An identity connector is a complete virtual appliance that you download from SIA and deploy behind the firewall in your data centers or hybrid cloud environments. You can deploy multiple connectors for redundancy and scaling. Identity connectors allow SIA to synchronize with your organization's AD or LDAP servers.

Identity connectors are cryptographically unique and devoid of any management interface or UI. As soon as you create a connector and power it on, it dials out on port 443 outbound and checks in with SIA for its configuration settings.

Make sure that you associate more than one connector to a directory in case there's a server or VM failure. This ensures that a directory can communicate with another running connector.

Identity connector installation requirements

These requirements apply when setting up an identity connector:

You can deploy identity connectors on these virtual environments:
- Amazon Web Services, either classic or EC2/VPC. For instructions, see Set up an identity connector in Amazon Web Services.
- Docker. For instructions, see Set up a Docker-based identity connector.
- Google Cloud Computing Engine (GCE). For instructions, see Set up an identity connector in a Google Cloud Platform environment.
- Microsoft Azure. For instructions, see Set up an identity connector in a Microsoft Azure environment.
- Microsoft Hyper-V. For instructions, see Set up an identity connector in a Microsoft Hyper-V environment.
- OpenStack/KVM. For instructions, see Set up an identity connector in an OpenStack/KVM environment.
- Oracle VirtualBox
- VMware. For instructions, see Set up an identity connector in a VMware environment.

For details on which versions of these VMs and cloud services have been tested, see Connector-to-VM and cloud platform compatibility.

Make sure that you set up identity connector on a network that meets these requirements:
- A private IP address inside the Local Area Network (LAN), either DHCP or static.
- Dial-out access to the Internet on TCP port 443. A connector needs to reach the Akamai Enterprise Identity Provider service over the internet. This communication is carried out over an open TCP port 443, and only needs outbound connectivity.
Set up the VM with these settings:
- CPU. 4 virtual core
- Memory. 8 GB RAM (12 GB for an AWS connector as they do not use swap space for storage).
- Storage. 16 GB hard drive disk space (4 GB allocated to swap space and 12GB of free space).

📘
Use at least two connectors for high-availability and load balancing. For more information, see Create and download an identity connector.

Connector-to-VM and cloud platform compatibility

For VM and cloud platforms that have been tested and verified as compatible with identity connectors, see Connector-to-VM and cloud platform compatibility. If you're using a VM or cloud platform that's not included in this list, contact support for installation help.

Identity connector on a VMware environment

VMware is a virtualization and cloud computing software provider. VMware bases its virtualization technologies on its bare-metal hypervisor ESX/ESXi in x86 architecture. It allows you to run multiple VMs on a single physical machine where each VM shares the resources of that one physical computer across multiple environments. Different VMs can run different operating systems and multiple applications on the same physical computer.

VMware vSphere is a cloud operating system, or virtualized data center platform. VMware vSphere includes these components:

VMware ESX / ESXi hypervisor. A type-1 hypervisor that functions as the virtualization server.
VMware vCenter Server. Manages vSphere environments.
VMware vSphere Client. Installs and manages VMs through the hypervisor. It allows you to deploy and export VMs, virtual appliances (a preconfigured virtual machine that typically includes a preinstalled guest operating system and other software), and vApps stored in Open Virtual Machine Format (OVF).
VMware VMFS. The file system component from VMware.