This article contains information on using the Targeted Threat Protection - Attachment Protect dashboard to view sandboxed attachments, unsafe file logs, and released attachments, along with steps to access and interpret the dashboard and logs.
Targeted Threat Protection - Attachment Protect is an advanced service that protects customers from the growing risk of spearphishing and other targeted attacks using email attachments.
See the Knowledge Hub for detailed information on configuring, optimizing, integrating, and troubleshooting.
The below video explains the default best practice configuration.
Configuring an Attachment Protection Policy
-
Log in to the Mimecast Administration Console.
-
Select the Policies | Gateway Policies menu item.
-
Click on Attachment Protect.
-
Either click on the:
-
- New Policy button to create a policy.
- Policy to be amended.
- Complete the Options section as required:
|
Field / Option
|
Description
|
|---|---|
|
Policy Narrative
|
Enter a description of the policy. This is kept with the message in the archive.
|
|
Select Option
|
Specify an Attachment Protection definition from the drop-down list.
|
- Complete the Emails From section as follows:
|
Field / Option
|
Description
|
|---|---|
|
Addresses Based On
|
Specify the email address characteristics on which the policy is based.
|
|
Applies From
|
Specify the sender characteristics on which the policy is based. For multiple policies, you should apply them from the most to the least specific.
|
|
Specifically
|
Enables you to specify an SMTP address if Individual Email Addresses is set in the Applies From field.
|
- Complete the Emails To section as follows:
|
Field / Option
|
Description
|
|---|---|
|
Applies To
|
Specify the recipient characteristics on which the policy is based. For multiple policies, you should apply them from the most to the least specific.
|
|
Specifically
|
Enables you to specify an SMTP address if Individual Email Addresses is set in the Applies From field.
|
- Complete the Validity section as required:
|
Field / Option
|
Description
|
|---|---|
|
Enable / Disable
|
Use this option to enable (default) or disable a policy. Disabling the policy allows you to prevent it from being applied without having to delete or backdate it. Should the policy's configured date range be reached, it's automatically disabled.
|
|
Set Policy as Perpetual
|
Specifies that the policy's start and end dates are set to Eternal, meaning the policy never expires.
|
|
Date Range
|
Specify a start and end date for the policy. Setting this option will automatically deselect the Eternal option.
|
|
Policy Override
|
Select this option to override the default order in which policies are applied. If there are multiple policies, this policy is applied first unless more specific Policies of the same type have also been configured with an override.
|
|
Bi-Directional
|
If selected, the policy also applies when the policy's recipient is the sender, and the sender is the recipient.
|
|
Source IP Ranges (n.n.n.n/x)
|
Enter any required Source IP Ranges for the policy. These only apply if the source IP address used to transmit the message data falls inside or matches the range(s) configured. You must enter IP ranges in CIDR notation format.
|
-
Click on the Save and Exit button.
Comments
Please sign in to leave a comment.