About ETP Client

ETP Client is a client agent that directs DNS and web traffic to ​Enterprise Threat Protector​ for analysis. With ETP Client, you can apply ETP policy to requests that are made inside and outside the corporate network.

Depending on the policy and client configuration in ETP, as well as your organization's product license, ETP Client can:

  • Forward DNS traffic. ETP Client forwards DNS traffic when this configuration applies:

    • ETP Proxy is not enabled. In this situation, ETP Client forwards only DNS traffic to ETP.

    • ETP Proxy is enabled as a selective proxy.

    This behavior is supported when a user is on or off the corporate network. It's also available with all supported versions of the client that you can download in ETP. For more information, see ETP Client for DNS only.

  • Forward all web traffic. You can configure ETP Client to forward all web traffic to ETP Proxy for analysis. This occurs when you set ETP Client as the local web proxy on the user's device, you use ETP Client with an existing enterprise proxy, or you enable transparent traffic interception.

    This functionality is supported when a user is on or off the corporate network. Your organization needs to be licensed for ETP Advanced Threat to forward all traffic to ETP Proxy. Transparent traffic interception is supported with ETP Client 4.1 or later. For more information, see ETP Client for web traffic.

​Akamai​ offers both a desktop and mobile version of the client to protect enterprise devices. For more information, see Desktop client and ETP mobile client distribution. You can also use ETP Client to protect a user's personal device. For more information, see Bring your own device (BYOD) support.

ETP Client:

  • Detects an end user's network conditions.

  • Sends DNS requests to ETP. With version 3.2.0 or later, you can protect user privacy by using TLS to encrypt connections. To learn more about DoT, see DNS over TLS.

  • Applies an ETP policy and other configuration settings to requests.

  • Logs user information. In ETP, user information appears on the event reporting pages when a policy is violated and an event is logged. ETP Client also includes its own logs. By default, ETP Client is set with the Info Only log type. This log type records system errors, while the Debug and Verbose log types record additional information, such as DNS lookup queries. For more information, see ETP Client logs.

  • Identifies clients by device name. This information also means an enterprise may not need to deploy a security connector in their network to discover the machine name of an infected machine. When the Trust XFF header is enabled, ETP Client identifies the internal client IP address of web traffic. It also identifies the client request ID.


When set up to direct web traffic to ETP Proxy, ETP Client currently does not support IPv6-only networks.

Did this page help you?