https://community.checkpoint.com/t5/Email-and-Collaboration/CloudGuard-SaaS-April-2019-upgrade/m-p/52261#M83 <P>Greetings SaaS community,</P> <P>This week we started with gradual upgrade of&nbsp;CloudGuard SaaS with new features and bug fixes.</P> <P>You can read about new features here&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk144616" target="_blank" rel="noopener">"<SPAN>sk144616&nbsp;</SPAN><SPAN>CloudGuard SaaS - What's New"</SPAN></A></P> <P>&nbsp;</P> <P>One of the newly introduced cool features is&nbsp; phishing blacklist for unwanted/spam emails, which can be easily built based on template of&nbsp; any given received email.</P> <P>Assume you configured "<STRONG>Inline protection"</STRONG> for phishing emails but there is still unwanted&nbsp; email&nbsp; came thru or email didn't have enough parameters to be incriminated and quarantined as phishing one.</P> <P>You see&nbsp;CloudGuard SaaS scans the <EM>"..Don't&nbsp; Miss Flash Savings"</EM> email but it seems Benign and delivered to your inbox:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="email_example_pixelized_2.png" style="width: 879px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1029iC0FA39B4C41351A5/image-dimensions/879x223?v=v2" width="879" height="223" role="button" title="email_example_pixelized_2.png" alt="email_example_pixelized_2.png" /></span></P> <P>&nbsp;</P> <P>Clicking the "Mark email as phishing" you'll see new menu be opened with email parameters and the list (currently single one) of matched emails:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_1.png" style="width: 893px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1030i86B0FFCC220FA17F/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_1.png" alt="blacklist_1.png" /></span></P> <P>&nbsp;</P> <P>Reducing email parameters and leaving just the <STRONG>'Sender Email'</STRONG> with <STRONG>'Sender IP' </STRONG>will re-scan all existing Benign events&nbsp; for reduced parameters match.</P> <P><SPAN>Voilà !&nbsp; now you see about 200 matches for same promotion emails:</SPAN></P> <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_2_reduced_search.png" style="width: 890px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1031i5230548139DD1709/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_2_reduced_search.png" alt="blacklist_2_reduced_search.png" /></span></SPAN></P> <P>&nbsp;</P> <P><SPAN>Clicking on&nbsp;&nbsp;<STRONG>'Create blacklist rule'&nbsp;</STRONG>we'll create blacklist for feature emails by these 'Email Sender' and 'Sender IP' to be identified and quarantined as phishing. Moreover the already found 200 emails will be re-processed (and quarantined) as phishing according to existing Anti-Phishing configuration.</SPAN></P> <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_2_create blacklist.png" style="width: 596px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1032iCA294EAADDDFDD62/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_2_create blacklist.png" alt="blacklist_2_create blacklist.png" /></span></SPAN></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="cgs2.png" style="width: 176px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1033iF13F89DE1C166E1B/image-size/large?v=v2&amp;px=999" role="button" title="cgs2.png" alt="cgs2.png" /></span></P> <P>&nbsp;</P> Tue, 30 Apr 2019 12:44:57 GMT Igor_Freidin 2019-04-30T12:44:57Z https://community.checkpoint.com/t5/Email-and-Collaboration/CloudGuard-SaaS-April-2019-upgrade/m-p/52261#M83 <P>Greetings SaaS community,</P> <P>This week we started with gradual upgrade of&nbsp;CloudGuard SaaS with new features and bug fixes.</P> <P>You can read about new features here&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk144616" target="_blank" rel="noopener">"<SPAN>sk144616&nbsp;</SPAN><SPAN>CloudGuard SaaS - What's New"</SPAN></A></P> <P>&nbsp;</P> <P>One of the newly introduced cool features is&nbsp; phishing blacklist for unwanted/spam emails, which can be easily built based on template of&nbsp; any given received email.</P> <P>Assume you configured "<STRONG>Inline protection"</STRONG> for phishing emails but there is still unwanted&nbsp; email&nbsp; came thru or email didn't have enough parameters to be incriminated and quarantined as phishing one.</P> <P>You see&nbsp;CloudGuard SaaS scans the <EM>"..Don't&nbsp; Miss Flash Savings"</EM> email but it seems Benign and delivered to your inbox:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="email_example_pixelized_2.png" style="width: 879px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1029iC0FA39B4C41351A5/image-dimensions/879x223?v=v2" width="879" height="223" role="button" title="email_example_pixelized_2.png" alt="email_example_pixelized_2.png" /></span></P> <P>&nbsp;</P> <P>Clicking the "Mark email as phishing" you'll see new menu be opened with email parameters and the list (currently single one) of matched emails:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_1.png" style="width: 893px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1030i86B0FFCC220FA17F/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_1.png" alt="blacklist_1.png" /></span></P> <P>&nbsp;</P> <P>Reducing email parameters and leaving just the <STRONG>'Sender Email'</STRONG> with <STRONG>'Sender IP' </STRONG>will re-scan all existing Benign events&nbsp; for reduced parameters match.</P> <P><SPAN>Voilà !&nbsp; now you see about 200 matches for same promotion emails:</SPAN></P> <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_2_reduced_search.png" style="width: 890px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1031i5230548139DD1709/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_2_reduced_search.png" alt="blacklist_2_reduced_search.png" /></span></SPAN></P> <P>&nbsp;</P> <P><SPAN>Clicking on&nbsp;&nbsp;<STRONG>'Create blacklist rule'&nbsp;</STRONG>we'll create blacklist for feature emails by these 'Email Sender' and 'Sender IP' to be identified and quarantined as phishing. Moreover the already found 200 emails will be re-processed (and quarantined) as phishing according to existing Anti-Phishing configuration.</SPAN></P> <P><SPAN><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="blacklist_2_create blacklist.png" style="width: 596px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1032iCA294EAADDDFDD62/image-size/large?v=v2&amp;px=999" role="button" title="blacklist_2_create blacklist.png" alt="blacklist_2_create blacklist.png" /></span></SPAN></P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-center" image-alt="cgs2.png" style="width: 176px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/1033iF13F89DE1C166E1B/image-size/large?v=v2&amp;px=999" role="button" title="cgs2.png" alt="cgs2.png" /></span></P> <P>&nbsp;</P> Tue, 30 Apr 2019 12:44:57 GMT https://community.checkpoint.com/t5/Email-and-Collaboration/CloudGuard-SaaS-April-2019-upgrade/m-p/52261#M83 Igor_Freidin 2019-04-30T12:44:57Z