Release information for VIPRE Email Security Cloud add-on, Link Isolation, released in the Nordics on December 09, 2021 and internationally on January 18, 2022.

What's New

VIPRE is pleased to announce the global release of a new advanced add-on for Email Security, VIPRE Email Link Isolation, built on the foundation of the existing Phishing Protection add-on. This new capability provides extended, cloud-based, dynamic behavioral scanning of any links (URLs) that your end users click on in email received via Email Security.

It also allows VIPRE to…

• Detect a broader range of threats, including zero-day, never-before-seen phishing, and malicious domains
• Provide a detailed explanation to your end users why a link has been deemed malicious
• Provide safe page “previews” to help weed out false positives and give users more feedback

Let us risk browsing questionable web pages for your users to give them the best protection.

Neutralize Threats

• URL Rewriting and Scanning of every link as emails are received
• Click-time interception scanning to re-validate every link once users activate them
• Deep interactive behavior scan of clicked links in email using cloud-hosted browser sandboxes
• Perform AV and other checks on full page and contents
• Check against known blocklists for malicious (malware, phishing, etc) sites
• Check against cached and real-time feeds

Educate and Enable End Users

• Block Page explains URL risks and behaviors
• Educational phishing video to help train users to recognize potentially malicious sites
• Sanitized live preview of the target page to help users make a safe choice
• User reporting to provide feedback on safe sites
• Customized override capability to allow-list known safe domains

Protection

• Protects against known and suspected phishing attacks
• Real-time zero-day protection against new and unknown attacks

How do I get Link Isolation?

Link Isolation is an add-on for VIPRE Email Security Essentials and VIPRE Email Security Cloud. It is also included in our advanced bundles: Advanced Threat Protection, Email 360, Endpoint+Email 360, Edge Defense, and Complete Defense. 

New Customers

Contact a VIPRE Sales representative or your service provider for details on purchasing the VIPRE Email Link Isolation add-on.

Existing Customers

• If you have any of our bundled solutions, no action is necessary to obtain the new add-on; Link Isolation will automatically replace Phishing Protection
  • See the Special Instructions section below for required actions to start using Link Isolation
• If you have the separate Phishing Protection add-on, you can upgrade to Link Isolation. Contact a VIPRE Sales representative or your service provider for details on upgrading to the VIPRE Email Link Isolation add-on. 

We encourage all customers to check out a demo of Link Isolation to see the benefits it can provide to your end users.

Link Isolation's Workflow

An email comes in that contains a link and your employee clicks on the link.

1. VIPRE receives the URL analysis request
2. The link analysis service then simulates a session using the same browser and client type as the requestor
3. During the simulation, VIPRE investigates the behavior of the site and:
   1. Analyzes the site's behavior
   2. Provides the analysis results, determining whether the site is malicious, suspicious, or unknown and classification
   3. Collects screenshot of the website's appearance, features, and a "sanitized", safe version of the site that can be replayed in the user's browser
4. If the URL is deemed suspicious, the user sees a message indicating restricted access to the site with either a warning message before proceeding or a complete block

Special Instructions

Configure and Enable Link Isolation

The following instructions assume you have already have access to the Link Isolation add-on. If you do not, please contact Sales.

1. From your Email Security Cloud admin portal, click on Service Settings in the left-side menu
2. Select Link Isolation

Step 1 - URL Filter Configuration

3. On the URL Filter Configuration tab, select from the following options:
   • Click-time Protection
     • Enable Deeplink: This option allows Link Isolation to perform deep, cloud-based scanning in order to analyze malicious URLs and obtain more information; also enables URL categorization and screenshots/previews of malicious URLs
       • Existing customers on or before January 18, will have this disabled by default
       • New customers will have this enabled by default
     • Click-Through > Block: Blocks all potentially malicious URLs that have been clicked in the email; unable to proceed
     • Click-Through > Warn and allow override: Displays a warning when potentially malicious URLs have been clicked in the email; gives the option to ignore the warning and proceed to the website
   • URL Rewriting
     • Exclude my own domains: URLs containing any of the domains you've added to your account will not be rewritten
     • Rewrite displayed URLs and underlying links: Visible links shown as URLs will be rewritten; this may alter the appearance of the email as rewritten URLs can be quite long
     • Rewrite URLs in text mode email: Rewrites URLs both in HTML and text mode; this may alter the appearance of the email as rewritten URLs can be quite long
4. Click Save

Step 2 - Allowed IPs/Domains

5. Click on the + plus sign on the left side of the screen
6. Type the IP address or domain in the text box - when adding multiples, supported separators are commas, semicolons, and space
   • Any trusted IP address or domain can be added to this list as Link Isolation does not rewrite IP addresses or Domains on this list
   • VIPRE recommends only adding trusted domains, like domains associated with your organization, to the Allowed IPs/Domains list
7. Click Save

Step 3 - Templates

8. This allows you to customize the message that your users see when they click on the malicious URL based on whether you chose Warn and Allow or Block under URL Filter Configuration.
9. Click Save

Step 4 - Enable Link Isolation

10. Scroll to the top of the screen and click the toggle next to Enable Link Isolation in the top-left corner
    

What to Look for

After Link Isolation with Deeplink protection is enabled, when an end user clicks a URL within an email, they will experience the following based on the Click through action chosen on the URL Filter Configuration tab and any customizations made to the templates (see Step 3 - Templates above):

Warn and Allow	Block
If you have chosen the click-through action of "Warn and Allow" then you'll see a page similar to this.	If you have chosen the click-through action of "Block" then you'll see a page similar to this.
At the bottom of the page, you'll see a small screenshot of the URL in question with options to:  See a safe, stripped-down, version of the page To continue on to the whole site, accepting the risk Report an error if this is a known clean and safe site	At the bottom of the page, you'll see a small screenshot of the URL in question with options to: See a safe, stripped-down, version of the page Report an error if this is a known clean and safe site

Users may also see educational materials on the right pane including a brief training video on how to recognize phishing and best practices for avoiding phishing.