Enterprise Application Access (EAA) updates.

​Akamai​ EAA new features

Self-service password reset for Active Directory (AD) users. End-users can reset their password as a self-service without contacting the IT department of the company. This reduces the friction for the end-user and also reduces administrator overload from routine password-reset tasks.

Accessibility Improvements in Login Portal. In adherence with the WCAG (Web Content Accessibility Guidelines), we have made improvements to the Login Portal so that it is accessible by people with visual, cognitive, and neurological disabilities, who rely on screen readers and keyboards. More intuitive labels, and easily navigable options with screen readers navigating in the correct order has been implemented.

Block transfer to ICAP server using different blocking methods. You can block file transfer to an ICAP server using different blocking methods like specific HTTP status codes, certain values in the HTTP response header, or with a data loss prevention (DLP) message that matches specific keywords in the HTTP message body. In addition, you can send or block traffic when the ICAP server is down.

Real time connector metrics using Amazon Cloudwatch SIEM. EAA Connector Metrics can be sent to Amazon CloudWatch SIEM. This allows you to easily monitor, analyze, investigate any health issues, security incidents, and perform data visualization for your EAA Connectors.

Direct Connect for Edge Transport based tunnel applications. (beta) You can now enable direct connect mode for edge transport based tunnel applications and use a direct connection between the application and the end user with GPA Client, instead of the edge network, where you may see improved performance and lower latency for application access. This is a beta feature. Contact Akamai support to enable this feature.

Fixed customer bugs

• Unified Connector could not communicate with the Linode Registry. This issue has been fixed with the latest connector release which involves a kernel upgrade fix and makes it compatible with VMWare ESXi 7.0 version.
• Syncing users and groups in multi-domain Active Directory, using the Global catalog server option has been resolved.
• Directory Sync issues with the message “Directory is unreachable. “Server Pool” object has no attribute ‘info’ “ when you run Connectivity Test and Directory Diagnostics has been addressed.
• End-users were experiencing unexpected or random lockouts from the IdP login portal even when they provided valid credentials while using the Temporary User Lockout feature. This was caused by LDAP errors when the directory was unreachable, concurrent login requests which were incorrectly counted towards Account Lockout Failed Attempts. These issues have been fixed.
• When an end-user fails to log in due to incorrect credentials (username or password) a specified number of times, their account is locked for a set duration. Subsequent incorrect login attempts made during the initial lockout period will reset the lockout timer, extending the duration of the lock.