• Update to custom lists in a policy. All custom and top-level domains lists are no longer included in a policy configuration by default. Administrators can now assign individual lists to a policy.

• New user interface for Custom Lists. A new user interface is available on the Custom Lists page (Configuration > Lists). In the new design, administrators can now associate domains and IP addresses to a custom list when creating the list. Likewise, administrators can now add top-level domains when creating a top-level domains list.

• Strict delegated access. When enabled for an organization, an ​SIA​ super administrator can assign a strict delegated administrator role and the locations and policies the delegated administrator is allowed to manage.

  A delegated administrator with restricted access can:

  • Create locations and policies

  • Manage assigned location and policies

  • View events and other reporting data based on the locations and policies they can access

    A strict delegated administrator cannot view locations and policies they did not create. They also cannot view other configuration areas of the product such as the Utilities page.

• Support for dynamic DNS in limited availability. Dynamic DNS for a location configuration is now in limited availability. When enabled for an organization, an administrator can configure a location with a persistent DNS hostname that resolves to dynamic IP addresses. To enable this feature, contact your ​Akamai​ representative.

​SIA​ now protects your network from threats that target HTTP and HTTPS traffic.

This version of Client Connector protects end-user machines that are on or off the corporate network.

• Updated acceptable use policy (AUP). In a policy configuration, new categories and detailed subcategories are available for ​SIA​ administrators to control the websites and content that end users can access in the corporate network.

• New user interface for Locations and Policies. ​SIA​ now includes a new and improved user interface when configuring or modifying a location or policy. On the Locations or Policies pages, administrators can also now search for locations or policies.

• New Client Connector reports. Client Connector area of the Utilities page now includes a new Reports subtab that contains more data about Client Connectors. In addition to pie charts that show errors and installed Client Connectors, a table is now available to show device information, software version, and the current status of installed Client Connectors. Administrators can also filter this data based on time, such as the most current data or data that was reported in the last day or month.

• Assign delegated administrator role. ​SIA​ super administrators can now assign the delegated administrator role to ​SIA​ users. When enabled for your organization, this feature is available from the Delegated Access tab on the Utilities page (Configuration > Utilities). To enable this feature, contact your ​Akamai​ representative.

• Assign locations to alert notifications. ​SIA​ super administrators can now assign specific locations to alert notification recipients. This allows administrators to define the locations that these recipients can receive information about. When enabled, this feature is available from the Communication tab of the Utilities page (Configuration > Utilities). To enable this feature, contact your ​Akamai​ representative.

• Actions for File Sharing and Risky Domains. When ​SIA​ Proxy is enabled, you can select to allow or examine risky domains and file sharing domains. Risky domains are domains that may be a threat because they are newly registered or discovered. File sharing domains are domains of file sharing applications or services. You can select to Allow or Classify traffic to these domains.

• Analyze policy action is now called Classify. The Classify action examines the full URL of a request. If a threat is discovered, a corresponding threat category is assigned to the URL. You can assign the Classify action to custom lists, risky domains, and file sharing domains.

• Support for certificates in binary (.der) format. ​SIA​ Proxy requires that you create an ​Akamai​ certificate or generate a certificate signing request to submit a subordinate certificate that’s signed by your organization’s certificate authority (CA). These certificates function as TLS certificates for the ​SIA​ proxy to intercept suspicious traffic. ​SIA​ now allows you to generate and submit certificates in binary (.der) format.

• Proxy logging modes now available. If ​SIA​ Proxy is enabled, administrators can select different logging levels to define some of the data that’s reported for HTTP or HTTPS traffic in ​SIA​. This setting is available in a policy configuration. The default logging mode provides details that’s most helpful for investigating events.

• Delegated administrative access. ​SIA​ now includes a delegated administrator role. After this role is assigned to a user in Control Center, an ​SIA​ super administrator can grant a delegated administrator access to specific locations and policies, allowing the delegated administrator to manage assigned location and policies.

