What is Time of Click URL protection?

03/26/2020 10 7734

DESCRIPTION:

Available in firmware 10.0.x and newer, Time of Click URL protection rewrites unknown URLs found in the subject and body of inbound and outbound email messages. It detects malicious URLs in real-time when the user clicks on the URL. This is an incremental URL protection feature added to the previously available Advanced URL Protection feature that detected malicious URLs during the email delivery at the gateway. This feature is activated by default for customers having a Capture ATP license.

RESOLUTION:

To use this feature:

1. Navigate to MANAGE | Security Services | Time of Click.
2. Under Basic Setup Checklist, there are two choices:
   • To enable the feature for inbound messages, click the circle next to URL rewriting for inbound email is disabled.
   • To enable the feature for outbound messages, click the circle next to URL rewriting for outbound email is disabled.
3. Once the URL has been rewritten and the capture service has determined that it is a threat and should not go further, a default block page pops up and prevents the user from continuing.
4. To customize the Block Page text, under Configure Block Page, check the box next to "The block page should not allow the email recipient to proceed to the original URL" and, in the text box, type the optional text to be displayed at the bottom of the blocked page.
5. Click Submit.
6. Under Exception Management specify the email addresses of people (senders) and companies (sender domains) that do not need to be rewritten.
7. Click on the Inbound or Outbound tabs and then click on Add Exception to type in the popup text box the email addresses and URL domains that do not need to be rewritten.
8. The following types of addresses and URL domains can be specified:
   • Sender email address
   • Recipient email address
   • Sender email domain
   • URL
   • URL Domain
   • IP Address
9. Click Add when done or Cancel to cancel your selection.