Simplifying Security Configuration: A UX Revamp Retrospective

With the March 2019 Release update, the Security Configuration User Interface (UI) evolution is now complete, and we hope it integrates more seamlessly into your online business.

Over time, Akamai has added new products, features, and functionality to its security solutions to protect your web applications from growing cybersecurity threats. Yet,  like an unplanned city, the Security Configuration UI grew organically as new capabilities were built. When Bot Manager was launched, security configuration complexity increased further.

AWS Builder Community Hub

We heard your feedback – too many clicks, a labyrinth of pages, the dependencies. So, we took a step back to examine the paths most traveled and bottlenecks encountered, embarking on a UI renovation that helps you protect your apps more quickly and easily. The new UI is designed to deliver four benefits:

  • Increased productivity – By streamlining the navigation and reducing the number of clicks, screens, and workflows you pass through, configuration tasks will take less time to complete.

  • Higher user satisfaction – More descriptive terms, on-screen and context-sensitive help, as well as better version change control make it easier to set configurations correctly and answer questions.

  • Immediate functionality – An out-of-the-box experience, with better defaults, helps new users get started, while ensuring power users still have the controls they need.

  • Support for application programming interface (API) development – A restful API now connects front and back, exposing APIs that can integrate configurations into your workflows and systems.

To get here, we had to question previous design decisions and reimagine the security configuration experience from a customer perspective – creating a logical, guided flow, and taking a problem-solution approach to configuring security settings. For more intuitive interactions, we applied consistency with other Akamai Control Center features, such as property manager, and between all security pages. Recognizing that security expertise varies, we also accommodated different user experience levels, balancing simplicity with customization options that advanced users expect.

The Security Configuration UI Evolution

In an evolutionary, not revolutionary, approach, we delivered the redesign in phases, careful not to disrupt your work or cybersecurity protection. Let’s look back at the journey.

Phase 1: First, the UI expanded to full screen width for a better view of security settings. Then, rate category and policy definitions collapsed into a single rate policy instance to make rate category match criteria editable even after it’s activated – no more orphaned categories. Quick Links moved to Shared Resources where custom rules, reputation profiles, and network lists are configurable from one location.

Phase 2: For easy access to policies and their sub-elements, a new left-navigation panel was created in the Security Configuration Version page. We redesigned selected hosts for clarity and match targets to include inline editing. Bot Manager joined the main Security Configuration Version page and version notes can be edited before configuration activation.

Phase 3: The Firewall Policy Wizard was separated out into directly accessible individual pages, reducing the extra time and complexity from unnecessary clicks and page loads. In addition, further optimizations to individual firewall policy pages enhance functionality and user experience.

Phase 4: The latest update revamps the security configuration landing page and UI for activating configurations. This will help simplify and streamline the configuration workflow for Kona Site DefenderClient Reputation, and Bot Manager.

Perhaps the most important element of the new UI is the shift to an API-first design. We approached the entire Security Configuration UI evolution from a DevOps perspective, building an infrastructure that allows you to manage your Akamai security solutions the way you want. This means you can secure applications either in Control Center or with APIs to script WAF deployment, configuration, and auditing, while simplifying protection with version control for rapid iterations of apps and APIs.

All existing Kona Site DefenderClient Reputation, and Bot Manager users get the new UI without a migration, so check it out. Did we create a better user experience? Let us know what you think. To see what else is new in the March 2019 Release, go to

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Pawan Bajaj. Read the original post at: