Data Loss Prevention Cloud Service for Email

 View Only
  • 1.  Reflect mode wth O365 and 3rd Party mail gateway

    Posted Apr 13, 2020 02:06 PM
    Has anyone configured the DLP cloud reflect mode within Office 365 and and using a 3rd party email security gateway (i.e. Mimecast or Proofpoint)? We have the O365 connectors and rules in place to send outbound mail to the DLP detector, then receive it with the inbound connecter, but want to confirm how to make the next hop to the 3rd party connector without causing a loop.


  • 2.  RE: Reflect mode wth O365 and 3rd Party mail gateway

    Posted May 12, 2020 11:12 AM
    Did you get an answer to this?  We'd like to try the same thing.

    ------------------------------
    Farm Credit Bank of Texas
    ------------------------------



  • 3.  RE: Reflect mode wth O365 and 3rd Party mail gateway

    Broadcom Employee
    Posted May 13, 2020 02:27 PM
    Currently, there are 2 supported downstream MTAs for the DLP Cloud Service for Email:

    1. Forwarding mode - goes to Email Security.cloud: this is for customers of O365, or G-Suite.
    2. Reflecting mode - as per Marc's statement above - the message goes back to O365 after inspection by DLP. This option is only available for users of O365.

    Customers using Proofpoint of other MTA hosts would need to have a Forwarding mode configuration - and setup Email Security.cloud to go to that 3rd party vendor.

    ------------------------------
    Global Support Lead, DLP
    Broadcom, Symantec Enterprise Division
    ------------------------------



  • 4.  RE: Reflect mode wth O365 and 3rd Party mail gateway

    Posted May 13, 2020 02:35 PM
    We have our outbound mail flow working with Mimecast. We had to change to reflecting mode as we were not keeping email.cloud (nor I think would anyone moving to a different MTA). We just needed to make sure our O365 mail flow rules and connectors were aligned and so far, flow has been working as expected.


  • 5.  RE: Reflect mode wth O365 and 3rd Party mail gateway

    Posted Sep 25, 2020 01:45 AM
    @Marc Zinsmeister We too have plans to do away with Email Security.Cloud ​and plan to use third party MTA like Proofpoint. To make those changes in production, how much time does it take for Symantec to reflect mails back to O365? Is there a downtime associated? Can it be easily done from Cloud Management Portal? The integration guide doesn't talk about all these. Would you be able to shed some light on these aspects from your experience. 

    Thanks in advance.


  • 6.  RE: Reflect mode wth O365 and 3rd Party mail gateway

    Posted Sep 28, 2020 10:37 AM
    The change is fairly quick, but you may want to add a O365 connector that bypasses DLP Email prevent to ensure mail flow is not affected. You can also build the new connectors now so that your new MTA is ready (we used Mimecast). IN fact, we added out outbound connector first, and had Mimecast send mail for about a week while the inbound was sent for Symantec. The longer change to be aware of is the MX DNS change, so it's best to save that for a weekend when mail traffic would be low.