Email Security Cloud Integrated - Expanded Protection - Jun 2023

Updated

Service Update

Availability June 12th, 2023
Product(s) Email Security Cloud Integrated (CI)
Who's affected Email Security Cloud Integrated (CI), Administrators

Overview

Mimecast is pleased to announce expanded protection options for CI customers.
This update extends our malware and phishing capabilities to protect your internal email traffic; the main objective is to stop the lateral spread of malicious files and URLs. 

What's changing

As an existing CI customer (including ongoing trials), you will be prompted to “Expand your protection”.
New customers or trials will receive the new experience when their account is provisioned, meaning no administrator actions are required.
  • Policy configuration now allows a greater level of flexibility, based upon where threats originate from.
  • The Detections page has also been improved to provide admins with a view of the direction of a message without needing to click through to a message. This page also shows which service (e.g. Exchange, Teams) messages are associated with.
  • The detection events page has been changed, to include the direction of a message and removed any information that does not apply to internal messages, such as reputation and SPF/DKIM/DMARC checks.

Recommended actions

Use the installation wizard to install the new internal mail flow rule via your Microsoft 365 setup and update your policies to support the new configuration options.

Start the installation

To start the installation, click on Expand Protection, from one of the following locations:


Main dashboard 
dashboard-500s-2.jpg

Services
service-cropped-s-2.jpg
Policies
policies-c-500-s-2.jpg
After clicking on Expand Protection, this prompt appears, and you can click on Expand Protection to complete the process:
modal-400s.jpg

The installation process can take up to 15 minutes to complete, meaning that mail flow may be disrupted during this time.

Installation progress

A progress bar is displayed when the installation is in progress; until this process has completed, internal email protection will not be fully functional.
 

install progress 2-500.jpg 

Policy Changes

Once the installation has completed, there will be new options added to the Default policy and Create a new policy screens. These options offer a greater level of flexibility, based upon where threats originate from.

Policy view
policy view-500-s.jpg
The available options are based upon which radio button is selected for the Sender and Recipient sections of the policy target section.
For example the Apply to section is hidden when the All option is selected in the Sender section of the policy.
However, when more granularity is required, you should select either External or Internal, as this will allow the Apply to section to be displayed.

When the External direction is configured within the Sender section, it is no longer selectable in the recipient section. The same applies when the All direction is selected, as this contains the external direction too.

Detections page

On the Detections page, you can now view of the direction of a message without needing to click on it.
This page also shows which service (e.g. Exchange, Teams) messages are associated with.
Detections

 
detections new new 500-s.jpg

Detection Details

The Detection events page now includes the direction of a message and does not include any information that does not apply to internal messages, such as reputation and SPF/DKIM/DMARC checks.

Detection events - message details and analysis
detection events-500s.jpg

See Also...

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.