• Cloud App Security
• Understanding Cloud App Security
  • Understanding Email Security
    • Understanding Post-Delivery Email Recheck
  • Using Data Leak Protection
  • Understanding Anomalies
  • Understanding Click-Time Protection
• Configuring Cloud App Security
  • Subscribing to Cloud App Security
  • Activating Cloud Applications for Cloud App Security
  • Activating G Suite Cloud Applications
    • Using Cloud App Security with Google Cloud Directory Sync
• Managing Quarantine for G Suite
  • Setting Up a Quarantine Mailbox for Gmail
  • Setting Up a Quarantine Folder for Google Drive
  • Using the Quarantine View for Gmail
  • Using the Quarantine Page
  • Using the Quarantined File Creator Dashboard
  • Using the User Dashboard for G Suite
  • Managing Restore Requests
• Using the SonicWall Cloud App Security Dashboard
  • Using the Security Events Widgets
    • Changing a Security Event Widget to an Alert or Custom Query
    • Resetting a Security Event Widget
    • Hiding a Security Event Widget
    • Configuring Security Event Widget Custom Queries
    • Adjusting the Time Scale
  • Viewing the Summary of Security Events
  • Viewing Login Events
  • Viewing Secured Applications
  • Viewing the Scanned Files Summary
• Managing Security Events
  • Using the Security Event Graphs
    • Viewing Security Events by Severity
    • Viewing Security Events by State
    • Viewing Security Events by Cloud Application
  • Viewing and Acting on Security Events
    • Removing Filters
    • Acting on Security Events
  • Managing Multiple Events
• Managing Policies
  • Understanding Cloud App Security Policies
    • Before You Set Email Policies
    • Monitor only
    • Detect and Prevent
    • Protect (Inline)
  • Creating New Policy Rules
    • Creating Data Leak Protection Policy Rules
      • Using Regular Expressions in DLP Policies for Email
    • Creating Malware Policy Rules
    • Creating Threat Detection Policy Rules
    • Creating Policy Rules for Click-Time Protection
    • Creating Custom Query Policies
  • Stopping Policy Rules
  • Removing Policy Rules
• • Configuring Data Leak Protection Detection Rules
  • Reactivating Data Leak Protection
  • Predefined Data Leak Protection Policy Rules
    • Global Rules
    • Credentials and Secrets
    • Predefined Data Leak Protection Rules for Specific Countries
      • Argentina
      • Australia
      • Belgium
      • Brazil
      • Canada
      • Chile
      • China
      • Columbia
      • Denmark
      • Finland
      • France
      • Germany
      • Hong Kong
      • India
      • Indonesia
      • Ireland
      • Israel
      • Italy
      • Japan
      • Korea
      • Mexico
      • The Netherlands
      • Norway
      • Paraguay
      • Peru
      • Poland
      • Portugal
      • Singapore
      • Spain
      • Sweden
      • Taiwan
      • Thailand
      • Turkey
      • United Kingdom
      • United States
      • Uruguay
      • Venezuela
• Managing Spam and Anti-Phishing
  • Managing Spam
  • Customizing Warning Messages
  • Managing Nickname Impersonation
  • Managing the Anti-Phishing Exceptions
    • Managing Excluded Email Addresses
      • Adding Email Addresses to the Anti-Phishing Block-List
      • Removing Email Addresses from the Anti-Phishing Block-List
    • Managing Excluded IP Addresses
      • Adding IP Addresses to the Anti-Phishing Block-List
      • Removing IP Addresses from the Anti-Phishing Block-List
    • Managing Excluded Domains
      • Adding Domains to the Anti-Phishing Block-List
      • Removing Domains from the Anti-Phishing Block-List
    • Creating Block-List Rules from Email Messages
    • Managing the Anti-Phishing Allow-List
      • Creating Anti-Phishing Allow-List Rules from the Security Events Page
      • Creating Anti-Phishing Allow-List Rules from the Anti-Phishing Allow-List Page
    • Managing the Anti-Phishing Block-List
• Configuring and Using Click-Time Protection
  • Activating Click-Time Protection
  • Configuring Click-Time Protection
    • Configuring the Click-Time Protection Workflow
    • Configuring Custom Click-Time Protection for Specific Domains
      • Adding Custom Click-Time Protection for Specific Domains
      • Deleting Custom Click-Time Protection for Specific Domains
  • Using Click-Time Protection
    • Viewing Security Events for Click-Time Protection
    • Managing Email Messages with Click-Time Protection
    • Creating Custom Queries for Click-Time Protection
• Using Cloud App Security Analytics
  • Viewing the Summary Report
  • Viewing the Weekly Reports
  • Viewing Email Analytics
  • Viewing Google Drive Analytics
  • Viewing Shadow SaaS Analytics
  • Viewing and Creating Custom Queries
    • Creating Custom Queries
    • Adding Custom Queries to the Dashboard
• Configuring Cloud Applications in the Cloud App Store
  • Configuring G Suite for Cloud App Security
  • Re-Authorizing Cloud Applications
• Managing Security Applications in the Security App Store
  • Starting Security Applications
  • Stopping Security Applications
• Managing Anomaly Exceptions
  • Creating Exceptions Based on Anomaly Events
  • Sending Anomaly Event Notifications
• Managing Security Tool Exceptions
• Using the System Log
  • Viewing the System Log
  • Exporting the System Log
• Managing Cloud App Security Licenses
  • Adding Administrator Users
  • Adding Read-Only Users
  • Managing Group Licensing
  • Unassigning Cloud App Security Licenses
• SonicWall Support
  • About This Document

Understanding Email Security

The widespread adoption of G Suite makes it an easy target for every hacker. Never have they given so many mailboxes with identical security. Hackers also leverage the fact these cloud accounts are sources of authentication to other enterprise SaaS apps. This is the real and present danger of the cloud security monoculture. What bypasses one, bypasses all. Unfortunately, native cloud security is not enough. Secure Email Gateways (SEGs) are not built for the cloud, only secure inbound and outbound email, and broadcast themselves to hackers.

Given the many limitations of securing cloud email with traditional SEGs and security shortfalls within G Suite filters, a best-practice solution must be cloud-native and designed to augment, not replace, existing security layers. This ensures that the basic filtering as well as new attack signatures are constantly updated, while advanced threat analyses address modern targeted phishing and evolving zero-day attacks.

A best practice solution must:

• Block harmful messages, URLs, and attachments from reaching the inbox
• Scan all emails preventing insider threats from compromised or trusted internal accounts
• Synchronous threat management via Capture Cloud Platform

Cloud App Security complements the default security of G Suite by connecting within the G Suite environment via API and scanning emails after the email provider’s built-in security scan. This has several advantages over the proxy method utilized by SEGs.

By scanning after the default security of G Suite, Cloud App Security utilizes the built-in security features as opposed to scanning before default security in the case of SEGs. This allows Cloud App Security to focus on more sophisticated phishing attacks that are designed to bypass the filters in place by G Suite.

By connecting to the cloud environment via the G Suite API, Cloud App Security can extend their security beyond just inbound and outbound emails to scan internal emails as well for account compromised and data leakage.

• Before You Set Email Policies
• Managing Spam and Anti-Phishing
• Understanding Post-Delivery Email Recheck