• New user interface for a policy. A new user interface is now available for a policy configuration. Administrators can now more easily assign a policy action and the response that’s delivered to users.

  These changes apply:

  • For an ​Akamai​ security category and a list in a policy, separate menus are provided to assign an action, the response to users, and a security connector.

  • If you select the Block action, you can then select the block type in the Response to User menu. In this menu, you can select Error Page, a specific custom response, or if ​SIA​ Proxy is disabled, you can also select Refused Response. These settings allow you to apply the actions that were formerly called Block – Error Page, Custom – Response, and Block – DNS.

  • To assign a Security Connector, you select the Block action and the Error Page response. After this is done, you can select a security connector from the Security Connector menu. These settings allow you to apply the action that was formerly called Block – Sinkhole. If you don’t want to assign a Security Connector to an Error Page response, in the Security Connector menu, you can select None.

  • The Allow policy action is now available for custom lists and top-level domain (TLD) lists only.

  • You can apply the same policy settings to all known and suspected threats associated with an ​Akamai​ security category, a custom list, or a TLD list.

  For more information about configuring a policy, see the online help.

• Security Connector 2.5.0 now in beta. Security Connector version 2.5.0 is now in beta and available for upgrade or download. This version allows your organization to direct malicious HTTP and HTTPS requests to Security Connector. To try version 2.5.0, contact your ​Akamai​ representative.

If you previously installed version 2.0.4 on end-user machines, you can upgrade Client Connector to version 2.0.5 or allow end users to upgrade the software. This new version of Client Connector is also available for download in ​SIA​.

• New CSV files available for locations. On the Locations page, an administrator can now download a CSV file that lists all locations. An administrator can also now delete many locations in one operation by uploading a CSV that contains the locations they want to delete.

• Custom list assignment for delegated and strict delegated administrators. A super administrator can now assign custom lists to a delegated administrator or a strict delegated administrator.

  A delegated administrator can:

  • Create new custom lists

  • Manage the custom lists that are assigned to them

  • Associate these custom lists to a policy that they created or are allowed to manage

    A strict delegated administrator can perform these operations as well. However, they cannot view the custom lists that they do not have permission to manage.

• New user interface for scheduled reports. Administrators can now more easily create and manage settings associated with scheduled reports.

• Dynamic DNS for locations (limited availability). Location page now indicates when the dynamic DNS domain associated with a location configuration is invalid or does not resolve to a valid IP address. If an administrator or ​SIA​ user is configured to receive communication emails about system issues, an administrator receives an email that lists locations with invalid DNS entries. An administrator can also generate a CSV that shows locations with these errors.

  This feature continues to be in limited availability. For more information, contact your ​Akamai​ representative.

• Update to custom lists in a policy. All custom and top-level domains lists are no longer included in a policy configuration by default. Administrators can now assign individual lists to a policy.

• New user interface for Custom Lists. A new user interface is available on the Custom Lists page (Configuration > Lists). In the new design, administrators can now associate domains and IP addresses to a custom list when creating the list. Likewise, administrators can now add top-level domains when creating a top-level domains list.

• Strict delegated access. When enabled for an organization, an ​SIA​ super administrator can assign a strict delegated administrator role and the locations and policies the delegated administrator is allowed to manage.

  A delegated administrator with restricted access can:

  • Create locations and policies

  • Manage assigned location and policies

  • View events and other reporting data based on the locations and policies they can access

    A strict delegated administrator cannot view locations and policies they did not create. They also cannot view other configuration areas of the product such as the Utilities page.

• Support for dynamic DNS in limited availability. Dynamic DNS for a location configuration is now in limited availability. When enabled for an organization, an administrator can configure a location with a persistent DNS hostname that resolves to dynamic IP addresses. To enable this feature, contact your ​Akamai​ representative.

​SIA​ now protects your network from threats that target HTTP and HTTPS traffic.

This version of Client Connector protects end-user machines that are on or off the corporate network.

• Updated acceptable use policy (AUP). In a policy configuration, new categories and detailed subcategories are available for ​SIA​ administrators to control the websites and content that end users can access in the corporate network.

• New user interface for Locations and Policies. ​SIA​ now includes a new and improved user interface when configuring or modifying a location or policy. On the Locations or Policies pages, administrators can also now search for locations or policies.

• New Client Connector reports. Client Connector area of the Utilities page now includes a new Reports subtab that contains more data about Client Connectors. In addition to pie charts that show errors and installed Client Connectors, a table is now available to show device information, software version, and the current status of installed Client Connectors. Administrators can also filter this data based on time, such as the most current data or data that was reported in the last day or month.

