The latest update for CloudTest includes the following features, enhancements, and bug fixes:

Enhancements

• New GCE instance types.
• New GCE locations.

Bug Fixes

• Fixed an issue with creating a report with multi-results that caused an error dialog.
• Fixed the Linux Conductor download link.
• Corrected an issue with Conductor when using console to specify proxy and no proxy user.
• Fixed an issue with grid order of operations that can cause an incorrect grid state.

Enterprise Application Access (EAA) November 2021 software release

EAA Client Versions

• EAA Client for Windows: version 2.6.0
• EAA Client for macOS: version 2.6.0
• EAA Client mobile app for iOS: version 2.1.0
• EAA Client mobile app for Android: version 2.1.0

Akamai EAA New Features

Okta SCIM Integration. You can provision users and user group memberships from Okta (AD) to EAA Directory using the System for Cross-domain Identity Management (SCIM) 2.0.

Enterprise DNS request onboarding improvement. The EAA Client intelligently onboards DNS SRV (Service) and DNS PTR (Pointer) requests. DNS SRV (Service) requests are onboarded when the target (hostname) in a request matches a DNS suffix configured in an EAA DNS Application. DNS PTR (Pointer) requests are onboarded when the IP in the request matches the destination IP specified in an EAA Client Application.

New Attributes in Access Logs. Additional attributes have been added to the access logs: Connector IP (clientless access only), Connector ID (clientless access only), Connector Source Port (clientless access only), Device UUID, Access Control that Denied Access, Bytes In and Bytes Out.

Health Monitoring APIs. APIs for connector and application health monitoring are available.

EAA SDK Deprecation. The EAA SDK is being deprecated and support for the EAA SDK will end July 2022. Customers using the EAA SDK should switch to the EAA Open APIs.

Strict validation of SCIM Attribute Mappings. EAA will perform strict validation of attributes that it receives in the SCIM payload. If the SCIM payload has attributes that have not been mapped in the EAA SCIM Directory, then the EAA SCIM service will respond with an error.

EAA Client Operating System Support.

The EAA Client 2.6.0 supports these operating systems: Microsoft Windows 7, current Microsoft supported versions of Windows 10 x86(32-bit) and x64(64-bit), Apple macOS 10.14 (Mojave), 10.15 (Catalina), and 11 (Big Sur). The EAA Client leverages Rosetta translation so a single binary can be used for both Intel-based and Apple M1-based devices.

  Akamai EAA End of Support/Service for EAA Client.

EAA Client version 2.2.0, 2.3.0, 2.3.1 End of Service / Support - From February 28, 2022, Akamai will no longer support EAA Client versions 2.2.0. From April 30, 2022, Akamai will no longer support EAA Client versions 2.3.0 and 2.3.1. These are the last dates to receive any support for these product versions. After these dates, these versions are obsolete and no support will be available.

Product Migration - For customers using EAA Client versions prior to 2.4.0, migrating to newer EAA Client versions, will require the older EAA Client to be uninstalled before the newer EAA Client is installed.

When moving to EAA Client version 2.1.0 and later, a new akamai-device-id is generated. EAA activity reports, Clients overview dashboard, Device Posture dashboard may include old akamai-device-id, resulting in inaccurate statistics until the old akamai-device-id is purged after 90 days. For more information, see Device ID (akamai-device-id) updates with EAA Client installation and upgrades.

EAA and EAA Client limitations.

• EAA SCIM directory does not support password mapping. Users with password attributes configured in Okta are not synced to EAA.
• EAA browser-based RDP application is not compatible with the latest Chrome (Version 94.0.4606.71)
• In EAA, for the Okta SCIM directory, the users displayed include both active and inactive users. Okta doesn’t send delete requests but only deactivates users. This causes a mismatch in the user count between the Okta (SCIM source) and EAA SCIM directory (SCIM target).
• ​If you edit a certificate profile’s name, the previous name may still display on the Device Details page for up to 30 minutes.

Fixed customer bugs.

• User diagnostics had discrepancies while showing user data for a given time range. This has been fixed.
• User diagnostics shows data in bytes, kilobytes, megabytes, and gigabytes correctly.
• The default instance type for the Azure connector is changed to Standard_F4s_v2.
• EAA connector for Azure supports managed disk option.
• Duplicate users are not seen when you change organizational unit (OU) in groups.
• Group membership changes are considered in ACLs (access control list) when used for app access for a SAML identity provider.

On November 4, 2021, the data status flags in Billing have been modified.

What’s changing

Previously, two statuses were used to reflect the status of your data - In progress and Final. We’ve updated the statuses to provide a more precise view of your data.

The new data status flags are:

• Collecting data. Data is collected through the end of the month and is used to prepare your invoice.

• Data collected. Data collection is complete. The invoice is being prepared, if you’re expecting one. If you had contract changes, data will be adjusted to reflect them.

• Data finalized. Data has been finalized on the invoice.

Note:

• With the introduction of the new Billing application, Akamai will decommission the legacy Billing Center application user interface on February 7, 2022. You need to ensure any scheduled reports that exist in Billing Center are recreated in the new Billing application.

• The legacy Billing Center APIs will be decommissioned on August 24, 2022.

