Mimecast Web Security: Configuring a Policy

Document created by user.oxriBaJeN4 Employee on Aug 6, 2018Last modified by user.oxriBaJeN4 Employee on Nov 16, 2018
Version 15Show Document
  • View in full screen mode

Mimecast Web Security policies define the rules to be applied to user activity in an organization's environment, at the server level or frontline layer of the web. A multi-layer security approach can be taken, where administrators have the flexibility to:

  • Define specific domains that should be blocked or allowed.
  • Define the site categories that should be blocked from user access.
  • Select whether a policy applies to everyone in your organization, or to a specific user or group.
  • Select whether a policy applies to a specific location.

 

Configuring a Mimecast Web Security Policy

 

To configure a Mimecast Web Security policy:

  1. Log on to the Administration Console.
  2. Click on the Administration menu item. A drop down menu displays.
  3. Click on the Web Security | Policies menu item. A list of your policies display.
  4. Click on the Create New Policy button.
  5. Complete the policy details dialog as follows:
    FieldDescription
    NameEnter a name for the new policy.
    Type

    Select a policy type from the categories below:

    • Domain Filtering: Blocks or allows specific domains. 
      A block or allow on a particular domain is final and no further policy rules apply.
    • Category Filtering: Blocks requests based on their category (e.g. adult, NSFW).
      If a certain category is allowed, further block rules can still apply from other policies.
    • Targeted Threat Protection: Checks request from Managed URLs and Advanced Similarity Checks in the URL Protection product.
      This policy type is only visible if the URL Protection package is enabled for your account. View the URL Protection Definitions and Policies page for more information.
    • Advanced Security: Allows you to configure advanced options (e.g. SafeSearch, Web Proxies).
  6. Click on the Next button. 
  7. Configure the settings for the selected policy type. Refer to the relevant section below for further instructions, and continue to step 8 of this section.
  8. Click on the Next button. 
  9. Select who the policy applies to:
    Applies ToDescription
    EveryoneApplies to all users in your organization.
    LocationApplies to users in a defined server location. To set location:
    1. Click on the Select Location button. A sliding panel displays.
    2. Select the Location from the list, or use the search tool to find it.
    GroupApplies to a select group of users. To select a group:
    1. Click on the Select Group button. A sliding panel displays.
    2. Select from the Active Directory Groups or Local Groups tabs.
    UserApplies to an individual user. To select a user:
    1. Click on the Select User button. A sliding panel displays.
    2. Select the User from the list displayed, or use the search tool to find them.
  10. Click on the Next button. 
  11. Review the summary page to ensure all details are correct.
  12. When you're ready, click on the Create Policy button. The new policy displays.

Configuring a Domain Filtering Policy

If there are applications that all users should have access to in your organization (e.g. dropbox, slack), we recommend adding the domains to your Exceptions list as this overrides all other policies. View the Mimecast Web Security: Managing Exceptions page for more information.

Domain FilteringTo continue configuration for a Domain Filtering policy:

  1. Block or allow individual domains:
    1. Select either the Block or Allow option.
    2. Enter the Domain in the required field (e.g. company.com)
    3. Click on the Block Domain / Allow Domain button. The domains display with a Block or Allow rule.
    4. Click on the Trash Can Icon to remove any domain listed if required.
  2. Alternatively, if you have a large number of domains to block or allow:
    1. Import DomainsClick on the Upload a CSV File link. A popup dialog displays.
    2. Click on the Download button. The template downloads to your computer.
    3. Delete the first line of the template and enter: 
      • The domains in column A.
      • "Allow" or "Block" in column B.
    4. Save the .CSV file.
    5. Return to the dialog and click on the Upload button.
    6. Click on the Import button. The domains display.
      5000 is the maximum number of entries that can be uploaded in the .CSV file.
  3. Select who the policy applies to.
  4. Continue to step 8 of the "Configuring Mimecast Web Security Policies" section above.

Configuring a Category Filtering Policy

If a category is allowed, further block rules may still apply from other policies.

To continue configuration for a Category Filtering policy:

