Akamai announces two major releases per year, which makes it easier for you to keep up with new functionality and find all the latest information in one place. In this blog post I’ll provide an overview of what’s new, to show you how all the pieces fit together. If you’re interested in the finer details, there are links to individual blog posts that dive deeper. In addition, I encourage you to register for our 2018 October Release webinar that covers updates to DevOps, security, and web performance.
This post covers the specific October Release details in six key areas:
- Web Performance
- Digital Performance Management
- Mobile App Performance
Web performance is our bread and butter, and this release includes advancements in performance, monitoring, and intelligence.
OAuth 2.0 Support (Beta)
OAuth provides the most widely-used method to authenticate requests made to API endpoints. API Gateway enables you to protect any API proxied through Akamai with OAuth 2.0, backed by Akamai scalability and reliability. You can think of this as authentication at the edge; it’s faster, more available, more secure, and offloads origin traffic. It’s quite fascinating, and you can you learn more in our in-depth blog post.
GraphQL Caching (Beta)
If you’ve implemented GraphQL for your APIs, you can now cache GraphQL responses similarly to your RESTful APIs. This increases offload and reduces the need to build and maintain on-prem infrastructure to process GraphQL requests. This is much more interesting to see in action than to read about, so check out the video linked here.
Real-time Reporting (Beta)
It can be challenging to discover and interpret errors quickly, which means it takes longer to resolve those problems. You now have access to API traffic with the real-time reporting dashboard. Operational data about API traffic is delivered in real time, allowing you to quickly discover and mitigate operational errors.
Open API 3 support (Beta)
We’ve supported RAML and Swagger API definitions for a while now, and this release has added support for onboarding ones created with the OpenAPI 3 specification.
Adaptive Acceleration: Script Management (LA)
Third-party scripts can make your content more dynamic and interactive, but can also cause your site to be slow or unresponsive. The new Script Management feature allows you to experiment with third-party scripts locally and see what happens when you defer and block them. You can then create automated actions that avoid costly outages and single points of failure.
QUIC for Web Customers (Beta)
QUIC is an experimental transport layer network protocol which provides security comparable to TLS/SSL with lower connection and transport latency. In this release, we’re allowing some Akamai Ion customers to enable QUIC support on their properties. We’ll work closely with those customers and iron out the wrinkles before we release it to the rest of you. This support includes secure properties using ESSL, and properties using standard TLS on FUSE.
The benefits of images on web properties are undisputed, the problem is, they are bandwidth hogs. Since its inception, Image Manager has been one of our most successful products because it solves one of your biggest problems. Naturally, we keep improving Image Manager, and I think you’ll agree this is one of the best updates, ever.
Video Optimization with Image Manager 4.0 (Beta)
You love Image Manager for how it automatically creates, manages, and delivers optimized images for every device and situation, and now you can have that same support for videos. Image Manager 4.0 can now automatically create and deliver derivative videos with the optimal bit-rate, resolution, and format to your end user.
Have you ever wondered exactly how many bytes each image saves you? Of course you have. The new reporting dashboard shows you that level of detail, and also allows you to aggregate it over a period of time. Other report enhancements help improve insights into utilization and overall product efficacy.
Updated Policy Manager UI
The Policy Manager UI has been updated to include a new page layout with image previews that are automatically updated, movable panes to create a flexible workspace, and intuitive rules ordering.
Security updates in this release include enhancements to defining rate policies; you can now use geo network lists and ASN condition. More security updates follow:
Kona Site Defender
Automated Attack Groups (Beta)
This feature allows you to protect your apps with rules that are automatically updated by the good folks at Akamai. Put plainly, Automated Attack Groups allows you to protect every web connected workload with minimal upfront and ongoing effort, for any or all of your applications. There’s a lot going on here, and so if you’re even remotely interested, you should click the link below and prepare to be amazed.
Automated Attack Group API Requests (Beta)
API protection is now turned on automatically with both Kona and WAP and now includes automatic inspection of XML and JSON traffic with a negative security model. Kona also has the additional capability of supporting a positive security model for customer-defined APIs as well, allowing you to define what good looks like, blocking everything else.
Web Security Analytics and Real Time Data (GA)
If you’re in the Security Monitor section wondering where Real-time Data went, we moved it. We don’t like to rearrange the furniture when you’re not looking, but it makes sense to put the data in one central location, so you can look up both historical and real-time data in the same place. You’ll find real-time data in Web Security Analytics, which is part of the Security Center.
Bot Endpoint Protection Report (Beta)
The new Bot Endpoint Protection report shows you bot traffic for every protected endpoint, so you can get to the impact for every endpoint faster.
We’ve improved our APIs, tripled our GRE clean traffic speed, and added a GRE tunnel and two scrubbing centers.
Attack Capacity Expansion (GA)
We’ve added two new scrubbing centers, one in Osaka and one in Singapore. These additions bring us to 7.8 Tbps of capacity, which will enhance performance for redirected content, and will aid our continually growing capabilities in mitigating DDoS attacks.
