- CheckMates
- :
- Products
- :
- Quantum
- :
- Threat Prevention
- :
- Phishing Simulation Exceptions
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Phishing Simulation Exceptions
We use a Phishing simulation for end user training. It sends emails to our users with URLs that if clicked bring them to the training site and record the click for reporting.
We use a hosted spam filter which then sends email to the security gateways for threat emulation and extraction.
We set exceptions for the sender address each month in the threat emulation and extraction policy for the simulation, but the reports still show clicks when we are certain the user did not click and in some cases blocks the email completely. Our conclusion is that even though we have exceptions set, the check at the gateway is still following the URL to check the reputation of the site. We opened a support case with Checkpoint and they told us the only option is to create a global exception in the threat prevention policy with the source being our hosted spam filter. This obviously is not a solution as that would allow all email to bypass emulation and extraction and not just the sim email.
So, we are wondering if anyone else is running into a similar situation or if they have found a suitable work around?
- Labels:
-
Threat Emulation
-
Threat Extraction
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
have you got any resolution for this ?