New Features

New frozen rule format available for PAPI users: v2021–09–22.

Release Notes: Property Manager

Performance improvements and bug fixes.

New Features

New frozen rule format available for PAPI users: v2021–07–30.

New version of ETP mobile client is now available

The Enterprise Threat Protector (ETP) mobile client is now in limited availability and supports bring your own device (BYOD). With BYOD, end users can activate ETP Client on their personal devices without using the enterprise-wide entitlement code.

The following applies in this update:

• After the client is installed, the user is prompted to activate the client with a one-time activation code (OTAC). If the user does not have this code, the client lets users request it. The activation code and a link to activate the client on the device is emailed to the authorized user’s corporate email address.
• To email activation codes, administrators must configure authorized corporate domains in Enterprise Center. Administrators should not provide email domains that are associated with public email providers and therefore, accessible to unauthorized users.
• From Enterprise Center, administrators can send users an email invitation that contains the activation code. Administrators can also choose to generate a CSV file with activation codes and manually distribute these codes to users offline. After the activation codes are generated, they are valid for one week (7 days).
• When generating an OTAC in Enterprise Center, administrators should specify the user’s email address or a user ID in the User’s List. This allows administrators to associate events with the users who trigger them. This email address or user ID appears in the Device Owner dimension that’s available in ETP event and activity reports.
• While users provide an activation code or use the deep link in the email to activate the client on their device, the entitlement code is still supported for administrators. Administrators can enter this code when performing client installations.

The new mobile client version is available for download in the Apple App store and Google Play. For more information on BYOD and distributing the mobile client, see the ETP documentation.

The latest update for CloudTest includes the following features, enhancements, and bug fixes:

Enhancements:

• Added new R5 and C5 server types to CloudTest grids.

Bug fixes:

• Fixed an issue with the AWS China location.
• Fixed an issue with the Mac Conductor download.

We’re excited to announce the release of new Billing and Invoicing APIs giving access to usage and invoicing information. 

What’s changing

The Billing API offers a programmatic alternative to Usage by Product, Usage by Contract, and Usage by Reporting Group reports available in the Billing Control Center interface, while the Invoicing API allows you to access your Akamai invoices and credit memos. For more information, refer to the documentation of Billing and Invoicing APIs.

The legacy Billing Center APIs will continue to work until August 24, 2022. 

Enterprise Threat Protector (ETP) Client 3.5.0 is now available

A new version of ETP desktop client is now available. This update includes bug fixes, as well as a feature that is in limited availability. Make sure you upgrade clients to this new version. If your enterprise is using version 3.4, upgrade the client or force an automatic upgrade to version 3.5.

This feature is now in limited availability:

• Walled Garden. You can use ETP Client to allow Internet access only to a specific set of domains.

To try this feature, contact your Akamai representative.

Enterprise Threat Protector (ETP) Release, August 18, 2021

The following updates are included in this release:

New Risky Threat Categories. Akamai has added risky categories to the threat settings of a policy. These risky categories include Adware, Coin Mining, Newly Seen Domains, Newly Registered Domains, Potentially Harmful Domains, and DNS Tunneling services. Before this update, risky domains were tracked in a policy setting where administrators could select an action that would send all risky domains to the proxy for scanning. With these new risky categories, you can select an action for each category.

Option to remove a risk level from a policy. When configuring application visibility and control (AVC) and an acceptable use policy (AUP), an administrator can now remove a risk level from the policy configuration.

File hash exception lists. File hash lists are now called file hash exception lists.

Bug fixes and UI enhancements. This release includes updates to the user interface and bug fixes.  
 
Important: The ETP legacy user interface will reach its end of life in December 2021. Please use the new Enterprise Center user interface to complete all your ETP operations.  
 
The following features are currently in beta:

Sub-locations. You can now configure sub-locations for ETP locations. A sub-location can represent different virtual local area networks (VLANs) that are routed to the Internet with the same IP address as the parent location. This feature allows you to apply different policies to your sub-locations and in turn, define more granular access.

Local breakout for bypass domains. The Local Breakout for Bypass Domains setting is enabled by default in a policy to ensure that domains configured in ETP for bypass are directed to the origin from the branch or enterprise network. Disable this option if your network does not have a direct route Internet and cannot access these origins.

Changes to ETP policy logic. These updates include:

• Prioritization of custom exception and block lists. If the domain, IP address, or URL found in a custom block or exception list is also found in Akamai Security lists, the Microsoft 365 list, or in an AUP and AVC configuration, the policy action associated with the custom exception or block list takes priority.

• Updated handling of policy conflicts. In addition to prioritizing the policy action of a custom exception or block list, the following also applies:

  • If the same domain with different suffix lengths is specified in multiple custom lists (for example, in multiple block or exception lists) or in multiple ETP lists (for example, in multiple acceptable use policies), ETP enforces the policy action assigned to the longest address.
  • If the same domain, IP address, or URL is configured in multiple custom lists or in multiple ETP lists with conflicting policy actions, ETP selects the action based on this priority:
    1. Bypass
    2. Block
    3. Monitor
    4. Classify
    5. Allow

 
To try any of these beta features, contact your Akamai representative.