • Set up relying party trust in AD FS
      • Use claims to send LDAP attributes from AD FS to ETP
      • Use custom claim description to send group membership from AD FS to ETP
      • Upload AD FS metadata to ETP IdP
      • Enable signed SAML requests between ETP and AD FS
      • Enable encrypted SAML responses between ETP and AD FS
    • Set up Microsoft Azure as a third-party SAML identity provider
      • Add an Akamai Enterprise Application Access gallery application to Azure AD
      • Set up single sign-on for Enterprise Application Access application
      • Create a test user in Azure AD
      • Assign the test user to the application
      • Sync users from Active Directory to Azure AD
      • Add Microsoft Azure AD as a third-party SAML identity provider
      • Assign AD to the Azure identity provider
    • Set up PingOne as an identity provider
      • Connect a directory to PingOne
      • Create an Akamai Enterprise IdP application in the PingOne identity service
      • Add PingOne as an identity provider
      • Assign directory to the PingOne identity provider
    • Add identity provider domains to an exception list
    • Directories
      • Add a directory
      • Edit a directory
      • Delete a directory
      • Cloud Directory
        • Add a user to Cloud Directory
        • Edit a Cloud Directory user
        • Delete a Cloud Directory user
        • Upload users in bulk to Cloud Directory
        • Add a group to Cloud Directory
        • Edit a Cloud Directory group
        • Delete a Cloud Directory group
        • Re-invite Cloud Directory users
        • Associate Cloud Directory users to a group
      • Sync users and groups
      • Reset a user’s one-time password
      • Import groups from AD, LDAP, or AD LDS
      • Overlay groups
        • Add an overlay group
        • Add a user to an overlay group
        • Edit an overlay group
        • Delete an overlay group
      • Organizational units
        • Import an organizational unit from a directory
        • Delete an organizational unit
        • Sync users to organizational units
      • Run directory diagnostics
      • Run a directory connectivity test
    • Identity connectors
      • Identity connector installation requirements
      • Connector-to-VM and cloud platform compatibility
      • Create and download an identity connector
      • Set up an identity connector in a VMware environment
        • Deploy a VMware vSphere Client using ESX or ESXi versions earlier than 6.5
        • Deploy a VMware vSphere Client using ESX or ESXi version 6.5 or later
      • Set up an identity connector in Amazon Web Services
      • Set up an identity connector in a Google Cloud Platform environment
      • Set up a Docker-based identity connector
      • Set up an identity connector in a Microsoft Azure environment
        • Verify that the connector was successfully created in Microsoft Azure
        • Deploy a second Azure template
      • Set up an identity connector in a Microsoft Hyper-V environment
      • Set up an identity connector in an OpenStack/KVM environment
      • Associate an identity connector with a directory
      • Delete an identity connector
      • Delete multiple identity connectors
      • Identity connector on a VMware environment
      • Troubleshoot identity connector connectivity
        • Run an identity connector troubleshooting utility
        • Enable or disable remote debugging for a connector
          • Enable remote debugging for multiple identity connectors
          • Disable remote debugging for multiple identity connectors
        • Troubleshoot an unreachable identity connector
        • Gather a Fiddler trace
    • Multi-factor authentication
      • Enable multi-factor authentication
      • Install a time-based one-time password applications on a mobile device
      • Duo Security two-factor authentication
        • Retrieve information from Duo
        • Configure Duo as a factor for MFA in ETP
      • Confirm users can receive multi-factor authentication notifications
    • Login Portal
      • Customize the Login Portal
      • Add logos and images to the Login Portal login page
      • Login Portal languages
        • Add a language for the login portal
      • Password complexity for Login Portal
        • Manage password complexity for the Login Portal from the Active Directory (AD)
  • Lists
    • Block lists
      • Add a custom list
      • Add a top-level domain list
      • Add a URL block list
      • Add a Block list to a policy
    • Exception lists
      • Add a custom exception list
      • File hash exception lists
        • Add a file hash exception list
        • Edit a file hash exception list
        • Generate a hash value
          • On Windows
          • On Mac
      • Add a URL exception list
      • Add an Exception list to a policy
    • Specifying URLs in lists
    • Using text files to add list entries
