This article outlines the supported environments framework for Mimecast end user applications and administrative portals, as well as Large File Send access key generation pages.
Browser Support Matrix
When consider the following:
- We strongly encourage you to update your browser to a supported version for the purposes of security assurance.
- The minimum screen resolution is 1024px x 768px.
- Results may vary if you use zoom to adjust your view to levels other than 100%.
- Beta versions of web browsers are not supported.
(V9 or Later) *
Safari Mac OS
(V8 or Later)
(v3 or Later)
|Mimecaster Central **||✓||✓||✓||✓||✓||✓|
|Administration Console ***||✓||✓||✓||✓||✓||✓|
|Mimecast Personal Portal||✓||✓||✓||✓||✓||✓|
|Large File Send||✓||✓||✓||✓||✓||✓|
|Targeted Threat Protection||✓||✓||✓||✓||✓||✓|
|*||Compatibility mode with earlier versions is not supported.|
|**||Devices with a browser resolution lower than 768px aren't currently supported.|
|***||If you need to use content editor features such as cut and paste, script access to the clipboard should not be disabled.|
TLS and SSL Protocols
Our web applications are accessed using Hypertext Transfer Protocol Secure (HTTPS). Technically HTTPS is not a protocol, but the result of layering HTTP on top of Transport Layer Security (TLS) or Secure Sockets Layer (SSL). This adds the security of these protocols to cleartext HTTP communications. Using these cryptographic protocols doesn't guarantee the connection is secure. As such, we only support certain protocol versions and ciphers.
The quality of the protection provided by SSL relies on the private key (the basis for the security) and the certificate (which conveys the identity of the server to its visitors). We use an SSL certificate issued by Verisign, a reputable Certificate Authority (CA) that has a 2048-bit RSA key. We no longer support SSLv3 for inbound browser connections. Instead one of the following TLS versions should be used:
|Considered to be secure. There are no known major security weaknesses provided it is properly implemented.|
|TLS v1.1 and 1.2||The most secure protocols that have no known security issues. However, many servers and client systems do not currently support these protocols.|
TLS / SSL cipher suites enforce the actual security of the encrypted session. We support several strong cipher suites with a minimum of 128 bits. This guarantees your secure connection cannot be decrypted if intercepted. The following cipher suites aren't supported:
|Cipher||Reason for Non-Support|
|Anonymous Diffie-Hellman (ADH) suites||It provides no authentication.|
|NULL cipher suites||It provides no encryption.|
|EXPORT cipher suites||It uses trivial encryption.|
|WEAK cipher suites||It typically uses less than 128 bit.|
|Rivest Cipher 4 (RC4)||It is insecure.|
We're also unable to support any connections using the RC4 cipher, and will be rejected by the Mimecast API. We strongly recommend you update your operating system and browsers to more recent secure versions in order to maintain security.
Internet Explorer Settings
We recommend that the following Internet Explorer browser settings are used:
|Disable compatibility mode for our domains.|
|Add our logon URLs to your trusted sites.|
|Clear all temporary internet files, cookies, and browsing history. |
If you've Device Enrollment enabled, deleting cookies will mean re-enabling your device.
With older IE versions, data can only be cleared if your browser is closed. To clear this data, right click on the IE icon and click on the "Internet Options" menu item.
|Allow first and third party cookies.|
|Allow web page animations.|
|Disable accessing data sources across domains. |
This is required for Administration Console access only using IE 10 / 11.