Preparing to deploy the ZTNA connector
When planning the ZTNA connector deployment, there are a few scaling considerations that apply globally and to individual compute node locations:
- A maximum of 2,000 applications can be made available across all connector groups
- A maximum of 64 applications per connector group
- A maximum of 100 connectors in total globally
- Up to 4 connectors per connector group
- Up to 10 connectors per compute node location
- 250,000 concurrent connections per connector group
The ZTNA connector VM should receive the following resources:
- 4 vCPUs
- 16 GB memory
- 4 GB disk
In the environment hosting the ZTNA connector, the VM must be allowed to create outbound UDP 4500 and UDP 500 (IPSec NAT traversal and IKE) and TCP 443 (SSL) connections from the WAN interface so that it can set up its connection to the nearest ZTNA Tunnel Terminator (ZTT*) in Prisma Access, and UDP 53 and 123 for DNS and NTP.
Note
A ZTT is...