      • Download a list template file
      • Configure and upload a custom list text file
      • Configure and upload a top-level domains list text file
      • Configure and upload a custom exception list text file
      • Configure and upload a file hash exception list text file
      • Configure and upload a URL block list or URL exception list text file
    • Delete a list
    • Quick list migration
      • Migrate quick lists
  • Deploying configuration changes
    • Deploy configuration changes
    • View deployment history
    • Revert configuration changes
  • Delegated and tenant access
    • Delegated access
      • Assign a delegated administrator role
      • Grant a delegated administrator access
      • Revoke delegated administrator access
    • Tenant access
      • Assign a tenant administrator role
      • Grant a tenant administrator access
      • Revoke tenant administrator access
      • Show data available to a tenant administrator
  • ETP Secure Web Gateway
    • Request flow
      • Proxy chaining configuration
      • ETP Client with an on-premises proxy
      • ETP Client no on-premises proxy
  • ETP Proxy
    • Full web proxy
      • Proxy chaining
      • Proxy authorization
        • Create a proxy credential
        • Delete a proxy credential
        • Enable proxy authorization
      • Set up on-premises proxy for ETP full web proxy
      • PAC file configuration
      • Enable full web proxy
      • Configure Squid to forward traffic to ETP Proxy
      • Configure origin ports
    • Selective proxy
      • Enable selective proxy
    • Benefits of ETP Proxy
    • Limitations of ETP Proxy
    • Payload analysis
      • Inline payload analysis
      • Block unscannable files
      • Static malware analysis of large files
        • Enable static malware analysis of large files
      • Dynamic malware analysis
        • Enable dynamic malware analysis
      • Deep scan report
        • Deep scan report of large files with static malware analysis
        • Deep scan report for dynamic malware analysis
        • View events with deep scan report results
        • Download a deep scan report
      • Configure payload analysis
    • Support of an on-premises HTTP forward proxy
    • Scan file sharing downloads for malware
    • Set up ETP Proxy
    • Enable inline payload analysis
    • ETP Proxy as a TLS intermediary
      • Create an Akamai certificate
      • Create a non-Akamai certificate
        • Generate a certificate signing request
        • Sign the CSR with OpenSSL
        • Sign the CSR with Microsoft Certificate Services
        • Upload and deploy signed certificate to ETP
      • Download a certificate
      • Download a certificate signing request
      • Discontinue the certificate creation process
      • Delete a certificate
      • View certificate information
      • Rotate certificates
    • Certificate distribution
      • Distribute a certificate to Windows Servers with Group Policy
      • Distribute a certificate to Chrome devices
      • Add a certificate to macOS
      • Enable enterprise trusted root certificates in Firefox
      • Enable enterprise trusted root certificates across a network
      • Import a certificate into a Chrome instance
      • Import a certificate into a Firefox instance
      • Import a certificate into an Internet Explorer instance
    • Unverifiable origin certificates
      • Configure action for unverifiable certificates
    • Akamai bypass list
    • Allow or block domains incompatible with TLS MITM certificate
    • Zero-day phishing detection
  • ETP Client
    • ETP Client for DNS only
      • Network flow
        • On corporate network
        • Off-corporate network
        • Split VPN tunnel
        • Optimized Internet routing
    • ETP Client for web traffic
      • Network flow
    • DNS over TLS
    • ETP Client configuration settings
    • Prepare for ETP Client setup
      • Update enterprise firewall, on-premise proxy, and allowlists
      • Assign a policy to the off-network location
      • Configure DNS-over-TLS settings
      • Configure ETP Client
      • Configure internal IP addresses, DNS suffixes, and email domains
    • Desktop Client
      • Supported desktop operating systems
      • ETP Client on desktop computers and machines
      • Set up ETP desktop client
        • Download ETP Client
        • Validate the SHA-256 checksum
        • Approve ETP Client
        • Configure ETP Client upgrade type
        • ETP Client installation
          • Install ETP Client with setup wizard
          • Install ETP Client with a command line
      • ETP Client version statuses
      • Automatic software upgrades and security patches
        • Software upgrades
        • Security patches
      • Configure Mozilla Firefox to use system proxy settings
      • Allow ETP Client connections on Microsoft Edge
      • Disable DNS over HTTPS on enterprise browsers
        • On Google Chrome
