Protected Email Assets

This page includes:

• Protected Email Assets
  • About protected email assets
  • Protected email assets - Inline domains
  • Protected email assets - Microsoft 365 API integrations
  • Determining if a Microsoft 365 integration is Inline or API

About protected email assets

The Protected Email Assets page lets you view and manage the email-related assets in your organization that are protected by Perception Point X‑Ray.

To open the Protected Email Assets page:

• In Perception Point X‑Ray, in the left navigation menu, select Account > Protected Email Assets.

The Protected Email Assets page is available to admin users with a "Cyber Analyst" [or higher] role.

Protected email assets - Inline domains

The Protected Email Assets > Inline Domains section shows all the domains that have been defined for any of the following integrations:

• Microsoft 365 - Inline

• Google Workspace

• Microsoft Exchange

• "Other" integrations

• If you select a parent organization in the Perception Point X‑Ray banner, then the Protected Email Assets page shows all the inline domains for all the child organizations.

• If you select a child organization in the Perception Point X‑Ray banner, then the Protected Email Assets page shows the inline domains for the selected child organization only.

For each domain, you can see the verification status of the domain:

• Verified: The domain is already verified.

• Pending: Verification of the domain is still pending.

This status information may be displayed for both the primary and the secondary records. Secondary Status will appear only if multi-region is enabled. For details about the multi-region functionality, see Multi-region.

Note: [Microsoft 365 Inline integrations only] If you have configured the integration to protect specified domains, groups, or users, information about the groups and users is not shown on this page.

Adding, deleting, and editing Inline domains

Adding domains

For details on how to add a domain to an existing inline integration, see:

• Adding a domain to an existing Microsoft 365 Inline integration

• Adding a domain to an existing Google Workspace integration

Deleting domains

• Pending domains: You can delete a domain that is pending [not yet verified] - by clicking Delete on the right of the domain name.

• Verified domains: If the domain is already verified, then see:

  • Deleting Microsoft 365 Inline domains

  • Deleting Google Workspace domains

Editing domains

You can edit the SMTP server addresses that are associated with any domain.

To edit the SMTP server addresses that are associated with a domain:

1. In the Protected Email Assets page, under Inline Domains, locate the domain that you want to edit.

2. Click the orange arrow on the left of the domain name to display details of the domain.

3. Click Edit on the right.

4. In the Edit SMTP Servers dialog box, make the required changes.

Protected email assets - Microsoft 365 API integrations

About protected email assets - Microsoft 365 API integrations Full protection vs Partial protection Editing the protected assets Asset details

About protected email assets - Microsoft 365 API integrations

The Protected Email Assets page shows information about the email-related assets that are protected by Microsoft 365 API integrations. You can also perform some editing functions on this page, as described below.

The protected assets can include:

• Domains

• Groups

• Users

  

Note: Email assets that are protected by a Microsoft API integration are shown only for child organizations - the protected assets are not shown when a parent organization is selected in the Perception Point X‑Ray banner.

Full protection vs Partial protection

For Microsoft API integrations, you can use the Protected Email Assets page to choose which email assets to protect - either full protection, protect the full Microsoft 365 account, or partial protection, protect only specified assets inside the account.

• Protect the Entire MS365 Account

  Protects all the users inside all the domains in the organization's Microsoft 365 account, including existing assets and future assets. This means that domains that are added to the organizations Microsoft 365 account in the future will be automatically protected.

  Note: When the "protect all" option is selected, you won't be able to select a domain, and then disable or delete the domain. To delete or disable a domain, first change the organization protection to "Protect selected email assets"

• Protect Selected Email Assets

  Protects only the specified domains, groups, and users.

Switching between the two protection coverage modes

• Switching from "Protect Selected Email Assets" to "Protect the Entire MS365 Account":

  All the currently selected email assets remain protected, and protection is extended to cover all email assets in the organization's Microsoft 365 account - including both existing assets and assets that are added in the future.

• Switching from "Protect the Entire MS365 Account" to "Protect Selected Email Assets":

  Maintains protection of the domains that are already protected. However, domains that are added in the future will not be automatically protected.

Note: After you switch between the protection coverage modes, due to technical limitations, you won't be able to switch the coverage mode again for a period of one hour. The toggle controls affect Microsoft 365 API assets only - the controls do not affect Microsoft 365 Inline assets.

Editing the protected assets

• Full protection: If you're protecting the entire Microsoft 365 account, you won't be able to disable or delete the asset.

  To disable or delete an asset, first change the organization protection to "Protect selected email assets", and then continue as described below.

• Partial protection: If you're protecting just a specified set of assets, then you can configure [edit] the protected assets, as shown below:

  Adding assets

  To add a domain, group, or user: Click "Configure Email Protection" in the top-right corner of the Protected Email Assets page. This will open the configuration wizard. For details, see Adding protected Assets [domains, groups, and users]. - or - Click "Add Domains", "Add Groups", or "Add Users" on the right of the relevant section. A pane will open on the right - enabling you to add the required assets.

  Enabling assets Disabling assets Deleting assets

  You can use the functionality on the Protected Email Assets page to enable, disable, or delete any of the protected assets [domains, groups, and users]. The required controls are found on the right of each protected asset.

Asset details

The following information is shown in the Protected Email Assets page for Microsoft 365 API integrations:

• Status: Indicates if the protection for the asset [domain, group, or user] is Active, Disabled, or Empty.

  Note: If the status is Empty, Perception Point X‑Ray isn't able to find any email addresses that are related to this domain. Contact Perception Point Support [support@perception-point.io] for help to resolve the issue.

• Connection scope: Indicates which email communication types are included in the protection: Inbound, Outbound, Internal

• Connected Email Addresses: Shows the number of email addresses that are protected by Perception Point X‑Ray - inside the domain.

• Email Addresses: Shows the number of email addresses that are protected by Perception Point X‑Ray - inside the group.

Domains	Shows all the Microsoft 365 API domains that have been added for the organization. You can enable, disable, or delete a domain - using the controls on the right of the domain. To add a domain, click "Add Domains" on the right - which will open the "Add Domains" pane.
Groups	Shows all the groups that were individually specified, that are currently available to be protected by Perception Point X‑Ray. Note: The list doesn't include groups that are included in the domains specified above. You can enable, disable, or delete any group - using the controls on the right of the group. To add a group, click "Add group" on the right - which will open the "Add Groups" pane. More info... Connected email addresses The number of mailboxes in the group that are protected by Perception Point X‑Ray Non-supported email addresses (on-premise) The number of mailboxes in the group that are not protected because they are inactive, soft-deleted, or hosted on-premise. Non-operative email addresses The number of mailboxes in the group that are not protected either due to a temporary issue, or because the addresses belong to guest users. Total email addresses The total number of mailboxes in the group that are retrieved using Microsoft Graph API.
Users	Shows all the users that were individually specified, that are currently available to be protected by Perception Point X‑Ray. Note: The list doesn't include users that are included in the domains and groups specified above. You can enable, disable, or delete any user - using the controls on the right of the user. To add a user, click "Add User" on the right - which will open the "Add Users" pane.

Determining if a Microsoft 365 integration is Inline or API

You can determine if a Microsoft 365 integration in an organization is Inline or API. This is done using the "Protected Email Assets" page.

1. In Perception Point X‑Ray, in the left navigation menu, select Account > Protected Email Assets.

   The Protected Email Assets page opens.

2. In the Protected Email Assets page, look for:

   1. Inline Domains: Indicates that the organization has a Microsoft 365 Inline integration

   2. Microsoft API Domains: Indicates that the organization has a Microsoft 365 API integration

See also: 

• Advanced Email Security