Integrating Symantec Messaging Gateway with Symantec Email Threat Isolation
Symantec Email Threat Isolation provides a secure execution environment for web interactions. When a user clicks a link in an email message, Email Threat Isolation isolates the browser from the Internet. Email Threat Isolation executes all potentially malicious content. Only a safe visual stream is sent to the user.
You can integrate Symantec Messaging Gateway with Email Threat Isolation by adding a Modify URL action to your content filtering policies. When the policy triggers a verdict, the action modifies every URL in the affected message. If a recipient clicks a link in the message, the browser redirects the request to Email Threat Isolation for isolation and execution.
- To add Symantec Email Threat Isolation to a content filtering policy
- In Control Center, from theContent>Policies>Emailpage, clickAddto create a new content filtering policy. Or select a policy and clickEditto add Email Threat Isolation to an existing content filtering policy.
- UnderConditions, from theApply tomenu, selectInbound messages.Never apply Email Threat Isolation to outbound messages. In most cases, outbound recipients do not have permission to access to your Email Threat Isolation instance. The result is that the links with modified URLs are likely to fail.
- In theActionspanel, clickAdd.
- In theConfigure An Actiondialog box, selectModify clickable URLs in message.
- In theType of servicefield, selectEmail Threat Isolation.
- In thePrepend valuefield, enter the fully-qualified domain name (FQDN) or IP address of your Symantec Email Threat Isolation instance.For Symantec Messaging Gateway 10.6.5, see https://www.symantec.com/docs/HOWTO127807 for instructions on how to enter thePrepend valuefor that version.
- ClickAdd Action.When a message triggers a verdict, Symantec Messaging Gateway modifies all the URLs in the message to redirect them to the hostname that you specified in thePrepend value. When a recipient clicks a modified link, the browser request is routed to your Email Threat Isolation instance.
- When you finish creating or editing the policy, clickSave.
- Protecting all your users with Email Threat IsolationTo create a content filtering policy that applies Email Threat Isolation protections to all inbound messages:
- On theEmail Content Filtering Policiespage, clickAdd.
- Select theBlanktemplate.
- In theSettingspanel, disableTrack violations of this policy in the dashboard and reports.
- In theConditionspanel, from theApply tomenu, selectInbound messages.
- ClickAddto add a new condition.
- SelectFor all messages, and then clickAdd Condition.
- In theActionspanel, clickAdd. Follow the steps in the previous procedure to add theModify clickable URLsaction.
- Apply the policy to all policy groups and then clickSave.
- On theEmail Content Filtering Policiespage, drag the policy to the top of the list.