        • On Mozilla Firefox
        • On Microsoft Edge
      • Undo ETP Client approval
      • Uninstall ETP Client
        • Uninstall ETP Client on Windows
        • Uninstall ETP Client on Mac
      • ETP Client software rollback
        • Roll back an ETP Client upgrade
      • Web Proxy Auto-Discovery (WPAD) on Windows
        • Confirm WinHTTP WPAD service is running
        • Remove DefaultConnectionSettings value in Windows registry
    • Mobile Client
      • Supported mobile operating systems
      • Mobile client statuses
      • ETP Client stats
      • Limitations of the ETP Mobile Client
      • Impact of the ETP client on device battery and data usage
      • Distribute ETP mobile clients with Mobile Device Management (MDM)
        • Distribute ETP mobile client to Chromebook with Google Endpoint Management
          • Force installation on Chrome OS devices
          • Configure the entitlement code in the Google Admin Console
          • Enable and view ETP client reports in Google Admin Console
        • Distribute ETP mobile client with Microsoft Intune
          • Add ETP mobile client for Android devices to Microsoft Intune
          • Add ETP mobile client for iOS and iPadOS devices to Microsoft Intune
          • Configure an app configuration policy in Microsoft Endpoint Manager
        • Distribute ETP mobile client with Workspace ONE UEM
        • Distribute ETP mobile client with MobileIron
          • Add ETP mobile client to MobileIron
          • Upload ETP Proxy certificate to MobileIron
    • Bring your own device (BYOD) support
      • Set up Bring Your Own Device (BYOD)
      • ETP Client activation
      • Specify corporate email domains
      • Email activation codes to users
      • Email activation codes to users in bulk
      • Generate activation codes in a CSV file
      • Generate activation codes for users in bulk
      • Distribute MITM certificates to ETP mobile devices
    • ETP Client reports
      • Filter ETP Client data by date range
      • ETP Client CSV report
      • Download ETP Client CSV report
      • ETP Client statuses
    • Handle lost devices
    • View entitlement code
    • Rotate entitlement code
    • ETP Client version number convention
    • ETP Client version support
    • Troubleshooting ETP Client
      • ETP Client logs
        • Troubleshooting logs
        • Access logs
        • Access log fields
      • Diagnostic tool on desktop client
      • Report a problem on the mobile client
  • Enterprise Security Connector
    • Security Connector as a DNS forwarder
      • Best practices for setting up DNS Forwarder
    • Security Connector as a DNS sinkhole
      • Network flow of DNS sinkhole
    • Security Connector download and deployment
    • Setup and virtual machine requirements
    • Set up the security connector
      • Add a security connector
      • Download Security Connector
      • Deploy Security Connector
        • Deploy Security Connector on Microsoft Hyper-V
        • Deploy Security Connector on VMware ESXi
      • Create a security connector password
      • Configure the management interface
      • Configure the data interface
      • Configure DNS name servers
      • Run a connectivity test
      • Generate an activation code
      • Activate the security connector
      • Assign security connectors to a policy
      • Test the security connector
    • Manage DNS Forwarder
      • DNS Forwarder status
        • View DNS Forwarder traffic statistics
        • View DNS Forwarder health status
      • Enable query and response logging
      • Disable query and response logging
      • Enable or disable DNS Forwarder
      • Change the DNS Forwarder DoT port
      • Configure local DNS servers
    • About the Web Console
      • Generate a diagnostic report
      • Configure rsyslog
    • Upgrade the security connector
    • Change the security connector password
      • Change Security Connector password in ETP
      • Change Security Connector password in Security Connector
    • Delete a security connector
    • View archived security connectors
    • Troubleshoot connectivity test failures
    • Security Connector status
      • Run a Ping test
      • View debug information
      • Security Connector status details in ETP
    • Health status check
      • View Security Connector health status
  • Access control
    • Application visibility and control
      • Configure application visibility and control
      • Application visibility and control categories
      • Updated list of access control applications
    • Data loss prevention
      • Unsupported applications
      • Create a DLP dictionary
      • Edit a DLP dictionary
      • Delete a DLP dictionary
      • Assign a DLP dictionary to a policy
      • Select user and group exceptions for DLP scanning
    • Access by file type
    • Configure access control
  • Events
    • Filter event data
    • Configure and apply a filter
