- Security Connector upgrades
- ETP Client upgrades
- System issues
Alerts are notifications that are sent to specific administrators or users with event information. Alerts are sent based on the Send Alert setting in a policy. For example, if the Send Alert setting is enabled for known threats in the Malware threat category, an alert is sent whenever a known Malware threat is detected and an event is logged in Enterprise Threat Protector (ETP).
When a new alert is triggered, users receive notifications at near real-time. If additional alerts are detected within a five minute period of sending out a notification, the user is notified about these alerts after the five minute period.
Users may receive alerts for inline or lookback events. Inline events are events that are detected at the time of access, while lookback events are discovered by threat intelligence after access.
Data in alert notifications are organized by domain. If multiple locations are associated with alerts, alerts are also organized by location. Email notifications contain important information about the alert such as the associated policy and list, the reason a threat was identified, as well as the action taken on the alert.
If your organization is enabled to do so, an ETP super administrator can associate specific locations to an alert notification email address. This means that alert notifications can contain information based on the locations that the recipient is allowed to receive information about. To enable this feature in ETP, contact your Akamai representative.
- If a location is assigned to a policy that’s enabled with the ETP Proxy, the email notification contains additional information that is specific to HTTP traffic such as URI and the total number of HTTP threat events.
- A maximum of 200 domains are listed in the email. To view additional information, users must log in to Enterprise Threat Protector. If the email is in HTML format, links to related ETP pages are also provided. For information on the data that is in an alert notification email, see Data in alert notifications and scheduled reports.
- By default, all notifications are sent in HTML format. However, an administrator can choose to send alert notifications in HTML or text format. The format you select applies to all users configured to receive alert notifications.
Security Connector and ETP Client upgrades
Administrators can enable users to receive notifications about Security Connector and ETP Client upgrades. These notifications are sent in HTML format.
For Security Connector upgrade notifications, you can also enter email addresses on the Security Connector page.
- Configuration issues in
ETP. ETP sends notifications when a domain for a location
resolves to an invalid IP address. ETP sends out an email notification with the location name,
domain, and the IP address.
This email notification only applies if your organization is enabled with the dynamic DNS feature. For more information, see Locations and dynamic DNS.
- Expiring certificate for ETP Proxy. ETP sends a notification when the TLS man-in-the-middle (MITM) certificate that was generated or uploaded to ETP is scheduled to expire in 30 days or less. Administrators set to receive System Issues communication emails are sent an email notification until a new certificate is uploaded or generated. For more information, see ETP Proxy as a TLS intermediary.