  A delegated administrator can:

  • Add new locations and policies

  • Deploy configuration changes that they applied or were applied to the locations and policies they manage

  • View settings associated with most configuration features in ​SIA​, such as custom lists and quick lists

  • Schedule a report. Report results show data based on locations a delegated administrator can access

  • View and analyze event and activity data based on assigned locations

  • Download Client Connector and view reporting data that’s associated with Client Connector installations

  • Grant or revoke ​Akamai​ Support Access

    An ​SIA​ super administrator can assign a delegated administrator access to locations or policies on the new Delegated Access tab of the Utilities page (Configuration > Utilities). This tab is available to ​SIA​ super administrators only.

• Deploy window for Pending Changes. A new deploy window is available for configuration changes that are pending deployment. Prior to this release, there were different deployment options for custom lists, quick lists, policies, and locations. In this release, a Pending Changes tab is available on the right side of the configuration pages. ​SIA​ administrators click this tab to view all submitted configuration changes that are not yet deployed to the ​SIA​ network. Administrators can select specific changes they want to deploy or they can deploy all changes. Information about changes is also listed, such as what changed and who made the change.
  The Pending Changes window also offers:

  • A revert option to undo or delete a pending change. Any change that is reverted returns a configuration to its last deployed state.
  • When deploying a change, administrators can comment on the changes they are deploying. These comments appear in the new Deployment History tab on the Utilities page.

• Entitlement code rotation. ​SIA​ now allows super administrators to rotate a Client Connector entitlement code in case the original entitlement code is compromised.

• Alert notification changes. If alerts are detected within a five minute period of sending out an alert notification, users are now notified about these additional alerts after the five minutes. Prior to this release, users were not notified about the alerts that occurred during this period.

• Various Reporting UI Improvements. The ​SIA​ reporting pages include:

  • Filter Editor now appears at the top of page when a user scrolls past it. This ensures that Filter settings are always accessible to users who are analyzing data on the Event Analysis and Activity pages.
  • Report viewers can filter data based on whether there is a correlation between security connector events and threat events.
  • A menu with convenient options is available from certain fields on the Event Details window. For example, if a user clicks a Resolved IP address, a menu appears with actions for this data such as adding the IP address to the Include filter.
  • New Detection Method dimension is available to show events that were detected at the time of access (inline) or were discovered later in log data based on behavior (lookback).

• Access prohibited message. When an end user attempts to access a malicious or suspicious domain that is directed to the security connector, a Website Access is Prohibited message now appears.

• Factory reset option removed from Web Console. A factory reset option is no longer available in the Web Console. This option is also not supported on Security Connector version 1.1.0 or 2.1.0.

Enterprise Client Connector version 1.3.1 is now in beta and available for download. This version of Client Connector includes:

• Custom Sinkhole is now Custom Response. A custom sinkhole is now called a custom response. This feature is accessible from the new Custom Responses tab of the Utilities page (Configuration > Utilities). Administrators no longer configure this feature on the Enterprise Security Connector tab.

• New Custom – Response policy action. A Custom – Response action is now available for custom responses. This policy action blocks malicious or suspicious requests and directs the request to the IP address of the custom response device that’s associated with the policy. When configuring a policy, administrators can select this policy action, assign a custom response, and if necessary, manage custom responses. The Block – Sinkhole policy action now exclusively redirects traffic to Enterprise Security Connector.

• Scheduled report improvements. The user interface for configuring a scheduled report is now improved. Administrators can select to enable or disable individual scheduled reports, identify the administrators who created or modified the report, more easily add email addresses for report notifications, and configure the report output format. Scheduled reports are now available in HTML or text format.

• Alert notifications now available in text format. In addition to HTML format, alert notifications are now available in text format. When enabling email addresses for alert notifications, an ​SIA​ administrator can now select the format for all alert notification emails.

