New Advanced BlueApps for Akamai ETP and Akamai EAA help streamline threat management

November 19, 2021  |  Ziv Hagbi

When it comes to powerful integrations, LevelBlue leads the way. We understand that customers want solutions that bring together visibility, response, orchestration, analytics, reporting, and more. As the attack surface continues to grow, LevelBlue continues to look for ways to stay ahead of threats, and one of the ways we do this is through our integrations with strategic partners in the form of new Advanced BlueApps.

We are proud to announce two new Advanced BlueApps: Akamai Enterprise Threat Protector (ETP) and Akamai Enterprise Application Access (EAA). Both will provide customers with the ability to detect and respond to malicious threats.

Akamai AlienApp

Akamai ETP and Akamai EAA are security-first products that are now tightly integrated into LevelBlue USM Anywhere to enhance our single-pane-of-glass experience. All the customer needs to do is configure their EAA or ETP credentials on the BlueApps’ Settings pages, and USM Anywhere will handle the rest.

Akamai ETP

The Advanced BlueApps for Akamai ETP integrates with the Akamai ETP cloud-based secure web gateway, which focuses on secure internet connections. This issue is more important than ever as organizations deal with new security challenges in the wake of employees transitioning to remote work following the COVID-19 pandemic. The ETP app is capable of grabbing a range of ETP events—including threat, AUP (Acceptable User Policy), DNS activity, network traffic, and proxy traffic events—and feeding them into the robust USM Anywhere correlation engine for threat detection and enrichment.

Providing visibility helps customers understand what threats they are facing and how those threats impact their security posture, but what about equipping customers with the tools they need to mitigate those threats? The ETP app has a rich response engine that can take action against threats. Within ETP, customers have full control over what traffic is blocked or allowed on their network. They can add items to Block or Allow lists, or they can remove items from these lists.

The Akamai ETP integration also gives customers the capability to create custom lists directly from USM Anywhere. Once they have created these lists, they can immediately begin adding specific suspicious attributes to them.

Actions can be performed manually, or they can be set up to run automatically using the Response Action Rules in USM Anywhere to define scenarios that trigger specific actions.

App action

Customers using the ETP Advanced BlueApp will also have access to analytics in the form of ETP-generated reports that can be downloaded directly from USM Anywhere. They can also view a Dashboard with customized insights from the LevelBlue Labs threat research teams.

Dashboard with threat intel

The Advanced BlueApp for Akamai EAA harnesses the EAA’s Zero Trust Network Access (ZTNA) approach. As access to critical applications becomes more complex, businesses need to be able to identify legitimate connections, and they need to be able to provide users with specific access to the applications they are authorized to use—rather than giving them access to the entire network.

Akamai EAE

The Akamai EAA Advanced BlueApp offers more visibility into the network than is provided with standard log collection. Akamai EAA provides the option to ingest user data in addition to regular security event data, which means USM Anywhere can monitor the user-level data and associate it with alarms, in effect acting as a user store to enrich the user behavior and analytics engine in the platform.

The EAA BlueApp can also provide a response in the form of blocking a user from accessing a resource on the network.

EAA AlienApp

Both Advanced BlueApps are the result of a tight collaboration between Akamai and LevelBlue. This is particularly important on the threat detection side where the LevelBlue Labs team thoroughly analyzes the Akamai ETP and Akamai EAA logs while enriching the USM Anywhere correlation engine with unique detection rules for each source for the benefit of the customer.

Akamai collaboration

Voice of the vendor

The Akamai Intelligent Edge Platform provides a single set of security and access controls for your remote workforce – creating a Zero Trust architecture that gives your workforce correctly calibrated, secure, and easy access to the applications and data they need. Enterprise Application Access (EAA) is a cloud-based identity proxy that ensures users are always authenticated and authorized before connecting them securely to corporate systems. Enterprise Threat Protector (ETP) is a cloud-based secure web gateway that is quick to configure, easy to deploy, and requires no hardware to be installed and maintained. All these capabilities are delivered across the Akamai Intelligent Edge Platform on any device and from any location, inside or outside IT’s sphere of control.

Share this with others

Tags: alienapps, akamai

Featured resources

 

 

2024 Futures Report

Get price Free trial