Pre-Installation Requirements Explained for AirWatch Cloud Connector

Component and Background

AirWatch Cloud Connector

 AirWatch Cloud Connector (ACC) provides organizations the ability to integrate AirWatch with their back-end enterprise systems. This document explains the placement of the ACC for a SaaS deployment. It also addresses the Software, Hardware and Network Rules required for successful installation and configuration of the ACC.

 

Integration Components

ACC integrates with the following internal components:

 

  1. Email Relay (SMTP)
  2. Directory Services (LDAP/AD)
  3. Email Management Exchange 2010 (PowerShell)
  4. BlackBerry Enterprise Server (BES)
  5. Lotus Domino Web Service (HTTPS)
  6. Syslog (Event log data)
  7. ACC is usually placed in a customer’s internal network.
  8. When certificate integration is required, the ACC must belong to the same domain as the Certificate Authority.  

 

Network Placement of ACC

  1. ACC is usually placed in a customer’s internal network.
  2. When certificate integration is required, the ACC must belong to the same domain as the Certificate Authority.  

 

Proxy Support

If you plan on proxying ACC traffic through an outbound proxy. You can configure the proxy and provide respective information during the ACC install.

 

Software and Hardware requirements

The software requirements list the supported Server Types, Operating System and the Additional Requirements for an ACC install.

 

SOFTWARE REQUIREMENTS

 

Server Type

Physical or Virtual

 
 
     

Operating System

Windows Server 2008 R2 or Windows Server 2012 or Windows Server 2012 R2

 
 
     

Additional Requirements

Install PowerShell 3.0 on the Server.

 

Install .NET Framework 4.5.2 on the Server

 

 

HARDWARE REQUIREMENTS

 

Physical or Virtual

Cores and Processor

1 CPU Core (2.0+ GHz)* *An Intel processor is required.

RAM

2 GB RAM or higher

Hard Disk Space

1 GB disk space for the ACC application, Windows OS, and .NET runtime.

Additional requirements

 AirWatch recommends an additional 5 GB of disk space for use with logging.

 

Network Rules

Connection Initiator- ACC

NETWORK RULES TO AIRWATCH COMPONENTS

 

Source

Destination in the cloud

Port

Protocol

ACC

AWCM

443

HTTPS

AirWatch API

AirWatch Admin Console

80 or 443

HTTP or HTTPS

CRL

80

HTTP

 

Notes:

  1. The ACC initiates the connection to AWCM (AirWatch Cloud Messaging) and the AirWatch API located in the Saas Datacenters over port 443.
  2. The ACC should be able to communicate with the AirWatch Admin Console over ports 80 or 443.

 

Optional Rules

NETWORK RULES TO INTERNAL COMPONENTS

 

Source

Internal Component

Port

Protocol

 
 

ACC

SMTP

25

SMTP

 

LDAP

389,636,3268 or 3269

LDAP/LDAPS

 

SCEP

80 or 443

HTTP or HTTPS

 

ADCS

135, 1025-5000, 49152-65535

DCOM

 

BES

80 or 443

HTTP or HTTPS

 

Exchange

80 or 443

HTTP or HTTPS

 

 

Note:

Depending on the integration we are trying to achieve, the ACC needs to be able to communicate with the respective components using the protocol and the mentioned port.

 

Service Accounts

Depending on the kind of integration you are performing you might need a Service Account with appropriate permissions. Please talk to the AirWatch consultant regarding a service account during your deployment.

   

Sizing and Scalability

 

Number of Users

CPU Cores

RAM per Server

Up to 10k

2

4

10k-50k

2

4

50k-100k

2-3 load balanced servers with 2 CPU Cores

8

100k to 200k

2-3 load balanced servers with 4 CPU Cores

16

 

Note:

ACC traffic is automatically load-balanced by the AWCM component. It does not require a separate load balancer. Multiple ACCs in the same organization group that connect to the same AWCM server for high availability can all expect to receive traffic (a live-live configuration). How traffic is routed is determined by AWCM and depends on the current load. 

Have more questions? Submit a request

0 Comments

Article is closed for comments.