Setup and virtual machine requirements

Virtual machine requirements

To deploy Enterprise Security Connector:

  • Deploy the security connector on Microsoft Hyper-V hypervisor or VMware ESXi version 5.5 or later.
  • Make sure the virtual machine meets these resource requirements:
    • RAM: 2 GB
    • Disk Space: 40 GB
    • CPU: 2 Cores

Network requirements

You must:

  • Configure your organization's firewall to:
    • Allow outbound connections to TCP port 443 and to allow UDP traffic on port 123 for the virtual machine's management interface.
    • For DNS Forwarder, allow outbound TCP port 443 for hostnames *.r11.dot.dns.akasecure.net and *.akaetp.net with dot as the Application-Layer Protector Navigation (ALPN). This configuration is required for DNS over TLS connections.
  • Deploy the security connector on the same local area network (LAN) as user computers.

Additionally, you should complete these steps:

  • Assign the data interface with an IP address that is outside the private network ranges defined by Request for Comment 1918 (RFC 1918):
    • 10.0.0.0 - 10.255.255.255 (10/8 prefix)
    • 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    • 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    Many forms of malware do not connect to IP addresses in these ranges. If you do not have an unused subnet in your network for this configuration, create one to receive Security Connector traffic.

  • Configure the management interface in a secure or isolated location in your internal network. By default, the management interface is not encrypted and operates over TCP port 3000.