This article contains information on configuring Mimecast's Internal Email Protect to enhance email security by detecting threats, applying DLP policies, and managing journaling, connectors, and policies for inbound, outbound, and internal messages.
Internal Email Protect extends the capabilities of Targeted Threat Protect by conducting additional security checks on both internal journaled and outbound email. Benefits include:
-
-
-
-
- Detecting malicious attachments and links.
- Applying Data Loss Prevention (DLP) policies to control information sharing. If unsafe/suspicious content is found, either:
- Removing malicious attachments or messages from a user's mailbox.
- Notifying another user/administrator.
- Provides protection across all devices, including smartphones and tablets, whether they're provided directly by the employer or not.
-
-
-
Full Internal Email Protect functionality is supported on Microsoft 365 and On-Premise Exchange environments. In other environments, the notification capability is supported.
Configuration
To use Internal Email Protect, perform the following tasks in the following order:
- Create a Connector.
- Create your policies.
- Configure your journaling.
Creating a Connector
Create a connector between Mimecast and your mailbox server. This enables end users to use Internal Email Protect user mailbox actions (e.g., removing messages from their mailbox that are found to be unsafe). See the Managing Connectors page for full details.
Creating Your Policies
Ensure you're protecting all incoming, outbound, and internal messages by creating at least one of each of the following policies:
| Inbound Check Type | Inbound Check Type |
|---|---|
| Configuring URL Protection Definitions and URL Protect Policy Configuration | These protect messages being sent or received that contain URLs to targeted attacks and spearphishing attempts. They also protect you from good websites turning bad and delayed exploits. URL Protect is managed centrally, allowing rapid deployment without using any additional infrastructure and allowing administrators to monitor/report on user activity. |
| Attachment Protect Definitions and Targeted Threat Protection - Attachment Protect Configuration | These protect messages being sent or received with attachments containing malware, malicious macros, and other exploits. It also detects and removes potentially malicious attachments from inbound messages (e.g., PDF, Microsoft Office files) using static file analysis and sandboxing. |
| Content Examination - Getting Started | These analyze the content of messages, looking for matches you provide. It sets the conditions under which a message is considered safe and what action should be taken if it isn't. |
Configuring Your Journaling
Configure your Journaling to add your organization's internal email communication to the Mimecast Archive. This is required because Internal Email Protect scans journaled emails and matches configured policies based on the journaled mail.
When configuring journaling, selecting the correct journal type on your journal connector is important. This must match the type of traffic sent from your email environment to avoid unexpected errors.
Comments
Please sign in to leave a comment.