A location is a public IP address or a named collection of public IP addresses that belong to a region or geographic area in your network, such as a CIDR block for an office branch or your company headquarters. A location allows you to implement Zero Trust architecture by segmenting your network into multiple microperimeters. Locations are secured with ETP policy. For more information on policies, see Policies.
Note: Organizations can also configure a dynamic DNS domain name for a location. For more information, see Locations and dynamic DNS.

Enterprise Threat Protector (ETP) includes a default location for unidentified IP addresses. This location applies to roaming users or users who are usually remote and make DNS requests from unexpected IP addresses. The Unidentified IPs location is not configured with any IP address or CIDRs. You also cannot edit this location.

From the Locations page, you can add, edit, and delete locations. You can also select whether to allow or block traffic from the Unidentified IPs location.

When creating a location, remember:

  • You must provide the public IP address of your Active Directory or other local DNS server that is used to communicate with ETP.
  • You cannot assign a location IP address to other ETP locations in your network.
  • You cannot configure a location with an IP address that is claimed or used by another organization. If you believe your organization owns an IP address that you cannot configure as a location, contact Akamai Support.
  • For a location, ETP currently supports a maximum CIDR block of /16 for IPv4 and /48 for IPv6.
  • A location configuration requires a policy assignment. If you do not assign a policy to the location, the location is automatically assigned to the default policy. You can assign the same policy to multiple locations or you can create different policies for locations in your network.

When you create, modify, or delete a location, you must deploy these updates to the ETP network. Changes to location settings, as well as other configuration settings such as policies or custom lists, are captured in the Pending Changes window for you to review. After you click the deploy button, the deploy operation typically completes in 20-30 seconds.

If you enable authentication in your enterprise, you can provide the internal IP addresses of headless computers or devices that you want exempt from authentication. A location configuration allows you to enter these IP addresses. For more information, see User authentication and group policies.

An enterprise can add a maximum of 7,000 CIDR entries for locations. If your organization needs to add more CIDR entries, contact your Akamai representative.