IoT Edge Connect has been updated to help improve performance, scale and reliability of the service. Updates include:

• Improved routing performance for the distributed broker when using wildcard subscriptions.
• Improved QoS1 message performance for identified performance hot spots.
• Improved wildcard subscriptions performance for cases when millions of clients are subscribing to a single level wildcard topic structure, such as example/customer/topic/structure/+.
• Enhanced internal metrics monitoring to help customers ensure the proper operation of the service they manage.

ETP Client 3.6.0 is now available

A new version of the ETP desktop client is now available. ETP Client 3.6.0 supports Windows 11 and macOS Monterey. For a full list of supported operating systems, see the ETP documentation.

This update also resolves a security vulnerability and a number of issues, including the following:

• ETP Client reports showed an incorrect status for the client.
• A connectivity issue with ETP Proxy caused it and the client to be completely unresponsive.
• An internal IP request was intercepted by ETP Proxy before it was directed to the enterprise resolver. This issue has been fixed to ensure that internal IP requests are sent directly to the origin.

DataStream 2 General Availability release

We are pleased to announce that DataStream 2 is now available for all our customers. DataStream 2 provides customers with detailed log data from requests on the Akamai Edge platform within minutes. Using DataStream 2 gives unparalleled visibility into events at the Akamai Edge and puts developers first by empowering them with the data needed to support critical operations. Contact your Akamai representative for DataStream 2 solutions or migration possibilities.  

New navigation and enhanced dashboard now available in Enterprise Center

Enterprise Center now offers a new navigation that organizes features and settings by enterprise product. Enterprise Threat Protector (ETP) administrators can now access all configuration settings and reports from the Threat Protection area of the navigation menu. If your organization is also licensed for the Enterprise Application Access (EAA) or Multi-Factor Authentication (MFA) products, you can access EAA features from the Application Access area of the menu and MFA features from the Multi-Factor Authentication navigation area.

The Enterprise Center dashboard has also been enhanced in this update to let you easily add new, predefined widgets for your enterprise product. For ETP, you can easily create a dashboard that can monitor events, activity, risky applications, application operations, ETP Client downloads, and more. For more information, see the ETP product documentation.

Multi-tenancy is now available in Enterprise Threat Protector (ETP)

With multi-tenancy, a Managed Security Service Provider (MSSP) can give their customers separate access to ETP without purchasing separate product licenses. You can create a tenant for each customer and assign administrators to each tenant. A tenant administrator can create and manage ETP components within their tenant, such as policies, lists, locations, certificates, ETP Clients, and more.

Multi-tenancy can also be used by administrators who want to test new versions of ETP Client and upgrade the client for a specific group of users. You can do this by creating a tenant that represents a group. You may need to create a separate location for these users or consider the policy that’s assigned to the Off-Network ETP Clients location. You can then approve, configure auto-upgrade, and activate ETP Client within that tenant.

For more information on multi-tenancy, see the ETP documentation.

New features:

• The State data set field is now available as a part of the geographical data set, and the Country data set field has been renamed to Country/Region.
• You can now log data related to the WAF security rules using the Security rules data set field.

See the DataStream 2 user guide for the complete list of available data set fields with examples.

The latest update for CloudTest includes the following features, enhancements, and bug fixes:

Enhancements

• New GCE instance types.
• New GCE locations.

Bug Fixes

• Fixed an issue with creating a report with multi-results that caused an error dialog.
• Fixed the Linux Conductor download link.
• Corrected an issue with Conductor when using console to specify proxy and no proxy user.
• Fixed an issue with grid order of operations that can cause an incorrect grid state.

Enterprise Application Access (EAA) November 2021 software release

EAA Client Versions

• EAA Client for Windows: version 2.6.0
• EAA Client for macOS: version 2.6.0
• EAA Client mobile app for iOS: version 2.1.0
• EAA Client mobile app for Android: version 2.1.0

Akamai EAA New Features

Okta SCIM Integration. You can provision users and user group memberships from Okta (AD) to EAA Directory using the System for Cross-domain Identity Management (SCIM) 2.0.

