Set up the security connector
Review the setup and virtual machine requirements. See Setup and virtual machine requirements.
Before you begin
This procedure provides the high-level steps that are required to set up the security connector.
- Add the security connector. See Add a security connector.
- Download Enterprise Security Connector. See Download Security Connector.
- Deploy Security Connector on a virtual machine:
- Log in to the virtual machine and create a password for the security connector. See Create a security connector password.
In the security connector,
configure network settings for the management interface, data interface, and the
DNS name servers. See Configure the management interface, Configure the data interface, and Configure DNS name servers.
Configure your corporate resolvers as the DNS name servers.
- Run a connectivity test to confirm that the security connector can connect to Akamai services. See Run a connectivity test.
- Generate an activation code for the security connector you added in ETP. See Generate an activation code.
- Activate the security connector. See Activate the security connector.
If you are using Security
Connector as a DNS sinkhole:
- Create or modify a policy to associate the security connector with a threat category or a custom list. You should assign a security connector to the malware or command and control categories. See Assign security connectors to a policy.
- Test the security connector to ensure that it communicates with ETP and delivers event data to ETP. See Test the security connector.
If you are using Security
Connector as a DNS forwarder:
- If there are internal domains or IP addresses that you don’t want directed to ETP and prefer are handled by the corporate resolver, see Configure internal IP addresses, DNS suffixes, and email domains.
- Configure enterprise machines to forward DNS requests to DNS Forwarder. This is the IP address of the data interface. Make sure that you provide the IP addresses of the primary and secondary DNS forwarders, as well as the IP address of the corporate resolver.
- If the corporate resolver is authoritative for internal domains only and is not recursive, configure a local DNS server for DNS Forwarder. In a situation where DNS Forwarder cannot reach ETP, this server handles local DNS requests, while the DNS name server you configure as part of Security Connector setup becomes a fallback recursive resolver that handles requests to the Internet. To configure a local server, see Configure local DNS servers.
- Add email addresses of administrators or other users within your organization that you want notified when there is a software upgrade available for the security connector. See Add email addresses for Security Connector upgrade notifications.