Set up the security connector

Before you begin

Review the setup and VM requirements. See Setup virtual machine requirements.

Complete these high-level steps to set up Security Connector.

To set up the security connector:

1. Add the security connector. See Add a security connector.

2. Download Enterprise Security Connector. See Download Security Connector.

   📘

   In version 3.5.0 or later, you can deploy a Security Connector image file on Amazon Web Services (AWS) and Microsoft Azure. On these cloud platforms, the Security Connector image file is available in the AWS and Azure marketplaces. You do not download the image file from Enterprise Center.

3. Deploy Security Connector on a VM:

   • To deploy Security Connector on Microsoft Hyper-V, see Deploy Security Connector on Microsoft Hyper-V.
   • To deploy Security Connector on VMware ESXi, see Deploy Security Connector on VMware ESXi.
   • To deploy Security Connector on Amazon Web Services, see Deploy Security Connector on Amazon Web Services (AWS).
   • To deploy Security Connector on Azure, see Deploy Security Connector on Microsoft Azure.

4. Log in to Security Connector and create a password for the security connector, see Create a security connector password.

5. In the security connector, configure network settings for the Security Connector interfaces and the DNS name servers. See Configure the en1 interface, Configure the en2 interface, and Configure DNS name servers.
   Configure your corporate resolvers as the DNS name servers.

6. Configure the number of network interfaces that you want to use for Security Connector data. For more information, see Select one or two interfaces for DNS or HTTP Forwarder data.

7. Generate an activation code for the security connector you added in ​SIA​. See Generate an activation code.

8. Activate the security connector. See Activate the security connector.

9. Run a connectivity test to confirm that the security connector can connect to ​Akamai​ services. See Run a connectivity test.

10. To configure Security Connector as a DNS sinkhole:

    1. Create or modify a policy to associate the security connector with a threat category or a custom list. You should assign a security connector to the malware or C&C categories. See Assign security connectors to a policy.
    2. Test the security connector to ensure that it communicates with ​SIA​ and delivers event data to ​SIA​. See Test the security connector.

11. To configure Security Connector as a DNS forwarder:

    1. If there are internal domains or IP addresses that you don’t want directed to ​SIA​ and prefer are handled by the corporate resolver, see Configure internal IP addresses, DNS suffixes, and email domains.
    2. Configure enterprise machines to forward DNS requests to DNS Forwarder. This is the IP address of the en1 interface (formerly the data interface). Make sure that you provide the IP addresses of the primary and secondary DNS forwarders, as well as the IP address of the corporate resolver.
    3. If the corporate resolver is authoritative for internal domains only and is not recursive, configure a local DNS server for DNS Forwarder. In a situation where DNS Forwarder cannot reach ​​SIA​​, this server handles local DNS requests, while the DNS name server you configure as part of Security Connector setup becomes a fallback recursive resolver that handles requests to the Internet. To configure a local server, see Configure local DNS servers.

12. To configure Security Connector as an HTTP Forwarder, see Configure HTTP Forwarder.

13. Add email addresses of administrators or other users within your organization that you want notified when there is a software upgrade available for the security connector. See Add email addresses for Security Connector upgrade notifications.