Communication emails

The Communication page allows you to enter the email addresses of administrators or users who you want to receive notifications about:
  • Alerts
  • Security Connector upgrades
  • ETP Client upgrades
  • System issues

Alerts

Alerts are notifications that are sent to specific administrators or users with event information. Alerts are sent based on the Send Alert setting in a policy. For example, if the Send Alert setting is enabled for known threats in the Malware threat category, an alert is sent whenever a known Malware threat is detected and an event is logged in Enterprise Threat Protector (ETP).

When a new alert is triggered, users receive notifications at near real-time. If additional alerts are detected within a five minute period of sending out a notification, the user is notified about these alerts after the five minute period.

Users may receive alerts for inline or lookback events. Inline events are events that are detected at the time of access, while lookback events are discovered by threat intelligence after access.

Data in alert notifications are organized by domain. If multiple locations are associated with alerts, alerts are also organized by location. Email notifications contain important information about the alert such as the associated policy and list, the reason a threat was identified, as well as the action taken on the alert.

If your organization is enabled to do so, an ETP super administrator can associate specific locations to an alert notification email address. This means that alert notifications can contain information based on the locations that the recipient is allowed to receive information about. To enable this feature in ETP, contact your Akamai representative.

These conditions also apply:
  • If a location is assigned to a policy that’s enabled with the ETP Proxy, the email notification contains additional information that is specific to HTTP traffic such as URI and the total number of HTTP threat events.
  • A maximum of 200 domains are listed in the email. To view additional information, users must log in to Enterprise Threat Protector. If the email is in HTML format, links to related ETP pages are also provided. For information on the data that is in an alert notification email, see Data in alert notifications and scheduled reports.
  • By default, all notifications are sent in HTML format. However, an administrator can choose to send alert notifications in HTML or text format. The format you select applies to all users configured to receive alert notifications.
You can also add email addresses for alert notifications on the Policies page. An area is provided where you can enter an email addresses or paste email addresses of alert notification recipients. By default, email addresses added on the Policies page are configured to receive alert notifications with data for all locations. To select the specific locations that a user receives notifications about, see Assign locations for alert notifications.
Note: If your organization uses a ticket tracking system, such as ServiceNow, you can provide a ticketing system email to automatically create a ticket for each alert.

Security Connector and ETP Client upgrades

Administrators can enable users to receive notifications about Security Connector and ETP Client upgrades. These notifications are sent in HTML format.

For Security Connector upgrade notifications, you can also enter email addresses on the Security Connector page.

System Issues

When enabled for notifications about system issues, administrators receive emails about the following:
  • Configuration issues in ETP. ETP sends notifications when a domain for a location resolves to an invalid IP address. ETP sends out an email notification with the location name, domain, and the IP address.

    This email notification only applies if your organization is enabled with the dynamic DNS feature. For more information, see Locations and dynamic DNS.

  • Expiring certificate for ETP Proxy. ETP sends a notification when the TLS man-in-the-middle (MITM) certificate that was generated or uploaded to ETP is scheduled to expire in 30 days or less. Administrators set to receive System Issues communication emails are sent an email notification until a new certificate is uploaded or generated. For more information, see ETP Proxy as a TLS intermediary.