  1. Select the categories to block or allow from the table below. You can opt to: 
    • Allow All: Allows users to access all domains in the category group.
    • Block All: Blocks users from access to all domains in the category group.
    • Custom: Allows you to allow or block subcategories in the main category group. Select Allow / Block from the drop down menu next to each subcategory as outlined below.
      CategorySubcategoryDescription
      Adult (Extreme)Hate & Intolerance
      Pornography / Sexually Explicit
      Suicide
      Violence
      Adult (NSFW)Alcohol & Tobacco
      Drugs
      Mature Content
      Nudity
      Sex Education
      Tasteless
      Weapons
      Bandwidth IntensiveAdvertisements & Pop-Ups
      File Sharing
      Image Sharing
      Peer-to-Peer
      Streaming Media & Downloads
      BusinessBusiness
      Computers & Technology
      Finance
      Information Security
      Reference
      Search Engine & Portals
      Legal RiskChild Abuse Images
      Criminal Activity
      Illegal
      Illegal Drug
      Illegal Software
      ProductivityAdvice
      Arts
      Auctions
      Restaurants & Dining
      Education
      Entertainment
      Fashion & Beauty
      Forums & Newsgroups
      Gambling
      Games
      Government
      Health & Medicine
      Job Search
      Leisure & Recreation
      Marketing
      News
      Non-profits & NGOs
      Politics
      Real Estate
      Religion
      Shopping
      Sports
      Timewasters
      Transportation
      Travel
      SecurityAbuse
      Anonymizers
      Botnets
      Compromised
      Download Sites
      Fraud
      Hacking
      Malware
      Parked Domains
      Phishing & Fraud
      Private IP Addresses
      Redirector
      Spam Sites
      Surfer Reward
      Suspicious
      Translators
      Web-Based Email
      Social MediaChat
      Dating & Personals
      Instant Messaging
      Personal Sites
      Social Networking
      TrustedTrusted
      OtherCults
      General
      Greeting Cards
      Greylisted
      Hosting
      Network Errors
      School Cheating
      UnknownUnknown
  2. Select who the policy applies to.
  3. Continue to step 8 of the "Configuring Mimecast Web Security Policies" section above.

Configuring a Targeted Threat Protection Policy

 

To continue configuration for a Targeted Threat Protection policy:

  1. Optionally toggle on the Managed URLs setting.
    Enabling this feature will control only domain entries from the Managed URLs list. Click on the Managed URLs link to view your managed URLs.
  2. Click on the Next button.
  3. Optionally toggle on the Advanced Similarity Check setting.
    The Advanced Similarity Checks setting detects the use of special characters that look like other characters in the domain. It checks DNS requests against both Mimecast’s managed domain lists and your custom monitored internal and external domains.
  4. Advanced Similarity ChecksIf enabled, select from one of the following Action options:
    • Block: Blocks the user from accessing the link and displays a block page.
    • Warn: Displays a warning page to the user, allowing them to access the link if they choose.
  5. Optionally click on the Custom Monitored External Domains link to view your custom list. See the Targeted Threat Protection: Custom Monitored External Domains page for further information.
  6. Click on the Next button.
  7. Select who the policy applies to. 
  8. Continue to step 8 of the "Configuring Mimecast Web Security Policies" section above.

 

Configuring an Advanced Security Policy

 

Safe SearchTo continue configuration for an Advanced Security policy:

  1. Optionally toggle the SafeSearch setting on for the following sites:
    • Google
    • Bing
    • YouTube
      When SafeSearch is enabled, it helps block explicit images, videos, and websites from search results. While SafeSearch isn’t 100% accurate, it can help your organization avoid explicit and inappropriate search results on user's phones, tablets, and computers.
  2. Click on the Next button.
  3. Optionally toggle on the Newly Observed Domains setting to block newly observed domains that might be malicious.
  4. Click on the Next button.
  5. Configure the Web Proxy settings:
    SettingDescription
    Web ProxyToggle this setting to enable proxying of suspicious sites. This allows SSL inspection, URL categorization, and antivirus scanning.
    This option must be enabled to display the Antivirus Scanning setting below.
    Antivirus Scanning

    Toggle this setting to enable / disable antivirus scanning. If enabled, proxied traffic is scanned for malware.

    This option must be enabled to display the Unscannable Content setting below.
    Unscannable ContentSelect to Block or Allow files which cannot be scanned due to encryption or corruption.
  6. Click on the Next button.
  7. Select who the policy applies to.
  8. Continue to step 8 of the "Configuring Mimecast Web Security Policies" section above.

 

Changing a Mimecast Web Security Policy

 

Edit PolicyTo edit a policy:

  1. Click on the Policy from the list. A sliding panel displays.
  2. Click on the Edit button. The Edit dialog displays. 
  3. Click on the tabs on the left hand side to switch between the edit sections. The tabs will vary depending on the policy type selected.
  4. Make your required edits.
  5. Click on the Save & Close button.

 

Deleting a Mimecast Web Security Policy

 

To delete a policy:

  1. Click on the Policy from the list. A slide in panel displays.
  2. Click on the Delete button. A popup message displays.
  3. Click on the Delete button to confirm. 

Delete Policy

Alternatively:

  1. Click on the Menu Icon icon in the far right corner of the listed policy.
  2. Select Delete from the drop down menu. A popup message displays.
  3. Click on the Delete button to confirm. 

 

See Also...

 

1 person found this helpful

Attachments

    Outcomes