Advanced / Federated Account Administration Console

Document created by user.oxriBaJeN4 Employee on Nov 13, 2017Last modified by user.oxriBaJeN4 Employee on Sep 28, 2018
Version 5Show Document
  • View in full screen mode

By default, all customer accounts are created with a single, self-contained Mimecast account. However, organizations with more complex requirements (e.g. different geographical regions) can have more than one account linked to a master account. The Advanced / Federated Account Administration Console acts as an overarching view of all these accounts.

Administrators can use 2-Step Authentication to log into their Advanced / Federated Account Administration master account.



With Advanced or Federated account administration, you can:

  • Link multiple Mimecast accounts to one overall master account. The only limitation is that all the accounts must be hosted on the same Mimecast grid.
  • Centralize domain management and policy administration.
  • Group accounts to create a hierarchy.
  • Administer several Mimecast accounts, and allocate permissions to regional administrators.
  • Ensure policies from group / corporate accounts replicate down to regional / divisional accounts. See the Policy Inheritance page for full details.
  • Apply different message retention policies based on users and groups, to meet commercial and regulatory requirements and control costs.


Advanced / Federated Account Management Differences


The differences between advanced or federated account management are provided below:

Account Type
Use Cases
Federated Account AdministrationThe following optional features are supported:
  • Policy Inheritance: Sub accounts that have opted into this functionality respect the policies of the master and / or group accounts.
  • Federated Administration: Administrators belonging to the federated administration domain have access to the nested accounts that have opted into this functionality. This facilitates the administration of multiple accounts from the same browser window.
This is useful for:
  • Organizations with multiple (regional) segregated Mimecast accounts.
  • Partners / Service Providers.
The master and group account administrators can control inheritable policies that must be respected by the relevant sub accounts. Sub-account administrators can only access content and settings for their own account.
Example: An organization has four agencies, each with their own unique email domain. A global IT Manager controls specific inheritable policies for the agencies via a master or group account. Each agency's IT managers only have control over their Mimecast account.
Advanced Account AdministrationIn addition to the features included with Federated Account Administration, Advanced Account Administration also supports domain sharing across multiple Mimecast accounts.This is useful for large organizations that share the same domain name, but wish to segregate and / or partly or fully federate administrator access and policy configuration.
Example: An organization has offices in 15 countries. These regional offices all utilize the same domain name, but the global IT Administrator wants to segregate administrator access per region, whilst providing specific inheritable global policies next to specific policies set by the regional administrators.


See Also...