Email Security in OneView helps protect organizations from phishing, malware, and other email-based threats. This article guides you through the setup process, from connecting your email provider to enabling advanced protection features.
To get started, go to Manage > Email Security. Select a site from the drop-down list with the Pending configuration warning and click Begin Email Integration. If the selected site does not have the Email Security subscription, click Manage Subscription and add it.
Before you begin
- Be a Microsoft 365 and OneView Global Administrator.
- Have a list of email domains to protect.
- Have a business email address to receive setup confirmation.
- The Data Residency Region must be selected by a Global Administrator.
Step 1: Connect email provider
- Click Begin Email Integration.
- Click Next.
- Select Microsoft 365 as the email provider.
- Enter the email domains to protect. More can be added later from the Configurations > Domains page.
- Select the region to store and process email data based on your compliance requirements. The data center options are the United States (US) or European Union (EU).
- Provide an email address to receive a confirmation once mailbox syncing is complete. Mailbox syncing happens at the end of this setup and can take up to 24 hours. This email address must belong to one of the domains entered above.
- Under Account information, click Copy
to copy the site's Account ID. This is needed for a later step.
- Click Authorize and Enable API. A new tab opens to Microsoft 365.
- Sign in with the Microsoft 365 Global Admin credentials and click Accept.
- Paste in the site's Account ID copied from step 5.
- Click Authorize Office 365.
- After the integration is authorized, return to the OneView tab.
Note: If you made a typo and are receiving error messages when trying to set up the correct email domain, contact Support.
Step 2: Choose a protection mode
Choose how Email Security should manage email threats and click Next:
| Mode | Description |
|---|---|
| Active Mode (Recommended) | Automatically detects and removes malicious emails in real time. |
| Silent Mode |
Detects and logs threats only. No malicious emails are automatically quarantined. Email Security trials are restricted to Silent mode. After upgrading to a paid subscription, an admin must manually change it to Active mode to begin protecting mailboxes. |
Change this setting later from the Configurations > Protection Mode page.
Step 3: Select mailboxes to protect
In Microsoft 365, organize each mailbox into mailbox groups to make bulk management easier. Choose which mailbox groups to sync with OneView and click Next. Any changes made to the selected mailbox groups in Microsoft 365 are automatically reflected in OneView.
For example, when an employee is offboarded, they should be removed from the mailbox group in Microsoft 365. This automatically removes the mailbox from Email Security in OneView as well.
- All mailboxes in domain(s) – Protects all mailboxes under the selected domains. If your mailboxes are not organized into mailbox groups or you're unfamiliar with how the mailbox groups are configured, select all mailboxes and disable individual mailboxes from the Configurations > Mailboxes page.
-
Mailbox groups – Choose specific mailbox groups to protect.
- Check Include shared mailboxes to protect those as well.
The mailbox group selections can be changed later from the Configurations > Mailboxes page.
Step 4: Review and complete setup
- Review the:
- Email domains
- Protection mode
- Selected mailbox groups
- Click Complete Setup.
Mailbox syncing starts immediately and may take up to 24 hours. A confirmation email is sent to the email address entered in step 1 once the sync is complete.
OneView also runs a one-time informational scan of the last 90 days of emails in Microsoft 365 to identify any past threats. The recipients can manually delete any malicious emails reported by this scan to remediate these threats.
Next steps
To enhance the site's protection, we recommend the following:
- Set Up a Report Phishing Mailbox - Allow users to report suspicious emails. These reported emails appear in the Email Incidents > Needs Attention tab for admin review. See Set up Report Phishing with Email Security in OneView.
- Enable Email Security Notifications: Notify admins when users report phishing emails or request quarantined emails to be released back to their mailbox. See Set up Email Security notifications in OneView.
Return to Email Security guide.