Mimecast Web Security: Prerequisites

Document created by user.oxriBaJeN4 Employee on Jul 3, 2018Last modified by user.oxriBaJeN4 Employee on Jul 2, 2019
Version 16Show Document
  • View in full screen mode

To use the Mimecast Web Security feature, the following prerequisites must be met:

 

Administration Console

 

To configure Mimecast Web Security, you need an administrator role that has basic administrator role or higher. If you're using a custom role, the logon must have access to the following Administration Console menu items:

Menu ItemAccess Required
Gateway | PoliciesWrite
Web SecurityWrite
Directories | Profile GroupsRead
Directories | Directory GroupsRead

 

Firewall

 

Your firewall must allow requests to pass through port 53 to the Mimecast Web Security gateway servers. For example:

  • Source: UDP/TCP port 53
  • Destination: 41.74.203.10/32 & 41.74.203.11/32
Ensure traffic for these devices isn't intercepted or filtered elsewhere on the network.

Although the Mimecast Web Security gateway servers are distributed around the world, the IPs are registered in South Africa.

 

Mimecast API URL for the Mimecast Security Agent

The below step isn't required for most environments, but is recommended.

If you intend to use the Mimecast Security Agent, you must allow HTTPS requests to the *api.mimecast.com URL. This covers the following regional API URLs:

  • Europe (excluding Germany): eu-api.mimecast.com
  • Germany: de-api.mimecast.com
  • North America: us-api.mimecast.com
  • South Africa: za-api.mimecast.com
  • Australia: au-api.mimecast.com
  • Offshore: jer-api.mimecast.com

 

Web Browser

 

Browsers must have cookies enabled to display block pages. If cookies are disabled, block pages won't display.

 

For Network Level Protection

 

You must:

 

For Mimecast Security Agent (MSA)

 

You must:

  • Have administrator privileges to install and setup the Mimecast Security Agent.
  • Managed endpoint systems must use a Network Time Provider to ensure accurate system clocks.
  • Ensure communication from MSA to Mimecast via API URLs isn't blocked. See the "Firewall" section above.

 

Mimecast Security Agent for Windows

 

The minimum supported Windows OS version is Windows 7 or later. This can be either the Pro x86/x64 or Enterprise x86/x64 edition.

The Home edition doesn't support enterprise features of MSMQ, resulting in the failure.

For the MSA to work correctly, the Messaging Queue (MSMQ) feature in Windows needs to be configured correctly. During installation, the MSMQ may be removed from the system or disabled in error. The workaround is to run the Windows Update service. Refer to the Message Queuing (MSMQ) article on Microsoft's site for more information.

 

You must have .Net Framework version 4.5.2 or higher.

You may be prompted and required to install additional software including Visual C++.

See Mimecast Web Security: Installing the Mimecast Security Agent (Windows) for more information.

 

Mimecast Security Agent for MacOS

 

The minimum supported OS version is macOS Sierra (10.12).

 

See Mimecast Web Security: Installing the Mimecast Security Agent (Mac) for more information.

Attachments

    Outcomes