New Features

• DNS over HTTPS (DoH) support in Answer Cloud, Managed, Licensed, and SPS Shield. DNSi AnswerX and SPS Shield customers may now use DNS-over-HTTPS (DoH) protocol. This feature helps increase security by encrypting the DNS lookups made by users’ DoH enabled web browsers.
• SPS Shield customers.  Allow customers may now add or remove domains to their custom allow/block lists using Akamai’s Reputation Knowledge Server API.
• AnswerX Cloud/Managed and SPS Shield operation dashboard reporting improvement. Top Domain Events reports in AnswerX Operation Dashboard are improved to display additional category types: Malware/Phishing/BotNet/Spam/Unclassified. This helps operators determine the reason associated with a block event.

The latest release for the Reporting application includes these enhancements: * Your filters and dates for reports within Traffic family carry over when you switch between reports - for selections applicable in destination report. * Date picker is now available from the filter panel to provide a single place for all applicable filters selection. * Quicker load time. You no longer have to wait for the report to load before applying your own filters. You will be asked to apply filters before report data call initialization.

New features:

• Google Cloud Storage support. DataStream 2 now allows you to choose Google Cloud Storage as a destination to send your Akamai logs and receive data. See the DataStream 2 User Guide for details on how to configure Google Cloud Storage for your stream.

• JSON log format support. To ensure the smooth migration of customers from DataStream 1 to DataStream 2, the application now supports JSON log format in addition to the CSV format. DataStream 2 users have the ability to choose and configure JSON as the log format, and visualize the sample JSON logs in the application. The JSON log format works for all supported DataStream 2 destinations.

• Increased number of properties per stream. We are increasing the number of properties that you can associate with one stream from 3 to 100 properties. See the DataStream 2 User Guide for steps and details.

Other updates:

• Structured format logs. The existing CSV log format has been renamed Structured with no changes to this functionality except for the display name in the application.

New features:

• Google Cloud Storage support. DataStream 2 now allows you to choose Google Cloud Storage as a destination to send your Akamai logs and receive data. See the DataStream 2 User Guide for details on how to configure Google Cloud Storage for your stream.

• JSON log format support. To ensure the smooth migration of customers from DataStream 1 to DataStream 2, the application now supports JSON log format in addition to the CSV format. DataStream 2 users have the ability to choose and configure JSON as the log format, and visualize the sample JSON logs in the application. The JSON log format works for all supported DataStream 2 destinations.

• Increased number of properties per stream. We are increasing the number of properties that you can associate with one stream from 3 to 100 properties. See the DataStream 2 User Guide for steps and details.

Other updates:

• Structured format logs. The existing CSV log format has been renamed Structured with no changes to this functionality except for the display name in the application.

Enterprise Threat Protector (ETP) Client Version 3.3.2

A new version of the ETP Client is now available. This release contains a number of bug fixes, including improved support for Static DNS configurations in machines, a minor IPv6 support fix, and fixes to DNS-Over-TLS handling.

To improve the EdgeKV developer experience we’ve made the following improvements to our helper library:

• Validation messages now display the range of accepted response timeout values. You can set the wait time between 1 and 1000 milliseconds.
• When null is passed in for a namespace, group, or item we now provide a JavaScript error inside the EdgeWorkers function.
• We added more details in cases where origin sends a JSON exception message in a response.
• An error message now appears if you attempt to create an EdgeWorker bundle that contains an expired or invalid EdgeKV access token.
• We now provide a warning message if an access token is due to expire.

Script Management Updates:

• You can now apply the defer and block actions to a script by adding a regex or a script URL to the Override List. The Override List automatically defers or blocks any matching scripts. This can useful when managing third party scripts that regularly change their name and version number.
• The Script Management dashboard also displays which scripts have been added to the Override List.
• See Create an Override List in the Script Management documentation for more information.

IoT Edge Connect has been updated to help support global real-time scale, performance and stability to meet the requirements of customers moving forward. The updates include:

Updated session takeover behavior

• The session connection behavior now allows clients with duplicate credentials to connect to the broker. A client can connect to the service only if the client ID and credentials are valid and signed with the requisite key.

• When two publishers connect with the same client ID within different network segments, the previous client is not disconnected as before. Both publish without issues, and the subscribers receive messages from both publishers.

• When two subscribers connect with the same client ID, the previous client will be disconnected, when the same broker is involved. In case of two different broker nodes, both will continue to operate without issues. Both clients will receive messages depending on their respective subscriptions.

We recommend that you ensure clients do not connect with duplicate client IDs and credentials to avoid connection issues.

QoS 2 support deprecated

• Message publication and subscription at QoS level 2 is no longer available, as the extra overhead for message flows increased latency. We recommend using QoS 1 message semantics for reliable messaging flow between devices and applications.

• When a client attempts a QoS 2 subscription, the request will succeed, and the service will respond with a maximum indicated QoS 1 level. Messages will be delivered at QoS 1 and QoS 0. If a client attempts to publish at QoS 2 level the request will trigger the connection to be closed.

Other updates:

• QoS 0 messages removed. QoS 0 messages will no longer be available via the message stream REST API. This is to ensure that the reliable messages at QoS 1 can come first over unreliable messages when being ingested into a cloud application.

• ACL violations no longer reported by connection monitoring. ACL violations at the edge will no longer be forwarded to the connection monitoring log. This ensures that a poorly or maliciously configured client can not execute a resource starvation attack on the backend services of IoT Edge Connect. We recommend that you ensure credentials match ACLs and enhance client debug to detect misconfigured devices at source.

• Duplicate QoS 1 messages. Whenever the broker sends a duplicate message to a QoS1 topic subscriber, the DUP flag might not be set for the duplicate messages as a requirement in the MQTT Publish packet. As a result, they might be treated as two separate messages. To work around this issue, you can use an application-level sequence ID embedded in the payload to deduplicate the received messages.

Performance best practices:

To avoid message loss, high latency or connectivity issues, we recommend that the total messages limit for one subscriber across all topics should not exceed 50 messages per second. For instance, if you subscribe to three topics with three separate publishers for these topics, the publishing rate for each could be 20 messages, 15 messages and 10 messages per second respectively.

Release Notes: Cloud Interconnects for Google Cloud (GCP) - Limited Availability

New features:

• Updated behavior that enables you to maximize egress discounts for Google Cloud origins. Available for Ion Standard, Ion Premier, and DSA.

• Updated Cloud Interconnects Traffic Report that helps you to confirm the value of using Cloud Interconnects for Google Cloud.

• Updated Origin IP ACL.  Please refer to latest documentation or the Firewall Rules app in Akamai Control Centre (ACC) for the updated list.

Known Issue: Cloud Interconnects Traffic Report does not properly reflect PNI traffic in the US. We are working to quickly resolve this issue.

The latest release for Case Management includes:

• The Carrier Case severity updated. The Carrier team can now be a part of ongoing changes and improvements made to the technical case record type. 
• Bug fixes.