Set up ETP Client

Complete these steps to set up, download, and distribute ETP Client.

How to

  1. Log in to ETP. For more information see Log in to ETP.
  2. Make sure that the external IP address of all exit points or gateways in the network are already configured as locations in ETP. These locations allow ETP to identify when traffic is coming from machines that are on or off the corporate network. To add or modify a location, see Create a location or Edit a location.
  3. Configure the behavior of ETP Client. For more information, see Configure ETP Client.
  4. Configure the internal IP addresses and DNS suffixes that end users can access in the corporate network. For more information, see Configure internal IP addresses and DNS suffixes.
  5. Create your organization's policy or policies, and assign them to the locations you configured:
    • To use ETP Client with the full web proxy, enable the proxy in policies that are assigned to the locations you defined. Depending on whether your deployment includes an on-premises proxy, you can also configure ETP Client 3.0.4 or later as a proxy on the client computer. For more information, see Enable full web proxy.
    • To secure connections from ETP Client to ETP with DNS over TLS (DoT), select the DoT mode in the policy settings. By default, the mode is Always Attempt. You can change this setting and select the port that’s used. For instructions, see Configure DNS-over-TLS settings.
  6. Assign a policy to the Off-Network ETP Clients location. For more information, see Assign a policy to the off-network location.
  7. Download ETP Client. For more information, see Download ETP Client.
  8. If you or an IT administrator are installing ETP Client for the first time:
    1. Verify that the installation file is digitally signed by Akamai.
    2. Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.
    3. Test the ETP client software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.
    4. Update the enterprise firewall, on-premise proxy, and whitelists to allow Enterprise Threat Protector to access Akamai infrastructure. For more information, see Update enterprise firewall, on-premise proxy, and allowlists.
    5. Distribute and install ETP Client on corporate machines. For more information, see ETP Client installation.
  9. If you or an IT administrator are upgrading ETP Client:
    1. Verify that the installation file is digitally signed by Akamai.
    2. Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.
    3. Test the ETP Client software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.
    4. Approve ETP Client. For more information, see Approve ETP Client.
    5. Configure how ETP Client is upgraded. For more information, see Configure ETP Client upgrade type.
  10. Add the email addresses of those you want notified about upgrades to ETP Client. For more information, see Add email addresses for notifications and Assign email notifications.