Bulks Actions in Enterprise Center. The Enterprise Center user interface for ​SIA​ now allows you to complete some operations in bulk. These operations include:

Secure DNS Forwarder is now generally available with Security Connector 2.7.0

If your organization is participating in the AVC beta, you can now control access to web applications. You can define default policy behavior, or you can create a policy that is based on risk level, acceptable use policy (AUP) categories, category operations, applications, or specific operations for an application. You assign actions to each area of the AVC policy. As you configure each component, the detailed settings you set take precedence over more general settings. For example, the policy action you apply to an application takes precedence over an action that’s applied to its corresponding category or category operation.

• Allow action for risky and file sharing domains. With the Allow action, traffic is directed to its destination unless ​ETP Client​ is deployed on the user’s machine. If ​ETP Client​ is set up for the full web proxy, traffic is directed to the proxy. This action is useful to organizations that want to forward some user traffic to ​SIA​ Proxy while still allowing other users to access content directly.

• Updated user interface to manage a delegated or tenant administrator. If your organization uses the delegated or tenant access feature, a new user interface now makes it easier for ​SIA​ super administrators to find users who are assigned the delegated or tenant administrator role.

This release resolves issues in ​ETP Client​. To support the client with ​SIA​ Proxy:

• Proxy authorization. In an ​SIA​ policy, the new Proxy Authorization option allows ​SIA​ Proxy to authorize connections from the on-premises proxy in a proxy chaining configuration. Proxy credentials that you configure in ​SIA​ and in the on-premises proxy are used to authenticate traffic from the on-premises proxy. In ​SIA​, you create these credentials on the Proxy Credentials tab of the Utilities page. You must then configure these same credentials in the on-premises proxy.

  Note: This feature is not available by default. To use this feature, contact your ​Akamai​ representative.

• ​SIA​ Proxy Certificate expiration. ​SIA​ now sends an email notification when the TLS man-in-the-middle (MITM) certificate you uploaded or generated for ​SIA​ Proxy is about to expire. An administrator that’s set to receive communication emails for system issues will now receive a reminder to update the certificate when it expires in 30 days or less.

• New name for ​ETP Client​ configuration setting. The Automatic security patch upgrade setting is now called Automatic Upgrades for Critical Patches. If you enable this setting, ​SIA​ automatically upgrades ​ETP Client​ to fix security vulnerabilities and major issues in ​ETP Client​.

• New name for CDN Optimization policy setting. The CDN Optimization setting is now called Forward Public IP to Origin. This setting forwards the user’s public IP address to authoritative DNS servers and web servers, and it identifies the geolocation of clients. This setting applies to both DNS and HTTP traffic.

• PingOne available as an identity provider type. If your organization is licensed for ​SIA​ only, you can now create a PingOne identity provider (IdP). Previously, you could only add and manage a PingOne IdP if your organization was also licensed for Enterprise Application Access.

You can configure acceptable use policy Proxy as a Secure Web Gateway (SWG) that performs URL filtering, anti-malware scanning, and applies acceptable use policies to each user. To do this, you’ll need to send all web traffic to ​SIA​ Proxy.

General updates include:

​SIA​'s Secure Web Gateway (SWG) performs URL filtering and anti-malware scanning on all web traffic.

• Deploy custom lists in less than 30 seconds. Like other configuration settings in ​SIA​, you can now deploy custom lists in less than 30 seconds.

• Migrate quick lists to custom lists. Quick lists are now discontinued. If you configured an Allow or a Deny quick list, you can migrate this data to custom lists. On the Quick Lists page (Configuration > Quick Lists), click the Migrate Quick Lists button to migrate your quick list data to an Allow custom list and a Deny custom list. Migrated quick lists are added to all policies, allowing you to manage these lists as part of a policy configuration. By default, the migrated Allow list is granted the bypass policy action, while the migrated Deny list is assigned the block policy action.

  After migrating quick lists, make sure you deploy all pending changes. Once the migration is complete, the Quick List page is no longer available at your next login.

  Note: If your organization never configured quick lists, no action is needed. In this case, the Quick Lists page is no longer available from the navigation menu.