This article contains information on using the Targeted Threat Protection - Attachment Protect Dashboard to view sandboxed attachments, unsafe file logs, and released attachments, along with steps to access and interpret the dashboard and logs.
The Attachment Protect Dashboard displays a graphical summary of:
- Attachments sent to the sandbox over the last 30 days.
- The top ten unsafe files by recipient.
- The top ten unsafe files by name.
- The last ten unsafe attachments.
If you select the items in the series key of the Sandboxed Attachments per Day graph, the graph's filters change accordingly.
Accessing the Dashboard
To access the dashboard:
- Log in to the Mimecast Administration Console.
- Click on the Email Security | Attachment Protect menu item.
Displaying the Unsafe Files Log
To display the Targeted Threat Protection - Attachment Protection unsafe files log:
- Click the Unsafe Files Log button. A list of the last 10 unsafe files is displayed with their details.
Click the View All link in the top right-hand corner of the view to display all unsafe files.
- Click the Go Back button to return to the Targeted Threat Protection - Attachment Protection Dashboard.
Viewing Released Sandbox Attachments
When you release an attachment from the sandbox, once it has passed inspection and is found safe, the email is sent to the recipient. You can verify that the recipient received it via the Attachment Protection dashboard.
To confirm that a user received an attachment requested from the sandbox:
- Log in to the Mimecast Administration Console.
- Select the Email Security | Attachment Protect menu item.
- Click on the Attachment Protect Logs drop-down menu.
- Select the Attachment Protect Logs menu item.
- The attachment release log displays, with "User Release" shown under the Action column.
Additional Considerations
- The Attachment Protection Logs report sandboxed attachments only. Once the recipient requests the release of the attachment, or if you have configured "Pre-emptive" sandboxing (where every attachment is sandboxed before being sent to the recipient), you will see the release entries in the log.
- If you are using the "Dynamic" or "Safe-File with On-Demand Sandbox" setting and the recipient does not request the original file, you will not see a log entry. This is because the attachment is not sandboxed unless the recipient requests the original file.
For detailed information on how to configure, optimize, integrate, and troubleshoot, see the Attachment Protect Guides & Resources page.
Comments
Please sign in to leave a comment.