This article contains information on configuring, creating, changing, and deleting Browser Isolation policies in Mimecast, including policy settings, and steps to manage user and group-specific isolation rules. This is achieved through policies that allow you to create rules:
-
For the websites considered suspicious.
This only applies when a site is Uncategorized.
- To regulate what users can do (e.g., view in read-only mode).
Policies covered:
- Configuring browser isolation
- Creating a browser isolation policy
- Changing a browser isolation policy
- Deleting a browser isolation policy
Configuring Browser Isolation
Browser Isolation works in conjunction with your Targeted Threat Protection - URL Protection and Web Security policies. To use the browser isolation functionality, you must have configured either:
- Targeted Threat Protection - URL Protect policy with the configuration below. For more information, see Configuring URL Protection Definitions.
| Field / Option | Value |
| Action | Block |
| Disable Browser Isolation | Disabled |
- Advanced Security Web Security policy with the configuration below. For more information, see Configuring an Advanced Security Policy.
| Field / Option | Value |
| Web Proxy | Enabled |
| Antivirus Scanning | Enabled |
| Browser Isolation | Enabled |
Creating a Browser Isolation Policy
You can create a Browser Isolation policy by using the following steps:
- Log in to the Mimecast Administration Console.
- Navigate to Policies | Browser Isolation.
- Click on Create New Policy.
- Complete the Details dialog as follows:
| Field / Option | Description |
| Name | Provide a name to identify the policy (e.g. Finance Dept Spoofing). This is a mandatory field. |
| Description | Enter a description for the policy (e.g. "This policy protects members of the Finance Department from accessing spoofed websites.") |
- Click on Next.
- Configure the Settings dialog as required:
| Field / Option | Description |
| Enter Text | If enabled users can enter text into fields displayed on the website. |
| Paste Text In | If enabled users can paste text into browser fields from their device's clipboard. |
| Copy Text Out | If enabled users can copy text from the browser fields to their device's clipboard. |
- Click on Next.
- Complete the Applies To dialog as follows:
| Field / Option | Description |
| Location |
Click on the Select Location button to select one or more locations. This field is only displayed if you've Mimecast Web Security enabled on your account. See Web Security - Configuring Locations. |
| Groups | Click on the Select Groups button to select one or more Active Directory or local group. |
| Users | Click on the Select Users button to select one or more user. |
Click on the icon to remove a location, group, or user from the list.
- Click on Next. A summary of the policy is displayed.
- Click on Create Policy.
Changing a Browser Isolation Policy
You can change a Browser Isolation policy, including the default policy, by using the following steps:
- Log in to the Mimecast Administration Console.
- Navigate to Policies | Browser Isolation.
- Click on the Policy to be changed.
- Click on Edit.
- Change the policy as required.
- Click on Save and Close.
Deleting a Browser Isolation Policy
You cannot delete the default Browser Isolation policy.
You can delete a Browser Isolation policy by using the following steps:
- Log in to the Mimecast Administration Console.
- Navigate to Policies | Browser Isolation.
- Click on the Policy to be deleted.
- Click on Delete.
- Click on Delete in the confirmation dialog.
Comments
This page as well should change where it states “suspicious” as it's only engaged when a site is “uncategorized”. Stating suspicious is confusing when coming from the URL Protection definitions as “suspicious” means any of the actual categorized URLs are found.
(I made mention of the above on the Browser-Isolation-Overview page)
Unless I'm mistaken, or it could be part of the Advanced Security Web Security to which I don't currently subscribe to. If it is, it should be more clear on the use of suspicious, if it's just only uncategorized URLs.
Thank you for your feedback. We have reviewed the article and updated it.
Please sign in to leave a comment.