Integrating Symantec Messaging Gateway with Symantec Email Threat Isolation

Symantec Email Threat Isolation provides a secure execution environment for web interactions. When a user clicks a link in an email message, Email Threat Isolation isolates the browser from the Internet. Email Threat Isolation executes all potentially malicious content. Only a safe visual stream is sent to the user.
You can integrate Symantec Messaging Gateway with Email Threat Isolation by adding a Modify URL action to your content filtering policies. When the policy triggers a verdict, the action modifies every URL in the affected message. If a recipient clicks a link in the message, the browser redirects the request to Email Threat Isolation for isolation and execution.
  1. To add Symantec Email Threat Isolation to a content filtering policy
  2. In Control Center, from the
    Content
    >
    Policies
    >
    Email
    page, click
    Add
    to create a new content filtering policy. Or select a policy and click
    Edit
    to add Email Threat Isolation to an existing content filtering policy.
  3. Under
    Conditions
    , from the
    Apply to
    menu, select
    Inbound messages
    .
    Never apply Email Threat Isolation to outbound messages. In most cases, outbound recipients do not have permission to access to your Email Threat Isolation instance. The result is that the links with modified URLs are likely to fail.
  4. In the
    Actions
    panel, click
    Add
    .
  5. In the
    Configure An Action
    dialog box, select
    Modify clickable URLs in message
    .
  6. In the
    Type of service
    field, select
    Email Threat Isolation
    .
  7. In the
    Prepend value
    field, enter the fully-qualified domain name (FQDN) or IP address of your Symantec Email Threat Isolation instance.
    For Symantec Messaging Gateway 10.6.5, see https://www.symantec.com/docs/HOWTO127807 for instructions on how to enter the
    Prepend value
    for that version.
  8. Click
    Add Action
    .
    When a message triggers a verdict, Symantec Messaging Gateway modifies all the URLs in the message to redirect them to the hostname that you specified in the
    Prepend value
    . When a recipient clicks a modified link, the browser request is routed to your Email Threat Isolation instance.
  9. When you finish creating or editing the policy, click
    Save
    .
  10. Protecting all your users with Email Threat Isolation
    To create a content filtering policy that applies Email Threat Isolation protections to all inbound messages:
  11. On the
    Email Content Filtering Policies
    page, click
    Add
    .
  12. Select the
    Blank
    template.
  13. In the
    Settings
    panel, disable
    Track violations of this policy in the dashboard and reports
    .
  14. In the
    Conditions
    panel, from the
    Apply to
    menu, select
    Inbound messages
    .
  15. Click
    Add
    to add a new condition.
  16. Select
    For all messages
    , and then click
    Add Condition
    .
  17. In the
    Actions
    panel, click
    Add
    . Follow the steps in the previous procedure to add the
    Modify clickable URLs
    action.
  18. Apply the policy to all policy groups and then click
    Save
    .
  19. On the
    Email Content Filtering Policies
    page, drag the policy to the top of the list.