GRE tunnel turnup EMEA and Americas (GA)
We added a third GRE tunnel, and we’re increasing the overall capacity of our GRE tunnels. Meaning you can send more traffic through us than ever before.
DevOps continues to snowball, and we continue to push it down a snowy hill.
Akamai Pipeline (GA)
Promote configuration changes automatically with the new Pipeline command in the Property Manager CLI. Teams can now move faster and avoid error-prone manual steps when going between their environments.
Bulk Configuration (Beta)
Bulk Configuration enables you to search for and update several config files at once via a single command, saving manual and error-prone steps.
Configuration Snippets using the Property Manager CLI (GA)
The new Property Manager CLI enables app teams to own different pieces of your configuration and empower them to work independently in parallel. Delegate parts of the configuration, manage permissions locally, and source-control these configuration snippets based on your organizational needs.
Akamai Developer Toolkit (GA)
The Akamai Developer Toolkit Chrome extension allows developers and administrators to easily access Akamai tools and services without having to log into the Akamai Luna Control Center. This extension enables you to purge content, translate Akamai error codes, test APIs, and debug requests going through an Akamai server—all from within your Chrome workspace.
Akamai Sandbox (Tech Preview)
Get ready to jump up and down, this is Akamai on your laptop! Akamai Sandbox is an isolated Akamai environment you can use to easily spin up sandboxes and quickly test Akamai configurations in a local dev environment while accessing origins running locally.
Akamai CLI Updates
We’re excited to announce several new CLI packages, as well as enhancements to some of our existing ones. We’ve just launched new packages for mPulse, API Gateway, and Image Manager. Enhancements have been made to the CLI packages for Akamai Pipelines and Property Manager.
Digital Performance Management
The Aggregate Resource Waterfall widget solves the major drawback for performance analysis: synthetic testing of a single point in time. This new tool gives you a more comprehensive view of resource timing and performance across all sessions. It reduces noise on variable connection speeds, device types, and user locations, and enables the normalization of massive amounts of timing data. If that sounds like a more than you can wrap your head around, we go into great depth in a separate blog post, with lots of pretty pictures.
Mobile Waterfall (GA)
You can now define actions (i.e., meaningful events that happen within your mobile apps) via the mPulse SDK for native monitoring. The resources are loaded during an action, and their corresponding network requests are contained in a single beacon. This will help reduce your native monitoring beacon count and enable use of features like waterfall.
Waterfalls have long been a critical diagnostic tool for your web pages, and waterfall analysis is now possible with mPulse native app monitoring! With mobile waterfall, you’re better equipped to understand which resources may be contributing to a poor experience for mobile app users., and gain deeper insight into how your native application is performing for real users.
Resource Impact Analysis
Resource Impact Analysis empowers you to model out the impact to both performance and revenue of improving or even removing specific resources from your site. This allows you to easily understand the impact of first and third party resources on your performance.
See the impact of each individual resource on your page and session load times, sorted by the pages most relevant to your bottom line.
End the ROI conversation over tags with data from your real users.
Enterprise Threat Protector (ETP) 2.0
Enterprise Threat Protector (ETP) Advanced Threat adds ETP proxy (URL inspection) and Inline Payload Analysis to the existing DNS protection layer. ETP proxy analyses suspicious HTTP(S) traffic and protects an enterprise network from threats. Inline Payload Analysis enables the ETP to inspect website content and perform malware scanning on responses from origin servers.
Enterprise Application Access (EAA)
Enterprise Application Access (EAA) now includes a client connector that provides secure, role-based access controls to integrated development environments. The client allows DevOps personnel to access only the necessary DevOps environments in order to collaborate with other developers and deliver applications and features more quickly. We’ll have a full blog post on this one shortly, so stay tuned.
Mobile App Performance
The Mobile App Performance SDK has some cool new features, and these are detailed in their own blog post, linked below. If you want to just skim the high points, read on.
MAP + mPulse
You can finally monitor the impact of your apps’ performance and its impact on user behavior with the latest mPulse integration with the MAP SDK. Correlate the app performance benefits of the Mobile Performance SDK with KPIs such as engagement, revenue, and conversions.
Adaptive Prefetching downloads the most popular cacheable objects before they are requested by the app. These assets are intelligently downloaded so they won’t impact performance, and provide nearly instant app load time to improve user experience.
Adaptive Network Optimization (ANO) and QUIC
Speed up your mobile native/hybrid apps by reducing time to first byte, total download time, reduce packet loss and bandwidth-clogging retransmits, and improve throughput with the MAP SDK’s Adaptive Network Optimization (ANO) feature. By leveraging data from user devices and network conditions, ANO dynamically selects the best congestion-control algorithm and configuration settings to optimize for the best app delivery performance.
Check Out the Webinar
That about wraps it up for the October Release announcement overview. I’d encourage anyone reading this far to also register for the 2018 October Release webinar, which goes into much more depth on DevOps, security, and web performance.