This section explains the configurable values in the HENNGE Cloud Protection management screen under the left menu [ Policy ] - Policy selection - [ Exchange ] tab.
Please refer to the following article for creating policies:
Creating a New Policy
General
Item Name | Description |
Real-time Scan |
Set whether to use real-time scanning for email messages and other Exchange items in the organization's mailboxes. |
Trusted Senders |
If this feature is set, emails from trusted sender addresses will not be isolated or deleted. Scan and warn when malicious content is detected (Low severity) |
Trusted Mail Sender Address If [ Trusted Senders ] is on, use this to add the email addresses of senders whose emails will not be isolated or deleted. |
|
Trusted Sender Domain If [ Trusted Senders ] is on, use this to add trusted sender domains. Emails sent from these domains will not be isolated or deleted. |
|
Isolation |
You can choose the duration until isolated items are automatically deleted. ・1 month |
Malware Scan
Item | Description |
Malware Scan |
Set whether to use the malware scan function or not. |
Scan Files |
Set the types of files to be scanned. Possible values are as follows: If [Target Only] is selected, some files are specified in [Target Files], but you can also specify any file you want. |
Scan Archive (Compressed) Files Set whether to scan compressed files. |
|
Evaluate in Sandbox Send suspicious files to WithSecure's Security Cloud, analyze the behavior of the file, and determine whether the file is safe or harmful. |
|
Unsupported File Types |
Displays the types of files that are not allowed. The types of target files are set in the policy item [General] - [Threat Control] - [Malware Scan] tab. |
Processing |
Specify the action to take if malware is detected. Possible actions are as follows: ・Isolate and save malicious attachments |
Notify Administrator Set whether to notify the administrator when malware is detected. The administrator's email address is set in the policy item [General] - [Notification] - [Recipient Email Addresses]. |
|
Notify Users of Detected Results with the Following Severity Set whether to notify users when malware is detected and the severity level. The severity level of the detection target is set in the policy item [General] - [Notification] - [User Notification Based on Severity]. Notification text is set in the policy item [Exchange] - [Notification] - [Malware Notification]. |
URL Scan
Item | Description |
URL Scan |
Set whether to use the URL scan function for web links (URLs) in the body of email messages and other Exchange items. |
Malicious URLs |
Specify the action to take if a malicious URL is detected. The following actions can be specified: |
Notify Administrator Set whether to notify the administrator when a malicious URL is detected. The administrator's email address is set in the policy item [General] - [Notification] - [Recipient Email Addresses]. |
|
Notify Users of Detected Results with the Following Severity Set whether to notify users when a malicious URL is detected and the severity level. The severity level of the detection target is set in the policy item [General] - [Notification] - [User Notification Based on Severity]. Notification text is set in the policy item [Exchange] - [Notification] - [Malicious URL Notification]. |
|
Suspicious URLs |
Specify the action to take if a suspicious URL is detected. The following actions can be specified: |
Notify Administrator Set whether to notify the administrator when a suspicious URL is detected. The administrator's email address is set in the policy item [General] - [Notification] - [Recipient Email Addresses]. |
|
Notify Users of Detected Results with the Following Severity Set whether to notify users when a suspicious URL is detected and the severity level. The severity level of the detection target is set in the policy item [General] - [Notification] - [User Notification Based on Severity]. Notification text is set in the policy item [Exchange] - [Notification] - [Malicious URL Notification]. |
|
Trusted Websites |
Set websites to be excluded when scanning for harmful websites. |
Allow Reporting of Trusted Website to WithSecure If you have registered trusted websites, checking this item will submit reports to WithSecure for functionality improvement. |
|
Blocked Websites |
Set websites to be blocked when scanning for harmful websites. |
Scan for Inbox Rules
Item | Description |
Scan for Inbox Rules |
Set whether to use the suspicious Inbox rules detection function. ・Suspicious rule names |
Processing |
Specify the action to take if malware is detected. |
Notify Administrator Set whether to notify the administrator when suspicious Inbox rules are detected. The administrator's email address is set in the policy item [General] - [Notification] - [Recipient Email Addresses]. |
|
Notify Users of Detected Results with the Following Severity Set whether to notify users when suspicious Inbox rules are detected and the severity level. The severity level of the detection target is set in the policy item [General] - [Notification] - [User Notification Based on Severity]. |
Compromised Accounts
Item | Description |
Compromised Accounts |
Set whether to use the compromised account detection function. |
Processing |
Specify the action to take if an account is determined to be compromised. |
Notify Administrator Set whether to notify the administrator when a compromised account is detected. The administrator's email address is set in the policy item [General] - [Notification] - [Recipient Email Addresses]. |
|
Notify Users of Detected Results with the Following Severity Set whether to notify users when a compromised account is detected and the severity level. The severity level of the detection target is set in the policy item [General] - [Notification] - [User Notification Based on Severity]. The notification text is set in the policy item [Exchange] - [Notification] - [Compromised Account Notification]. |
Notifications
You can customize the notification text or use the default one to send to users and administrators for each threat detected.
Each notification text is listed with WithSecure's default values, so a sample is provided for HENNGE Cloud Protection.
You can edit the notifications text for the following cases.
The following notification text can be automatically retrieved and displayed using predefined variables, such as the item's destination and subject.
Please refer to the following page on WithSecure for a list of available variables.
Variables used in notification emails (external link)