• Assign delegated administrator role. ​SIA​ super administrators can now assign the delegated administrator role to ​SIA​ users. When enabled for your organization, this feature is available from the Delegated Access tab on the Utilities page (Configuration > Utilities). To enable this feature, contact your ​Akamai​ representative.

• Assign locations to alert notifications. ​SIA​ super administrators can now assign specific locations to alert notification recipients. This allows administrators to define the locations that these recipients can receive information about. When enabled, this feature is available from the Communication tab of the Utilities page (Configuration > Utilities). To enable this feature, contact your ​Akamai​ representative.

• Actions for File Sharing and Risky Domains. When ​SIA​ Proxy is enabled, you can select to allow or examine risky domains and file sharing domains. Risky domains are domains that may be a threat because they are newly registered or discovered. File sharing domains are domains of file sharing applications or services. You can select to Allow or Classify traffic to these domains.

• Analyze policy action is now called Classify. The Classify action examines the full URL of a request. If a threat is discovered, a corresponding threat category is assigned to the URL. You can assign the Classify action to custom lists, risky domains, and file sharing domains.

• Support for certificates in binary (.der) format. ​SIA​ Proxy requires that you create an ​Akamai​ certificate or generate a certificate signing request to submit a subordinate certificate that’s signed by your organization’s certificate authority (CA). These certificates function as TLS certificates for the ​SIA​ proxy to intercept suspicious traffic. ​SIA​ now allows you to generate and submit certificates in binary (.der) format.

• Proxy logging modes now available. If ​SIA​ Proxy is enabled, administrators can select different logging levels to define some of the data that’s reported for HTTP or HTTPS traffic in ​SIA​. This setting is available in a policy configuration. The default logging mode provides details that’s most helpful for investigating events.

• Delegated administrative access. ​SIA​ now includes a delegated administrator role. After this role is assigned to a user in Control Center, an ​SIA​ super administrator can grant a delegated administrator access to specific locations and policies, allowing the delegated administrator to manage assigned location and policies.

  A delegated administrator can:

  • Add new locations and policies

  • Deploy configuration changes that they applied or were applied to the locations and policies they manage

  • View settings associated with most configuration features in ​SIA​, such as custom lists and quick lists

  • Schedule a report. Report results show data based on locations a delegated administrator can access

  • View and analyze event and activity data based on assigned locations

  • Download Client Connector and view reporting data that’s associated with Client Connector installations

  • Grant or revoke ​Akamai​ Support Access

    An ​SIA​ super administrator can assign a delegated administrator access to locations or policies on the new Delegated Access tab of the Utilities page (Configuration > Utilities). This tab is available to ​SIA​ super administrators only.

• Deploy window for Pending Changes. A new deploy window is available for configuration changes that are pending deployment. Prior to this release, there were different deployment options for custom lists, quick lists, policies, and locations. In this release, a Pending Changes tab is available on the right side of the configuration pages. ​SIA​ administrators click this tab to view all submitted configuration changes that are not yet deployed to the ​SIA​ network. Administrators can select specific changes they want to deploy or they can deploy all changes. Information about changes is also listed, such as what changed and who made the change.
  The Pending Changes window also offers:

  • A revert option to undo or delete a pending change. Any change that is reverted returns a configuration to its last deployed state.
  • When deploying a change, administrators can comment on the changes they are deploying. These comments appear in the new Deployment History tab on the Utilities page.

• Entitlement code rotation. ​SIA​ now allows super administrators to rotate a Client Connector entitlement code in case the original entitlement code is compromised.

• Alert notification changes. If alerts are detected within a five minute period of sending out an alert notification, users are now notified about these additional alerts after the five minutes. Prior to this release, users were not notified about the alerts that occurred during this period.

• Various Reporting UI Improvements. The ​SIA​ reporting pages include:

  • Filter Editor now appears at the top of page when a user scrolls past it. This ensures that Filter settings are always accessible to users who are analyzing data on the Event Analysis and Activity pages.
  • Report viewers can filter data based on whether there is a correlation between security connector events and threat events.
  • A menu with convenient options is available from certain fields on the Event Details window. For example, if a user clicks a Resolved IP address, a menu appears with actions for this data such as adding the IP address to the Include filter.
  • New Detection Method dimension is available to show events that were detected at the time of access (inline) or were discovered later in log data based on behavior (lookback).

• Access prohibited message. When an end user attempts to access a malicious or suspicious domain that is directed to the security connector, a Website Access is Prohibited message now appears.

• Factory reset option removed from Web Console. A factory reset option is no longer available in the Web Console. This option is also not supported on Security Connector version 1.1.0 or 2.1.0.

Enterprise Client Connector version 1.3.1 is now in beta and available for download. This version of Client Connector includes: