Please review and implement the following pre-deployment requirements to ensure the optimal performance and functionality of the Inspired eLearning (IeL) platform and its components, including the iLMS, PhishProof, and associated courses.
System Requirements
| Product or Component | System Requirements |
|---|---|
| iLMS |
Web BrowsersWe support the latest release of the following browsers on both Mac and Windows operating systems:
Other RequirementsYou must also have the following:
|
| Course Content |
Web BrowsersWe support the latest release of the following browsers on both Mac and Windows operating systems:
Other RequirementsYou must also have the following:
For optimal performance, we recommend using a desktop or laptop with a supported browser and a stable, direct internet connection.
Users may experience issues when accessing training courses through the following:
Mobile Ready coursesThe Learner Center is mobile responsive however users may experience issues when accessing training courses that are not Mobile Ready. For a complete list of Mobile Ready courses, consult the Course Catalog. |
| PhishHook Add-in |
Email Clients
|
Pre-Deployment Action Items: Hosted & SCORM
Please complete the following steps to ensure the iLMS platform and Inspired eLearning courses function correctly. Hosted customers using iLMS must include both the LMS and CDN domains, while SCORM customers only need to include the CDN domains for course content.
Step 1: Add Exceptions to Network Security - Intrusion Detection System (IDS) and Firewall)
Add the following domains to your allow-list:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
-
CDNs for Course Content:
- spa.tclcdn.com
- inspiredcdn.s3.amazonaws.com
- assets.tclcdn.com
Step 2: Add Exceptions for Email Communication
Add the following domains to your email filter allow-list:
-
Default LMS Sender Domain:
- *.inspiredlms.com
- *.securityawarenesstraining.com
-
Domains used for communications from VIPRE internal teams to designated customer contacts:
- *.inspiredelearning.com
- *.vipre.com
- Domain used for communication with our support teams: *.inspiredelearning.zendesk.com
Step 3: Adjust Browser Settings
Add the following to the trusted sites and privacy settings in your browser:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
- (Only If using Skillsoft Content) Content Streaming Domain: *.skillport.com
Allow pop-ups from the following site to ensure courses launch properly:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
Completing these steps ensures optimal performance and functionality of the iLMS and courses.
Pre-Deployment Action Items: PhishProof
PhishProof Prerequisites
To ensure our simulated phishing campaigns and training notifications reach your users, it's essential to add our IP addresses, domains, and URLs to your allow list in your email security and network filters (IDS, firewall, client-side email filters, third-party Cloud email filters). This guide provides the prerequisites and instructions to do just that. We've tailored the process for your specific environment, with dedicated sections at the bottom of the page for organizations using only Microsoft Email Services, Microsoft Email Services with a third-party cloud filter (such as VIPRE Email Security Cloud), or VIPRE Email Security Cloud exclusively.
We will be sending simulated phishing emails from outside your network. Notifying your IT department and ensuring successful email delivery is essential by completing the tasks listed below.
Add Exceptions for Phishing Simulations
There are two options for routing PhishProof emails to your organization. Select the appropriate tab below for details.
VIPRE Recommends
If your organization uses Microsoft 365 as your email platform, we strongly recommend using the Direct-to-Inbox option below.
Conventional Email Delivery
The following lists have been formatted for easy copying from here and pasting into a CSV for importing.
| Sending IP Addresses used for email delivery |
69.72.47.208 159.112.248.122 |
| PhishProof Landing Page and Template Domains |
*.phishproof.com accountsecurity.online |
| SMTP Relay used by PhishProof | smtp.mailgun.org |
Direct-to-Inbox (DTI) - Microsoft 365 Only
If your organization uses an Integrated Cloud Email Security (ICES) solution, additional configuration may be required. Contact your vendor for additional assistance.
The following lists have been formatted for easy copying from here and pasting into a CSV for importing.
IP addresses needed to configure Inbound Connector in Microsoft 365
If you have a dedicated instance of iLMS/PhishProof, or do not see your access URL listed below, contact Technical Support.
| Region/Access URL | IP Address for DTI Email Service |
|---|---|
|
Asia |
13.215.236.136 |
|
Europe |
176.34.82.119 54.72.119.208 52.211.103.221 |
|
EMEA |
34.253.128.215 54.72.119.208 52.211.103.221 |
|
North America |
34.229.36.22 52.54.239.51 100.29.131.89 54.91.86.36 |
|
Partners |
54.156.131.219 52.54.239.51 100.29.131.89 54.91.86.36 |
Domains needed for allow-listing in your email security solution
| PhishProof Landing Page and Template Domains |
*.phishproof.com accountsecurity.online |
Important
Please navigate to PhishProof Direct-to-Inbox for complete details on how to configure DTI, including configuring an Inbound Connector in Microsoft 365 and configuring Mail Flow Rules.
These steps are not related to email delivery and should be followed regardless of whether or your organization uses DTI or Conventional Email Delivery.
The following action is needed to prevent Microsoft Defender SmartScreen from misidentifying safe PhishProof educational landing pages as malicious:
-
Update Group Policy settings for SmartScreen
- For assistance, refer to the following Microsoft knowledge base articles:
These steps are required only for Conventional Email Delivery.
If your organization uses Microsoft Email Services, the following configuration is required to ensure seamless email delivery and proper functionality of your phishing simulations.
-
Configure Allow-Listing in Microsoft 365 Defender: Set exceptions in the Microsoft 365 Defender portal to allow simulated phishing emails to bypass filtering
- For assistance, refer to Microsoft's knowledge base article
- For assistance, refer to Microsoft's knowledge base article
- Bypass ATP Link and Attachment Processing: Create rules in Microsoft 365 to bypass Advanced Threat Protection (ATP) processing for links and attachments in simulated phishing emails
Additional configuration is required if your organization uses Microsoft Email Services AND a third-party secure email gateway (including VIPRE Email Security Cloud). Without these adjustments, email flow issues may occur.
Why Configuration is Needed: Due to intermediary routing, Microsoft 365 may not correctly recognize simulation emails as coming from PhishProof when using a third-party cloud filter.
-
Create a Receive Connector in Office 365: A Receive Connector allows emails processed by your third-party filter to enter Microsoft's email service securely
- If you already have a Receive Connector, skip the remainder of this step and proceed to Step 2
- For assistance, refer to the following VIPRE articles:
-
Enable Enhanced Filtering for the Receive Connector in Exchange Online: This ensures that Microsoft recognizes emails routed through your third-party filter as trusted
- For assistance, refer to Microsoft's knowledge base article
If your organization uses VIPRE Email Security Cloud, you don't need to make any changes within your VIPRE account. However, you must still perform the allow-listings from the previous step on your organization's mail server.