Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 18 subscribers
  • Views 1901 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Email Search and Destroy for O365 - Is this even up and working now

Ninjatech1969

I have tried to set this up and just continues to fail. "Failed to create connection" . I've tried twice with the same result. I'm Super Admin in Sophos and a Global Admin in O365...Can anyone confirm this is working?



Added tags
[edited by: Raphael Alganes at 12:57 AM (GMT -7) on 8 Jun 2023]
Parents
  • 0

    Hello Ninjatech,

    Thank you for contacting the Sophos Community.

    It is working now, if you’re experiencing issues, please open a Support Case and send me the Case ID so I can follow up.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    I turned off my MFA temporarily and was able to register .

    Couple of questions regarding this product

    1. How often does it scan the users mailbox? Is this an everyday thing that scans the users mailbox

    2.  Sophos Email gateway already quarantines email from the gateway if it detects a malicious URL. Why was this created ? Does that mean 

    there are emails that has malicious content that gets through? ELI5 please TY

  • 0 in reply to Ninjatech1969

    S&D is a after breach feature. 

    Time of Click is the same technique and goes along with this feature. Attacks simply register a new domain, use this without malicious content. As a Gateway has a one time chance to scan, those emails will slip. With time of click, we check the URL again, after the user clicks the URL (hence the name). S&D is a addon to this feature. We target the mailbox of this particular user and get rid of this Email post deliver. 

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to Ninjatech1969

    S&D is a after breach feature. 

    Time of Click is the same technique and goes along with this feature. Attacks simply register a new domain, use this without malicious content. As a Gateway has a one time chance to scan, those emails will slip. With time of click, we check the URL again, after the user clicks the URL (hence the name). S&D is a addon to this feature. We target the mailbox of this particular user and get rid of this Email post deliver. 

    __________________________________________________________________________________________________________________

Children
No Data
Unfiltered HTML