• Enhanced UI for Security Connector and threat event correlation. When viewing correlated Security Connector and threat events, separate windows are now provided with detailed information. For example, viewing a correlated threat event from the Security Connector tab of the Activity page (Monitoring > Activity) opens a window where threat information is provided. If you choose to view correlated Security Connector events from the Threat Events tab of the Event Analysis page, data about all associated Security Connector events is shown. In each of these windows, report viewers can also download event data to a CSV file.

• Integration of Nominum Data. ​Secure Internet Access Enterprise​ now benefits from threat data generated by Nominum, the carrier DNS-based security and services innovation leader that was recently acquired by Akamai. Nominum’s carrier-grade DNS software currently resolves over 1.7 trillion daily DNS requests for carriers worldwide. The addition of this data allows ​SIA​ to identify more threats in an enterprise network.

  On the first day of this release, you will see an increased number of offline events as this additional intelligence is expected to discover more events from the last 7 days.

• DNS Exfiltration Security List. ​SIA​ now offers a DNS Exfiltration Security List and a new DNS Exfiltration category for custom lists. The DNS Exfiltration Security List identifies domains that serve as a communication channel over DNS and may be used to steal sensitive data or allow malware to communicate outside the network.

  This data was previously part of the Command and Control (C&C) Security List. By default, the new DNS Exfiltration list uses the same policy action as the C&C Security List as long as the C&C list does not use the Block – Error Page or the Block – Sinkhole policy action. The Block – Error Page and the Block – Sinkhole actions do not prevent DNS exfiltration because a malicious communication channel can be created when domains are resolved to a custom error page, sinkhole, or Enterprise Security Connector. As a result, if these actions are configured for the C&C list, the new DNS Exfiltration list is assigned the Block – DNS action.

• New sections for General policy settings. General policy settings are now organized into sections: The new Browsing Restrictions section contains SafeSearch and YouTube settings. The new Other Settings section contains the CDN Optimization switch.

• Update to YouTube Restricted Mode Settings. To enable YouTube Restricted Mode, an ​SIA​ administrator no longer needs to enable SafeSearch. A YouTube drop-down menu is now available in the new Browsing Restrictions section of the general policy settings. Administrators can choose from Unrestricted, Moderate, or Strict modes. By default, YouTube is set to Unrestricted mode.

• Block – DNS policy action now available for an Akamai Security List. Administrators can choose the Block – DNS policy for an ​Akamai​ Security List. In the last release, this action was not available for ​Akamai​ Security Lists.

• Roaming location replaced with new Unidentified IPs location. Like the roaming location, the new Unidentified IPs location applies to users who are remote or make DNS requests from unexpected IP addresses or locations that are not already configured in ​SIA​. This location is available in ​SIA​ by default. A switch is also available on the Locations page where administrators can choose to allow or block traffic from Unidentified IP addresses.

• New Location IP Address/CIDR requirements. When configuring a location, these apply:

  • The bit prefix for an IPv4 address must be between 24 and 32.
  • The bit prefix for an IPv6 address must be between 120 and 128.
  • A location cannot use an IP address that is claimed or used by another organization.
  • A location cannot use an IP address that is configured for another ​SIA​ location in your network.

• Various reporting user interface updates:

  • In addition to the selected date range or applied filters, events are organized by the dimension a report viewer selects. For example, if the domain dimension is selected, events are grouped by domain.
  • A new Top 6 area lists the Top 6 values for the selected dimension. This data is also shown in a graph.
  • Event details and Indicators of Compromise (IOC) details are now accessible in a separate window when a user selects to view more event or domain information.
  • If your organization uses Enterprise Security Connector, Security Connector events are now available on the Security Connector tab of the Activity page (Monitoring > Activity).
  • The Threat Analysis page is now called Event Analysis (Monitoring > Events).

• ​Secure Internet Access Enterprise​ Guest Wi-Fi now available. ​SIA​ Guest Wi-Fi is a cloud-based solution that organizations can use to specifically configure, apply, and monitor an Acceptable Use Policy (AUP) for a guest wi-fi network.