Service Update
| Availability | October 12th, 2022 |
| Product(s) | Email Security Cloud Gateway (CG) |
| Who's affected | Targeted Threat Protection - Attachment Protect customers who have sandboxing enabled |
Overview
Mimecast is pleased to announce planned actions to improve the performance of the dynamic analysis of files with Targeted Threat Protection - Attachment Protect. Attachment Protect provides advanced security protection for file attachments in emails. This includes dynamic analysis of file attachments using a sandbox.
As part of providing a robust and reliable service, if an attempt to analyze a file in the sandbox fails, it will be retried a number of times. Occasionally, this can result in attachments remaining in the retry queue for extended periods of time. In response to this, we have reduced the timeout period from 24 hours to 30 minutes.
In the event that an attachment scanned by the sandbox does not finish within 30 minutes, the message will be held or bounced based on the definition set in your policy, and you should handle this event based on your settings (e.g., if held, an admin can release it from hold).
Customers may notice a slight increase in the number of held attachments due to attachments not being retried as many times as before.
What's changing
- The timeout period for sandboxing has been reduced from 24 hours to 30 minutes.
Recommended actions
Review your attachment protection settings and update the Sandbox Fallback Action in your Attachment Protect definition to hold or bounce messages as required.
This is the first of a number of enhancements as part of our long-term plan to improve dynamic analysis in Targeted Threat Protection - Attachment Protect. If you experience a significantly increased number of held attachments, these steps can reduce admin overhead while keeping your security posture intact. These changes are specific to the Attachment Protect Delivery Options. Associated Knowledgebase article can be found here.
- Safe File with On-Demand Sandbox transcribes vulnerable file types to a different file format to ensure they are safe while still allowing end users access to the original attachment via sandboxing upon request.
- Dynamic Configuration allows users to toggle between delivery options for individual senders. By default, Safe File with On-Demand Sandbox is used. For trusted senders, Pre-Emptive Sandbox is used. This allows only trusted senders to be pre-emptively sandboxed while all other senders result in a safe file.
Comments
Please sign in to leave a comment.