Enterprise Threat Protector (ETP) now includes these enhancements:

Deploy custom lists in less than 30 seconds. Like other configuration settings in ETP, you can now deploy custom lists in less than 30 seconds.

Migrate quick lists to custom lists. Quick lists are now discontinued. If you configured an Allow or a Deny quick list, you can migrate this data to custom lists. On the Quick Lists page (Configuration > Quick Lists), click the Migrate Quick Lists button to migrate your quick list data to an Allow custom list and a Deny custom list. Migrated quick lists are added to all policies, allowing you to manage these lists as part of a policy configuration. By default, the migrated Allow list is granted the bypass policy action, while the migrated Deny list is assigned the block policy action.

After migrating quick lists, make sure you deploy all pending changes. Once the migration is complete, the Quick List page is no longer available at your next login.

Note: If your organization never configured quick lists, no action is needed. In this case, the Quick Lists page is no longer available from the navigation menu.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

• Associate locations to a scheduled report configuration. You can now configure a scheduled report to show events based on a location or multiple locations. By default, scheduled reports are configured to show events based on all locations.
• View data and configuration settings available to a tenant administrator. If an ETP super administrator assigns the tenant administrator role, a Filter data by tenant administrator field now allows you to view data and settings available to a tenant administrator. After you specify a tenant administrator in the field and navigate ETP, the filter shows configuration settings and event data based on the locations, policies, and lists the tenant administrator can manage.
• New tab names on the Activity page. The DNS tab is now called the DNS Summary tab, and the Proxy tab is now called the Proxy Summary tab.

Filter events and indicator search results by a specific time

In addition to selecting a specific date or date range, the calendar filter that appears on the Dashboard, Events, Activity, and Indicator Search pages now allows you to specify a start and end time in a 24-hour clock format. This enhancement filters data to show events and domain history changes that occurred within the specified time.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

Deploy Security Connector 2.6.0 with Microsoft Hyper-V. In addition to deploying Security Connector with VMware ESXi, you can now download Security Connector 2.6.0 and deploy it with Microsoft Hyper-V. On Hyper-V, you can deploy Security Connector with a PowerShell utility script or manually with a virtual hard disk image file. Administrators can also upgrade to version 2.6.0. Like version 2.5.0, this version allows your organization to direct malicious HTTP and HTTPS requests to Security Connector.

Security Connector health status. The status of Security Connector is now more accurately reported in ETP and in the UI of the Security Connector VM console. A new Health Status page is available from the main menu of the security connector console. On this page, an administrator can view whether Security Connector is in a healthy state or in an unhealthy state due to a failure. If there’s a failure, an administrator can identify the specific operation where it occurred.

New default dimensions on Dashboard for threat events. By default, the dashboard now shows threat event data based on category, threat name, and severity. To show data for other dimensions, click the down arrow that’s associated with a threat event chart and select a new dimension.

Additional threat information now available. ETP administrators and viewers can:

• View the threat name associated with a threat event.
• Filter threat events by its name and severity level. A Threat Name and Severity dimension is available for this purpose.
• Search by the threat name on the Indicator Search page. In the search results, this page shows:
  • A description that details how the threat spreads and impacts a network.
  • Other names for the threat
  • Severity level
  • Threat type. For example, if it’s a worm, trojan, malware, or another threat type.
  • External links to resources on the Internet with more information.
  • A graph that illustrates the number of events generated by the threat in the last 24 hours, 7 days, 30 days, and this month.

Enterprise Application Access (EAA) 07/26/19 software release

Akamai EAA Client New Features

IPv4-based access for tunnel applications. EAA Client extends zero trust access functionality to access applications defined by IPv4 addresses. 

Captive portal detection. EAA Client detects the presence of captive portals and gracefully reconnects when network connectivity is established. 

On-premises network detection. Based on network policies configured by an EAA administrator, EAA Client can detect if a user is on-premises. In this situation, the client allows direct access to enterprise applications that bypass access through the proxy.

