Mimecast Customer Care - Managed / Guided Onboarding Steps

Updated

This article contains information on the steps and responsibilities involved in implementing Mimecast services, covering account creation, Directory Synchronization, mail flow requirements, outbound/inbound preparation, and optional add-on packages with a Mimecast consultant. It is intended for Administrators.

Below is a summary of the actions you must review and complete with your Mimecast Implementation Consultant and which party is responsible for each item.

Onboarding Review

Summary: A session with the client and Mimecast to discuss the implementation plan. As part of the discussion, we require all individuals involved to be identified.

Any request for support or assistance must be emailed to your dedicated Mimecast Implementation Consultant during implementation. Customer support cases can be raised once your implementation is completed.

  • Initial conversation to review the implementation plan and resource allocation.
  • Identifying your mail flow infrastructure allows us to set up the Mimecast Tenant accordingly (Responsibility: Mimecast/Client).
  • Review the complete Implementation plan (Responsibility: Mimecast/Client).
  • Assist with Request for Information (RFI) completion (if applicable) (Responsibility: Mimecast/Client).
  • End User Asset Library (Responsibility: Client) Customer Community.

Mimecast Account Creation

Summary: The Mimecast consultant will create your Mimecast account and send automatically generated login credentials. Mimecast will create recommended configurations for your account.

  • Account Creation (Responsibility: Mimecast): You will receive an email from customerreply@mimecast.com containing your username and temporary password.
  • Email Security Setup Wizard (Account Setup and Steps): Email Security Setup Wizard.
  • Out of the Box Settings (Responsibility: Mimecast): Out Of The Box Settings.
  • Adding Additional Administrators and/or Roles as needed, including the Super Administrator Elevation Request process (Responsibility: Mimecast/Client).
  • The Email Security Setup Wizard will gather all the required information for your onboarding process: Checklist

Directory Synchronization, Authentication, & Journaling

Summary: Prove domain ownership, set up users, and configure end-user authentication.

Outbound Requirements Gathering

Summary: Information gathering before Outbound mail flow.

  • Forwarding Addresses:  Forwarding/Relay addresses are used to forward mail outside the platform; entries are added to the Relay group under Users & Groups | Profile Groups in the Mimecast Administration Console (Responsibility: Mimecast/Client).
  • TLS Requirements: Identification and configuration of TLS requirements (Enforced or Relaxed) (Responsibility: Mimecast/Client) TLS Requirements.
  • Branding: Mimecast provides the ability to brand the Personal Portal and some communications with the customer's logo and color scheme (Responsibility: Client) Branding.

Additional Outbound Add-On Considerations

Summary: If purchased, the following add-on packages must be configured. (Responsibility: Mimecast/Client)

  • Internal Email Protect (IEP).
  • Secure Messaging.
  • Large File Send (LFS).
  • Stationery/Disclaimer.

Inbound Requirements Gathering

Summary: Information gathering before Inbound mail flow.

  • Anti-Spoofing Exceptions: Validate Spoofing Exceptions - IPs (or SPF Bypass) of 3rd parties permitted to spoof internal domains (Responsibility: Mimecast/Client) Anti-Spoofing Exceptions - Third-Party Senders.
  • Global Blocked/Permitted Senders list: Import of global Permitted Senders from the current platform (Responsibility: Mimecast/Client) Global Permitted Senders.
  • Managed Senders List: If it exists and needs migrating, import user-level Permitted and Blocked senders from the current platform (Responsibility: Mimecast/Client) Managed Senders.

Outbound Preparation & Cutover

Summary: DNS configuration before Outbound mail flow Email Security Setup Wizard - Outbound Mail.

  • SPF Record Update: Update any existing SPF records to include Mimecast's netblocks records (Responsibility: Client).
  • DKIM Record Update: If using DKIM today, you must disable and move to Mimecast; otherwise, we can optionally implement (Responsibility: Client).
  • MX Record TTL Update: Updating your MX record Time To Live will allow a more seamless transition when inbound MX records are added during the Inbound Cutover phase (Responsibility: Client).
  • Connectivity:
    • Data Centers & URLs: SMTP port 25 should be open to and from Mimecast Data Center IP Ranges; if using LDAP, port 636 must also be open from Mimecast Data Center IP Ranges (Responsibility: Client).
    • Office 365 Connection Filter Whitelist: If using Office 365, Mimecast recommends allow listing Mimecast DC IP ranges within the default Connection Filter to disable Exchange Online Protection (EOP) (Responsibility: Client).
    • GSuite Whitelist: If using Google Apps G Suite, Mimecast recommends whitelisting Mimecast DC IP ranges within the default Email Whitelist (Responsibility: Client).
  • Mimecast Notification Sets: Review of editable notifications available within the Mimecast Administration Console (Responsibility: Mimecast/Client).
  • Review Inbound Delivery Routes: Test inbound delivery routes for mail flow; required to deliver Non Delivery Reports (NDRs) for outbound (Responsibility: Mimecast/Client).
  • Additional Outbound Policy Creation: Configure any required outbound policies based on review (Responsibility: Mimecast/Client).
  • Outbound Cutover: Enable Mimecast Outbound Send connector and disable other outbound connectors to route all outbound mail through Mimecast (Responsibility: Client).

Inbound Preparation & Cutover

Summary: Start preparation for Inbound mail Email Security Setup Wizard - Inbound Mail.

  • Mimecast Digest Review: Policy created to ensure messages containing potential junk/spam content are held in quarantine (Responsibility: Mimecast/Client).
  • Targeted Threat Protection (TTP): (Responsibility: Mimecast/Client).
    • Attachment Protect: Configure attachment sandboxing.
    • Impersonation Protect: Configure Impersonation Protect, flagging inbound emails based on suspicious sender characteristics.
    • URL Protect: Configure inbound URL rewriting and actions taken when a clicked link is found malicious, compromised, etc.
    • Internal Email Protect (IEP): Configure IEP with Server Connection to identify internal and outbound malicious traffic, *Requires Journaling Setup*.
  • Inbound Delivery Test: Validate that the client can receive inbound messages on delivery route IPs and cutover any test/secondary domains before primary domain cutover (Responsibility: Mimecast/Client).
  • MX Record Cutover: Add Mimecast Inbound Smarthosts as MX Record for all internal domains and remove all other entries (Responsibility: Client).

Confirmation of Inbound Lockdown

Summary: Ensure your connectors only receive mail from Mimecast.

  • Firewall/Connection Lockdown - Mimecast optionally recommends locking down Port 25 only to accept mail from the Mimecast DC IP ranges (Responsibility: Client).

Administration Console

Summary: Administration console training session.

  • Training: Technical walkthrough of the Administration Console.

Add-On Packages

Please consider any further Mimecast add-on packages:

On completion of the above steps to your satisfaction, the implementation case will be closed.

During your onboarding, you’ll work with a named Mimecast Implementation Consultant, who will support you in configuring, testing, and utilizing your Mimecast products.

We are confident you will receive a best-in-class deployment experience. However, if you have concerns regarding your implementation that you feel cannot be addressed by your assigned specialist, please reach out to customerservices@mimecast.com, and a member of our management team will be in touch.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.