Cloud App Security Administration Guide for Office 365
- Cloud App Security
- Understanding Cloud App Security
- Configuring Cloud App Security
- Managing Quarantine for Office 365 and Microsoft 365
- Setting Up a Quarantine Mailbox for Office 365 and Microsoft 365 Email (Exchange Online)
- Setting Up a Quarantine Folder for Office 365 and Microsoft 365 OneDrive
- Setting Up a Quarantine Folder for Office 365 and Microsoft 365 SharePoint
- Using the Quarantine View for Office 365 and Microsoft 365 Email (Exchange Online)
- Using the Quarantine Page
- Using the Quarantined File Creator Dashboard
- Using the User Dashboard for Office 365 and Microsoft 365
- Managing Restore Requests
- Using the SonicWall Cloud App Security Dashboard
- Managing Security Events
- Managing Policies
- Understanding Cloud App Security Policies
- Creating New Policy Rules
- Stopping Policy Rules
- Removing Policy Rules
- Managing Office 365 and Microsoft 365 (Exchange Online) Mail-Flow Rules
- Managing Spam and Anti-Phishing
- Managing Spam
- Managing User-Reported Phishing
- Customizing Warning Messages
- Managing Nickname Impersonation
- Managing the Anti-Phishing Exceptions
- Using the Mail Explorer
- Working with Office 365 and Microsoft 365 Email Encryption
- Configuring and Using Click-Time Protection
- Using Cloud App Security Analytics
- Configuring Cloud Applications in the Cloud App Store
- Managing Security Applications in the Security App Store
- Managing Anomaly Exceptions
- Managing Security Tool Exceptions
- Using the System Log
- Managing Cloud App Security Licenses
- SonicWall Support
Understanding Click-Time Protection
Click-Time Protection (CTP) is based on URL “rewrites”. Every link within the subject and body of incoming email messages is replaced with an Cloud App Security-generated URL. When the user clicks on the link, Cloud App Security tests the site before redirecting the user to that website.
Click-Time Protection provides
- Another layer of post-delivery protection
- Enhanced protection for zero-day attacks, as URLs can later become malicious
- Forensics
Click-time Protection provides these options for how malicious websites can be handled :
- Do nothing and allow users to go through to the site
- Completely prevent users from visiting the site
- Display a warning to users with the option to continue to the site
Once enabled, all links contained in the subject or content of an incoming email message are replaced with an SonicWall link. When the user clicks on the link, it triggers an immediate scan of the target website.
- If the website is determined to be benign, the user continues without interruption.
-
If the website is determined to be malicious, the user is forwarded to a warning page.
Each stage of the Click-time Protection process is recorded for forensic and auditing purposes: from the original URL substitution event to the result of the time-of-click scan. If configured in ‘warning only’ mode, user clicks of the continue link are recorded.
Was This Article Helpful?
Help us to improve our support portal