Akamai EAA Client Usability Improvements

Client menu simplification. The EAA Client menu is now more intuitive and includes tooltips to guide end users. The Setting menu provides improved logging capabilities. New settings names and menu organization allows users to complete advanced operations more easily. These operations include checking diagnostics, viewing the network type and status, accessing the synchronize and reset functions, and downloading the latest version of the client software.

Known Limitations

EAA Client

• After you upgrade to the latest version of EAA Client (version 1.3.X), you cannot downgrade to the previous version (version 1.2.X). Rolling back to version 1.2.X requires that you uninstall version 1.3.X and reinstall version 1.2.X of the EAA Client.

• You will not be able to configure the EAA Client from the IdP login portal on a Microsoft EDGE browser. Use alternative browser like Chrome.

• When connecting to a captive portal on a Mac, the captive portal may block all outgoing traffic. In this situation, the client shows that the network type is NONE. EAA Client cannot reliably detect whether the end user is on a public network or a captive portal.

• When the user is connected to both trusted and untrusted networks on two different networks, EAA Client inconsistently detects whether the user is on a trusted network or a public network.

• The identity provider (IdP) name may not appear in the EAA Client. To resolve this issue, quit and restart the EAA Client.

• On macOS, clicking logout in the client may cause all menu options to gray out. To resolve this issue, open the Activity Monitor application in the Utilities folder of the Mac. Select EAA Client and then click the quit icon. In the dialog that appears, select Force Quit.

• When adding multiple IPv4 addresses to a “Tunnel” type application, you are limited to adding a maximum of 214 IPv4 addresses to an application. If you have more than 214 addresses, you must add additional tunnel applications as needed.

Enterprise Application Access

• When accessing an application, an IdP session is not saved between browser tabs on these versions of Microsoft Edge and Internet Explorer: Microsoft EdgeHTML: 17.17134, Microsoft Edge: 42.17134.10, IE: 11.590.17143. If a user opens a new tab in these browsers, they are prompted to enter their Login Portal credentials again.

• When using the Login Portal with a Microsoft Edge or Internet Explorer browser, a user may experience multiple UI issues such as long loading times, the favorite icon (heart symbol) not appearing, and more.

• If you open the print dialog in a remote desktop protocol (RDP) server session and you then click the desktop before making your selections, the dialog may disappear. To workaround this issue, you must open the print dialog again.

• If only DNS server settings are changed in network interfaces, on-premise network monitoring may not detect that the network type has changed from or to a trusted network.

• When there are multiple data centers that have the same network configuration, connectors assigned to these data centers should not be associated to a single tunnel application.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

Exception Lists. An ETP administrator can now create a list with the domains and IP addresses they want directed to the origin without Transport Layer Security (TLS) decryption or ETP protection. An exception list bypasses ETP Proxy. This feature allows your organization to maintain the privacy of users who access trusted websites with sensitive information. Like a custom list, you create an exception list and assign it to a policy configuration.

Bypass action for Exception Lists. When you add an exception list to a policy, the bypass policy action is automatically assigned to the list. This action resolves requests to the origin IP address. If ETP proxy is enabled, the request is not decrypted with TLS. It is sent directly to the destination web server. While no event is logged on the Event Analysis page for bypassed traffic, domains are logged on the Network Traffic tab of the Activity page.

Client Connector now called ETP Client. Client Connector is now called ETP Client. The tab on the Utilities page and the client configuration settings now refer to the new ETP Client name.

Additional threat information is now available in Enterprise Threat Protector (ETP)

ETP administrators and viewers can now:

• View the threat name associated with a threat event.
• Filter threat events by its name and severity level. A Threat Name and Severity dimension is now available for this purpose.
• Search by the threat name on the Indicator Search page. In the search results, this page shows:
  • A description that details how the threat spreads and impacts a network.
  • Other names for the threat
  • Severity level
  • Threat type. For example, if it’s a worm, trojan, malware, or another threat type.
  • External links to resources on the Internet with more information.
  • A graph that illustrates the number of events generated by the threat in the last 24 hours, 7 days, 30 days, and this month.

