Secure Access Help Center

Manage Resource Connectors and Connector Groups

Secure Access resource connectors connect traffic from user devices to private resources on your network using Zero Trust Access.

A resource connector is a lightweight virtual machine that is installed in your environment.

You will deploy resource connectors in groups, for resilience, load balancing, and scalability. Each connector group is associated with a data center, branch office, or security zone, and serves specified private resources in that location. All connectors in a connector group connect traffic to all resources associated with the group.

For additional characteristics of resource connectors and connector groups, see Comparison of Network Connection Methods.

Overview: Setting Up Resource Connectors and Connector Groups

  1. Define a connector group for each location (data center or network segment such as a branch office or security zone) that has private resources that users need to reach.
    See Add Resource Connector Groups.
  2. Obtain the resource connector image. You can use the same image for multiple connectors and for connectors in any connector group that uses the same environment. However, always use the most current image version.
    See Obtain the Connector Image.
  3. Deploy resource connectors in each location associated with a connector group, using a provisioning key for each that associates each connector with its group.
    See Deploy a Connector in AWS or Deploy a Connector in VMware.
  4. Each deployed connector automatically reaches out to Secure Access after launch; confirm all connectors to ensure that they are legitimate and expected, and to make them ready to connect traffic.
    See Add Connectors to a Connector Group.
  5. Assign each private resource to a connector group whose connectors are deployed in the same data center, branch office, or security zone as the resource.
    See Assign Private Resources to a Connector Group.
  6. Test your connectors by accessing a private resource that is enabled for zero trust access from a remote user endpoint device that has Cisco Secure Client and is enrolled for zero trust access.
  7. As needed, at any time, add more connectors to provide additional throughput capacity.
    See Add Connectors to a Connector Group.
  8. As needed, associate additional and newly added private resources to the connector group.
    See Assign Private Resources to a Connector Group.

Configure Tunnels with Cisco Secure Firewall < Manage Resource Connectors and Connector Groups > Requirements and Prerequisites for Resource Connectors and Connector Groups

Updated 2 months ago