Link Isolation

Written By Marissa Fegan (Super Administrator)

Updated at October 9th, 2023

VIPRE Email Security Link Isolation is like URL sandboxing for your email. When a user clicks on a URL within an email, the email is then scanned again and Link Isolation analyzes the URL. Rescanning the link at the time the user clicks on it, even if it happens days or months after receiving the email, provides stronger protection against zero-day threats. 

An email comes in that contains a link, and your employee clicks on the link.

  1. VIPRE receives the URL analysis request
  2. The link analysis service then simulates a session using the same browser and client type as the requestor
  3. During the simulation, VIPRE investigates the behavior of the site and:
    1. Analyzes the site's behavior
    2. Provides the analysis results, determining whether the site is malicious, suspicious, or unknown and classification
    3. Collects screenshot of the website's appearance, features, and a "sanitized", safe version of the site that can be replayed in the user's browser
  4. If the URL is deemed suspicious, the user sees a message indicating restricted access to the site with either a warning message before proceeding or a complete block

Important

Your experience with Link Isolation is dependent on the options you choose here. Review all of the options below carefully to determine the best plan of action for your organization before implementation.

The scanning and analysis processes for Link Isolation can take up to approximately 20-30 seconds. During that time, important steps are taking place - some of these steps include loading the URL into the cloud browser, waiting for all embedded scripts to fully execute, and putting the page through a series of tests.

You can fine-tune the system by ensuring all sites/domains that are used frequently by your organization and are known to be safe have been added to the Allowed IPs/Domains tab.

Refer to Related Articles for details on how to configure Link Isolation.

 

 

End User: What to Expect

After Link Isolation is enabled, when an end user clicks a URL within an email, they will experience the following based on the Click through action chosen on the URL Filter Configuration tab and any customizations made to the templates (see Step 3 - Templates above):

Warn and Allow Block

 

If you have chosen the click-through action of “Warn and Allow” you'll see a page similar to this.

 

If you have chosen the click-through action of "Block" you'll see a page similar to this.

At the bottom of the page, you'll see a small screenshot of the URL in question with options to: 

  • See a safe, stripped-down version of the page
  • To continue on to the whole site, accepting the risk
  • Report an error if this is a known clean and safe site

On the right side of the page, you'll see an embedded video called Phishing Defense Best Practices, which can be played from the Block page, PIP (picture-in-picture), or full-screen.

 

At the bottom of the page, you'll see a small screenshot of the URL in question with options to:

  • See a safe, stripped-down version of the page
  • Report an error if this is a known clean and safe site