Enterprise Threat Protector (ETP) now includes these features and enhancements:

Deploy Security Connector 2.6.0 with Microsoft Hyper-V. In addition to deploying Security Connector with VMware ESXi, you can now download Security Connector 2.6.0 and deploy it with Microsoft Hyper-V. On Hyper-V, you can deploy Security Connector with a PowerShell utility script or manually with a virtual hard disk image file. Administrators can also upgrade to version 2.6.0. Like version 2.5.0, this version allows your organization to direct malicious HTTP and HTTPS requests to Security Connector.

Security Connector health status. The status of Security Connector is now more accurately reported in ETP and in the UI of the Security Connector VM console. A new Health Status page is available from the main menu of the security connector console. On this page, an administrator can view whether Security Connector is in a healthy state or in an unhealthy state due to a failure. If there’s a failure, an administrator can identify the specific operation where it occurred.

New default dimensions on Dashboard for threat events. By default, the dashboard now shows threat event data based on category, threat name, and severity. To show data for other dimensions, click the down arrow that’s associated with a threat event chart and select a new dimension.

Additional threat information now available. ETP administrators and viewers can:

• View the threat name associated with a threat event.
• Filter threat events by its name and severity level. A Threat Name and Severity dimension is available for this purpose.
• Search by the threat name on the Indicator Search page. In the search results, this page shows:
  • A description that details how the threat spreads and impacts a network.
  • Other names for the threat
  • Severity level
  • Threat type. For example, if it’s a worm, trojan, malware, or another threat type.
  • External links to resources on the Internet with more information.
  • A graph that illustrates the number of events generated by the threat in the last 24 hours, 7 days, 30 days, and this month.

Enterprise Application Access (EAA) 07/26/19 software release

Akamai EAA Client New Features

IPv4-based access for tunnel applications. EAA Client extends zero trust access functionality to access applications defined by IPv4 addresses. 

Captive portal detection. EAA Client detects the presence of captive portals and gracefully reconnects when network connectivity is established. 

On-premises network detection. Based on network policies configured by an EAA administrator, EAA Client can detect if a user is on-premises. In this situation, the client allows direct access to enterprise applications that bypass access through the proxy.

Akamai EAA Client Usability Improvements

Client menu simplification. The EAA Client menu is now more intuitive and includes tooltips to guide end users. The Setting menu provides improved logging capabilities. New settings names and menu organization allows users to complete advanced operations more easily. These operations include checking diagnostics, viewing the network type and status, accessing the synchronize and reset functions, and downloading the latest version of the client software.

Known Limitations

EAA Client

• After you upgrade to the latest version of EAA Client (version 1.3.X), you cannot downgrade to the previous version (version 1.2.X). Rolling back to version 1.2.X requires that you uninstall version 1.3.X and reinstall version 1.2.X of the EAA Client.

• You will not be able to configure the EAA Client from the IdP login portal on a Microsoft EDGE browser. Use alternative browser like Chrome.

• When connecting to a captive portal on a Mac, the captive portal may block all outgoing traffic. In this situation, the client shows that the network type is NONE. EAA Client cannot reliably detect whether the end user is on a public network or a captive portal.

• When the user is connected to both trusted and untrusted networks on two different networks, EAA Client inconsistently detects whether the user is on a trusted network or a public network.

• The identity provider (IdP) name may not appear in the EAA Client. To resolve this issue, quit and restart the EAA Client.

• On macOS, clicking logout in the client may cause all menu options to gray out. To resolve this issue, open the Activity Monitor application in the Utilities folder of the Mac. Select EAA Client and then click the quit icon. In the dialog that appears, select Force Quit.

• When adding multiple IPv4 addresses to a “Tunnel” type application, you are limited to adding a maximum of 214 IPv4 addresses to an application. If you have more than 214 addresses, you must add additional tunnel applications as needed.

Enterprise Application Access

• When accessing an application, an IdP session is not saved between browser tabs on these versions of Microsoft Edge and Internet Explorer: Microsoft EdgeHTML: 17.17134, Microsoft Edge: 42.17134.10, IE: 11.590.17143. If a user opens a new tab in these browsers, they are prompted to enter their Login Portal credentials again.

• When using the Login Portal with a Microsoft Edge or Internet Explorer browser, a user may experience multiple UI issues such as long loading times, the favorite icon (heart symbol) not appearing, and more.

• If you open the print dialog in a remote desktop protocol (RDP) server session and you then click the desktop before making your selections, the dialog may disappear. To workaround this issue, you must open the print dialog again.

• If only DNS server settings are changed in network interfaces, on-premise network monitoring may not detect that the network type has changed from or to a trusted network.

• When there are multiple data centers that have the same network configuration, connectors assigned to these data centers should not be associated to a single tunnel application.

Change to CDN Edge Time Calculations

Effective July 23, 2019, mPulse’s CDN Edge Time calculations, such as All Asset CDN Edge Time, are calculated differently.

Prior to this change, Edge Time calculations rounded down. For example, 0.1 ms was rounded down to 0 ms. Now, Edge Time calculations round up. For example, 0.1 ms will round up to 1 ms. This affects mPulse as data with the value of “0” is not included in charts, tables, or median calculations. Sites with many Edge Times rounding down to 0 ms would have had those data points excluded, which skews reporting by only including data with a value over 0.5 ms.

Prior to this change, if you had many reported 0 ms Edge Times, you might see a reduction in their median Edge Times going forward, since the faster data points will now be included as 1 ms.

Enterprise Threat Protector (ETP) now includes these features and enhancements:

Exception Lists. An ETP administrator can now create a list with the domains and IP addresses they want directed to the origin without Transport Layer Security (TLS) decryption or ETP protection. An exception list bypasses ETP Proxy. This feature allows your organization to maintain the privacy of users who access trusted websites with sensitive information. Like a custom list, you create an exception list and assign it to a policy configuration.

Bypass action for Exception Lists. When you add an exception list to a policy, the bypass policy action is automatically assigned to the list. This action resolves requests to the origin IP address. If ETP proxy is enabled, the request is not decrypted with TLS. It is sent directly to the destination web server. While no event is logged on the Event Analysis page for bypassed traffic, domains are logged on the Network Traffic tab of the Activity page.

Client Connector now called ETP Client. Client Connector is now called ETP Client. The tab on the Utilities page and the client configuration settings now refer to the new ETP Client name.

Luna Experience End-of-Life

On July 8, 2019, the Luna Control Center experience (“classic Luna”) was sunset and is no longer available. The new Control Center was released in early May and offers a modern design, new homepage, streamlined navigation, and more core services to enhance the experience. 

More details can be found on the Community.

The latest update for the Support Home release includes:

• Premium 3.0 service and support level is now available.
• Compliance & Audit link has been removed from the Support Home menu.
• New UI banner has been added to the Support Home page.
• Standard bug fixes.

The latest update for the Akamai University release includes:

• Premium 3.0 service and support level is now available.
• Standard bug fixes.

The latest update to mPulse includes the following bug fix:

• Re-enabled the capability to add multiple domains in the mPulse session tracking UI without requiring a cross domain tracking URL.

The latest update for the Diagnostics Tools release includes:

• Web help link on Diagnostics Tools home page now points to the newer version of the documentation.
• The Flash Debug Player tool has been removed. It is no longer available on the Diagnostics Tools home page. Advance email communication was sent out to all active users on the 22nd of May, 2019.
• Standard bug fixes.

Android Exoplayer v2.9 Loader

Features

The new Android loader for Exoplayer v2.9 supports the following features:

• Multiple player instance tracking
• IMA Ad tracking
• Playlists