      • Add event or activity data to a filter
      • Clear filters
    • Filter data based on date and time
    • Select a dimension
    • Search for events
    • View event details
    • View domain details
    • View threat details
    • Add or remove data columns to events tables
    • Download a CSV file with event information
    • Event dimensions
    • Threat event details
    • Access control event details
  • Activity
    • Summary of DNS activity
      • Change the data type in the total DNS activity graph
      • Change the data view
      • Filter DNS activity by criteria
      • Download a DNS activity data spreadsheet
      • Create a PDF of data on the DNS Summary tab
    • DNS activity
      • Filter DNS activity data
      • Search for DNS traffic
      • Add event or activity data to a filter
      • View DNS activity details
      • Add or remove data columns to connection or activity data tables
      • Download a CSV file with connection or activity information
      • DNS activity dimensions
      • DNS activity details
    • Summary of Proxy activity
      • Change the data type in the total proxy activity graph
      • Change the data view
      • Filter summary of proxy activity by criteria
      • Download a spreadsheet
      • Create a PDF of data on the Proxy Summary tab
    • Proxy activity
      • Filter proxy activity data
      • Search for proxy connections
      • View proxy activity details
      • Add or remove data columns to connection or activity data tables
      • Download a CSV file with connection or activity information
      • Proxy activity dimensions
      • Proxy activity details
    • Network traffic
      • Filter network traffic data
      • Search for network traffic connections
      • View connection details
      • Add or remove data columns to connection or activity data tables
      • Download a CSV file with connection or activity information
      • Connection dimensions
      • Connection details
    • Security Connector activity
      • Security Connector event correlation
        • View correlated Security Connector events
        • Download correlated Security Connector events to a CSV file
        • View correlated threat events
        • Download correlated threat events to a CSV file
      • View details associated with a hostname
      • Security Connector event details
    • Identity provider activity
      • Filter identity provider activity data
      • Search for identity provider activity
      • Add identity provider activity data to a filter
      • Add or remove data columns to the identity provider activity data table
      • Download a CSV with identity provider activity
      • Identity provider activity details
  • Indicator search
    • Search for threats based on domain
    • Search for threat information based on threat name
    • Search for applications
    • Filter domain history
    • Report a misclassified domain
    • Report a threat
    • Severity levels
    • Indicator search: domain information
    • Integrate ETP with MISP Threat Sharing
      • Add ETP as a MISP enrichment module
  • Utilities
    • Error pages
      • Error page customization
      • Change the appearance of error pages
    • Communication emails
      • Add email addresses for notifications
      • Assign email notifications
      • Assign alert notification recipients
      • Assign locations for alert notifications
      • Select format of alert notifications
      • Add email addresses for Security Connector upgrade notifications
      • Remove a notification email assignment
      • Remove a notification email address
      • Remove an alert notification email address
      • Remove an email address for Security Connector upgrade notifications
      • Data in alert notifications and scheduled reports
    • Scheduled reports
      • Schedule a report
      • Edit a scheduled report
      • Delete a scheduled report
      • Enable a scheduled report
      • Disable a scheduled report
      • Data in alert notifications and scheduled reports
    • Custom response
      • Add a custom response
      • Edit a custom response
      • Delete a custom response
    • Akamai Support Access
      • Grant administrative access to Akamai Support
      • Allow Akamai Support to view activity reports
      • Revoke Access to Akamai Support
    • Clear DNS cache
  • Troubleshoot ETP
  • Features in technical preview, beta, or limited availability
  • Log Delivery
  • Notice

Deploy Security Connector

You can deploy Security Connector on a Microsoft Hyper-V or VMware ESXi hypervisor.

Depending on the hypervisor that you want to use for Security Connector, see:

  • Deploy Security Connector on Microsoft Hyper-V
  • Deploy Security Connector on VMware ESXi

Search Results

Close
  • Akamai.com
  • Contact us
  • Legal & privacy
  • Portal terms of use
  • Copyright © Akamai Technologies, Inc. All rights reserved