This feature is currently in beta.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

Security templates now available. An ETP administrator can now apply a security template or a preset template to a policy configuration. This allows administrators to implement best practices when configuring policy actions. It also gives administrators a starting point to defining a policy.

When creating or modifying a policy, you can select one of these templates:

• Strict. Contains settings that block known and most suspected threat categories. This template applies settings that are a best practice for a policy.
• Monitor-only. Logs and reports threats but it does not block them. The Monitor-only template is ideal for testing or assessing policy impact before using the Strict template. This template assigns the monitor policy action to all known and suspected threat categories.
• Custom. Let’s you define policy actions for known and suspected threats.

A security template defines settings for threat categories in the Akamai Security tab only.

Updates to delegated and tenant access. A delegated administrator can now:

• Add email address for communication emails and assign communication emails. A delegated administrator can assign these users to any communication email.
• View Security Connector activity.

A tenant administrator can now:

• Add emails address for communication emails and configure these users to receive communication emails for alerts and system issues.
• Schedule a report.
• View and analyze DNS event data on the Dashboard, Event Analysis, and DNS activity pages.

The data in a scheduled report and on these reporting pages are based on the locations the tenant administrator can access.

Source IP now a dimension for DNS activity: On the DNS tab of the Activity page, you can now report the top source IP addresses that generated DNS requests. Source IP is now available as a dimension or data type in all DNS activity menus.

Client Connector version 2.1.0 now in beta.

With Client Connector 2.1.0, administrators can now configure Client Connector to roll back to the previous approved version. Administrators can also allow end users to uninstall Client Connector on Windows machines. To enable these features, new configuration settings are available in Enterprise Threat Protector (ETP):

• Roll Back Client Connector. When enabled and the previous Client Connector version is approved, this setting automatically rolls back a Client Connector upgrade. Rollback is available with Client Connector version 2.1.0. You cannot roll back to a version that is earlier than 2.1.0.

• Allow Uninstall on Windows. When enabled, end users on Windows machines can uninstall Client Connector. If this setting is disabled, the entitlement code is required to uninstall Client Connector.

Client Connector 2.1.0 also includes these updates:

New “Protected by local network” status. When these specific conditions apply, Client Connector now indicates that a machine is protected by the local network:

1. Client Connector cannot send DNS requests to ETP because outbound UDP port 53 is blocked in the company firewall.
2. The DNS resolver in the local network is configured to forward requests to ETP.

New names for configuration settings. New names are now available in ETP for Client Connector configuration settings. The Enable User Control setting is now called Allow Users to Disable Client Connector. The Enable ETP Client setting is now called Enable Client Connector.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

New Acceptable Use Policy (AUP) categories. New AUP categories are available for administrators to control access to content. These categories include:

• Finance & Investing. Category for websites that allow users to manage finances and investments.
• Healthcare. Category for websites related to human health.
• IP Telephony. Category for websites that allow users to make phone calls through the Internet.

Bypass action for AUP in beta. If ETP Proxy is enabled and your organization takes part in this beta, you can now select the bypass action for each AUP category or subcategory. The bypass action directs traffic to the origin IP address. It also bypasses the ETP proxy and TLS decryption.

Tenant access now available. An ETP super administrator can now enable tenant access and assign the tenant administrator role. This feature can be used by Managed Service Providers (MSP) to restrict and separate access of individual customers. A tenant administrator can:

• create locations, policies, and custom lists
• manage assigned location, policies, and custom lists
• view events and other reporting data based on the locations they can access

A tenant administrator cannot view locations, policies, and custom lists they did not create. They also cannot view other configuration areas of ETP such as the Utilities page. In previous releases, this administrator was called a strict delegated administrator.

New policy settings tab. A Settings tab is now available when creating or modifying a policy. This tab contains settings for ETP Proxy, inline payload analysis, browsing restrictions, and more. On the policy configuration page, these settings were previously part of the right pane that includes the policy name, description, and assigned locations.