Enterprise DNS request onboarding improvement. The EAA Client intelligently onboards DNS SRV (Service) and DNS PTR (Pointer) requests. DNS SRV (Service) requests are onboarded when the target (hostname) in a request matches a DNS suffix configured in an EAA DNS Application. DNS PTR (Pointer) requests are onboarded when the IP in the request matches the destination IP specified in an EAA Client Application.

New Attributes in Access Logs. Additional attributes have been added to the access logs: Connector IP (clientless access only), Connector ID (clientless access only), Connector Source Port (clientless access only), Device UUID, Access Control that Denied Access, Bytes In and Bytes Out.

Health Monitoring APIs. APIs for connector and application health monitoring are available.

EAA SDK Deprecation. The EAA SDK is being deprecated and support for the EAA SDK will end July 2022. Customers using the EAA SDK should switch to the EAA Open APIs.

Strict validation of SCIM Attribute Mappings. EAA will perform strict validation of attributes that it receives in the SCIM payload. If the SCIM payload has attributes that have not been mapped in the EAA SCIM Directory, then the EAA SCIM service will respond with an error.

EAA Client Operating System Support.

The EAA Client 2.6.0 supports these operating systems: Microsoft Windows 7, current Microsoft supported versions of Windows 10 x86(32-bit) and x64(64-bit), Apple macOS 10.14 (Mojave), 10.15 (Catalina), and 11 (Big Sur). The EAA Client leverages Rosetta translation so a single binary can be used for both Intel-based and Apple M1-based devices.

  Akamai EAA End of Support/Service for EAA Client.

EAA Client version 2.2.0, 2.3.0, 2.3.1 End of Service / Support - From February 28, 2022, Akamai will no longer support EAA Client versions 2.2.0. From April 30, 2022, Akamai will no longer support EAA Client versions 2.3.0 and 2.3.1. These are the last dates to receive any support for these product versions. After these dates, these versions are obsolete and no support will be available.

Product Migration - For customers using EAA Client versions prior to 2.4.0, migrating to newer EAA Client versions, will require the older EAA Client to be uninstalled before the newer EAA Client is installed.

When moving to EAA Client version 2.1.0 and later, a new akamai-device-id is generated. EAA activity reports, Clients overview dashboard, Device Posture dashboard may include old akamai-device-id, resulting in inaccurate statistics until the old akamai-device-id is purged after 90 days. For more information, see Device ID (akamai-device-id) updates with EAA Client installation and upgrades.

EAA and EAA Client limitations.

• EAA SCIM directory does not support password mapping. Users with password attributes configured in Okta are not synced to EAA.
• EAA browser-based RDP application is not compatible with the latest Chrome (Version 94.0.4606.71)
• In EAA, for the Okta SCIM directory, the users displayed include both active and inactive users. Okta doesn’t send delete requests but only deactivates users. This causes a mismatch in the user count between the Okta (SCIM source) and EAA SCIM directory (SCIM target).
• ​If you edit a certificate profile’s name, the previous name may still display on the Device Details page for up to 30 minutes.

Fixed customer bugs.

• User diagnostics had discrepancies while showing user data for a given time range. This has been fixed.
• User diagnostics shows data in bytes, kilobytes, megabytes, and gigabytes correctly.
• The default instance type for the Azure connector is changed to Standard_F4s_v2.
• EAA connector for Azure supports managed disk option.
• Duplicate users are not seen when you change organizational unit (OU) in groups.
• Group membership changes are considered in ACLs (access control list) when used for app access for a SAML identity provider.

On November 4, 2021, the data status flags in Billing have been modified.

What’s changing

Previously, two statuses were used to reflect the status of your data - In progress and Final. We’ve updated the statuses to provide a more precise view of your data.

The new data status flags are:

• Collecting data. Data is collected through the end of the month and is used to prepare your invoice.

• Data collected. Data collection is complete. The invoice is being prepared, if you’re expecting one. If you had contract changes, data will be adjusted to reflect them.

• Data finalized. Data has been finalized on the invoice.

Note:

• With the introduction of the new Billing application, Akamai will decommission the legacy Billing Center application user interface on February 7, 2022. You need to ensure any scheduled reports that exist in Billing Center are recreated in the new Billing application.

• The legacy Billing Center APIs will be decommissioned on August 24, 2022.

New Features

New frozen rule format available for PAPI users: v2021–09–22.