Manage Security Connector

You can complete tasks in the Security Connector console and in the ETP to manage your configuration of Security Connector. You can:

Change Security Connector operation mode

While you can configure Security Connector as a sinkhole or HTTP Forwarder when you add it in ETP, you can also define this setting in the Security Connector portal. If you’ve added Security Connector as an HTTP Forwarder, you can toggle this setting to change it to a sinkhole. Likewise, if you added Security Connector as a sinkhole, you can toggle this setting to make it an HTTP forwarder instead.

You can only modify this setting if the Security Connector is not associated with a policy and it’s online.

To change the security connector operation mode:

  1. In the Security Console console menu, press 8 or use the arrow keys to select Advanced, and press Enter.

  2. Press 4 or use the arrow keys to select Toggle Operation Mode, and press Enter.

  3. Press c to edit the settings and press Enter

  4. Type yes to toggle this setting and press Enter. If Security Connector is currently a sinkhole, this option will configure it as an HTTP Forwarder. If Security Connector is currently an HTTP Forwarder, this option will configure it as a sinkhole.

    Security Connector reboots with the new settings.

Upgrade the security connector

When a new version of the security connector is available, you can select to upgrade it. Users who are configured to receive upgrade notifications are notified by email when an upgrade is available.

The upgrade process reboots the VM and automatically updates the Security Connector software. The upgrade may take up to 10 minutes to complete.

Make sure that you upgrade one Security Connector at a time. This ensures that a DNS forwarder is always available while another DNS forwarder is upgraded.

📘

If you are upgrading from Security Connector version 2.0.0 to version 2.2.0, the upgrade process may time out. If this occurs, the version number shows as SC-2.1.0. To upgrade to version 2.2.0, hover over the security connector and click the upgrade icon again.

You need to be an ETP super administrator to perform this task.

To upgrade the security connector:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Security Connectors.

  2. In the ​Akamai​ Security Connector area of the page, go to the security connector that you want to upgrade.

  3. Hover over the security connector, and click the upgrade icon.

    IMAGE_STUBIMAGE_STUB

  4. In the confirmation message, click Save. When the upgrade is complete, a new version number appears for the security connector.

Change the security connector password

You can change the security connector password in ETP or in the Security Connector console.

Change security connector password in ETP

Before you begin

Ensure the security connector is activated and communicating with ETP.

After the security connector is deployed, configured, and communicating with ETP, an ETP super administrator can change the password that is associated with the security connector and is required to access the security connector.

To change the security connector password:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Security Connectors.

  2. In the ​Akamai​ Security Connector area of the page, click the lock icon. The Change Password for Security Connector dialog appears.

  3. Enter the new password, and click Save.

Change security connector password in Security Connector

You can change the password that's used to access the security connector. This procedure is completed in the Security Connector console.

To change security connector password in Security Connector

  1. In the Security Connector main menu, press 8 or use the arrow keys to select Advanced and press Enter.

  2. Press 5 or use the arrow keys to select Change Admin Password and press Enter.

  3. When promoted, enter the current password.

  4. Enter the new password and press enter. You are prompted to reenter the password.

  5. Enter the password again, and press Enter.

  6. After the password is successfully set, you can press any key to return to the main menu.

Delete a security connector

If a security connector is not associated with a policy, you can remove it from ETP. Otherwise, you need to associate a new Security Connector to the policy before you can perform the deletion. You need to be an ETP super administrator to perform this task.

This operation deletes the connector from the list of security connectors in ETP. It does not delete the security connector that you deployed on a virtual appliance in your network.

To delete a security connector:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Security Connectors.

  2. Locate the security connector that you want to delete.

  3. Click the delete icon. A confirmation message appears.

  4. If the security connector is associated with a policy, a dialog appears where you can associate a new Security Connector or a custom response to the policy or policies. Select a Security Connector or custom response and click Replace & Delete.

  5. If the security connector is not associated with a policy, a confirmation message appears. Click Yes to confirm the deletion.

View archived security connectors

You can view the security connectors that were previously archived. A security connector may have been archived if you participated in the first beta preview of the security connector.

You need to be an ETP super administrator to perform this task.

To view archived security connectors:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > Security Connectors.

  2. Click the eye icon that is shown above in the Security Connector area of the page. Archived security connectors appear.

About the Web Console

While you configure the network interfaces in the security connector, you can also access the Web Console to configure these interfaces. The Web Console is a web-based user interface of the management interface. On the Web Console, you can configure settings for the VM and perform administrative operations. For example, you can:

  • Generate a diagnostic report for debugging purposes. The diagnostic report contains logs and system files. When you encounter an issue that requires additional support, you can provide this report to ​Akamai​ Support. To generate this report, see Generate a diagnostic report.

  • Configure rsyslog: You can configure the VM to send logs to your organization's security information and event management product.

📘

If Enterprise Security Connector 1.1.0 or 2.1.0 is deployed in your network, the factory reset option in the Web Console is not supported. This option does not perform a factory reset and disables the VM. In Security Connector 2.2.0 and later, this option was removed.

Web Console

Generate a diagnostic report

From the Web Console, you can generate a diagnostic report for debugging purposes. This operation creates a TAR file that you provide to ​Akamai​ Support.

To generate a diagnostic report:

  1. Log in to the Web Console:

    1. Go to the http://mgmt_interface_IP:3000

      where mgmt_interface_IP is the IP address of the management interface.

    2. In the Web Console Login, enter the password for the security connector, and click Login.

  2. Click the gear icon and select Generate Diagnostic Report. A report is generated and saved to wherever your browser saves downloaded files.

Next steps

Contact ​Akamai​ Support and securely send the diagnostic report TAR file to your ​Akamai​ support representative.

Configure rsyslog

From the Web Console, you can configure the security connector to send logs to your organization's security information and event management product. By default, the security connector uses TLS encryption. As a result, a client certificate and client key signed by the CA of the rsyslog server is not required. If a certificate is not provided, the security connector accepts the encryption of the rsyslog server.

📘

Ensure that the remote rsyslog server is configured to accept logs with the TCP.

To configure rsyslog:

  1. Log in to the Web Console:

    1. Go to the http://mgmt_interface_IP:3000

      where mgmt_interface_IP is the IP address of the management interface.

    2. In the Web Console Login, enter the password for the security connector, and click Login.

  2. Click the edit icon to modify the VM settings in the Web Console.

  3. Click the Configure SIEM slider to change it from FALSE to TRUE.

  4. In the Server IP fields, enter the IP address and the port of the rsyslog server.

  5. To enable TLS and transport logs securely with a certificate:

    1. Click the Enable TLS slider to change it from FALSE to TRUE.

    2. In the CA certificate field, paste the contents of a certificate from your trusted CA.

    📘

    If a certificate is not provided, the rsyslog server is trusted by default

  6. Click Save.

Modify the port of the Web Console

By default, the Web Console uses port 3000. However, you can modify it based on the ports allowed in your network. Make sure that the port you provide for this setting is not the one you use for the HTTP Forwarder explicit or transparent proxy.

To modify the port for the Web Console:

  1. In the Security Connector console menu, press 8 or or use the arrow keys to select Advanced and press Enter.

  2. Press 3 or use the arrow keys to select Configure WebUI port and press Enter.

  3. Press C to edit this setting.

  4. Type the new port number and press Enter. Make sure the port number you provide is not used for the transparent or explicit proxy configuration of HTTP Forwarder.

  5. Type yes and press Enter to confirm the change.


Did this page help you?