Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 8 subscribers
  • Views 10684 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Phish Threat - White list question

LarryKahm

The IP addresses that are listed - according to the video tutorial - are supposed to be added to the firewall.

Is this the MSP's firewall or the client's firewall?

And if it is the latter, then does this have to be done at every client/customer site?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Larry,

    It would be the client side where our IPs and Domains for Phish Threat will need to be white-listed as the simulation emails are coming from us not the MSP.

    So to allow your phishing emails through to a recipient, i.e John.Smith@exampledomain.com, Johns company would need to white-list our IPs and Domains across all firewalls/gateways that email passes through, including any spam filters so that the phishing emails get through to him. Obviously if you're an MSP and you manage Johns network for him, you'd complete this work. Then you'd have to do that for every customer that you support and wish to send out phishing emails to. Bit of leg work to begin with but after the IPs and Domains are allowed through, you can pretend to phish them and start gathering data on how well each employee does.

    Details on which IP and Domains are used by Sophos Phish Threat can be found under 'Settings' > 'Domain List' while logged into the Phish threat portal. 

    Best Regards,

    Byron

     



  • 0 in reply to byron

    OK, so if I'm actually the MSP for the client, I have some work to do - I get it.

    However, I am planning to show this product's capabilities to a group of small business owners via webinar and/or lunch 'n' learn.

    If they sign up for a trial, at that point I am not their IT guy, and I don't have access to their systems and network infrastructure.

    How much push-back do you expect I'll receive when I very politely send the list to their current provider?

    I am looking to lower the "entrance fee" (so to speak) to get in the door as their MSP.  

    Changing aspects of their environment - especially for a trial - is more of a hindrance than it is a wedge to remove the incumbent...

  • 0 in reply to LarryKahm

    Hey Larry,

    With regards to trials then yes, it's over to the customer or their MSP to correctly configure the environment so they can receive these types of email. 

    Your mileage is going to vary when you ask prospects to set this up. For some, it's an easy task to allow xyz through their network and for others they may have to jump through some corporate hoops. 

    It's important to note that when using a trial Phish Threat account, you can only send emails to the domain that was used to sign up for the account. For example, if I sign up using John.Smith@sophos.com, I can only send out phishing emails to employees with a @sophos.com domain. 

    Regards,

    Byron 

Reply
  • 0 in reply to LarryKahm

    Hey Larry,

    With regards to trials then yes, it's over to the customer or their MSP to correctly configure the environment so they can receive these types of email. 

    Your mileage is going to vary when you ask prospects to set this up. For some, it's an easy task to allow xyz through their network and for others they may have to jump through some corporate hoops. 

    It's important to note that when using a trial Phish Threat account, you can only send emails to the domain that was used to sign up for the account. For example, if I sign up using John.Smith@sophos.com, I can only send out phishing emails to employees with a @sophos.com domain. 

    Regards,

    Byron 

Children
No Data
Unfiltered HTML