Please review and implement the following pre-deployment requirements to ensure the optimal performance and functionality of the Inspired eLearning (IeL) platform and its components, including the iLMS, PhishProof, and associated courses.
System Requirements
| Product or Component | System Requirements |
|---|---|
| iLMS |
Web BrowsersWe support the latest release of the following browsers on both Mac and Windows operating systems:
Other RequirementsYou must also have the following:
|
| Course Content |
Web BrowsersWe support the latest release of the following browsers on both Mac and Windows operating systems:
Other RequirementsYou must also have the following:
For optimal performance, we recommend using a desktop or laptop with a supported browser and a stable, direct internet connection.
Users may experience issues when accessing training courses through the following:
Mobile Ready coursesThe Learner Center is mobile responsive however users may experience issues when accessing training courses that are not Mobile Ready. For a complete list of Mobile Ready courses, consult the Course Catalog. |
| PhishHook Add-in |
Email Clients
|
Pre-Deployment Action Items: Hosted & SCORM
Please complete the following steps to ensure the iLMS platform and Inspired eLearning courses function correctly. Hosted customers using iLMS must include both the LMS and CDN domains, while SCORM customers only need to include the CDN domains for course content.
Step 1: Add Exceptions to Network Security - Intrusion Detection System (IDS) and Firewall)
Add the following domains to your allow-list:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
-
CDNs for Course Content:
- spa.tclcdn.com
- inspiredcdn.s3.amazonaws.com
- assets.tclcdn.com
Step 2: Add Exceptions for Email Communication
Add the following domains to your email filter allow-list:
-
Default LMS Sender Domain:
- *.inspiredlms.com
- *.securityawarenesstraining.com
-
Domains used for communications from VIPRE internal teams to designated customer contacts:
- *.inspiredelearning.com
- *.vipre.com
- Domain used for communication with our support teams: *.inspiredelearning.zendesk.com
Step 3: Adjust Browser Settings
Add the following to the trusted sites and privacy settings in your browser:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
- (Only If using Skillsoft Content) Content Streaming Domain: *.skillport.com
Allow pop-ups from the following site to ensure courses launch properly:
-
LMS Domains:
- *.inspiredlms.com
- *.securityawarenesstraining.com
Completing these steps ensures optimal performance and functionality of the iLMS and courses.
Pre-Deployment Action Items: PhishProof
PhishProof Prerequisites
To ensure our simulated phishing campaigns and training notifications successfully reach your users, it's essential to add our IP addresses, domains, and URLs to your allowlists. This guide provides the prerequisites and instructions to do just that, with dedicated sections at the bottom tailored for your environment.
We will be sending simulated phishing emails from outside your network. Completing the tasks below is essential to ensuring successful email delivery.
Add Exceptions for Phishing Simulations
There are two delivery methods for routing PhishProof emails to your organization: Direct-to-Inbox (DTI) or Conventional Email Delivery.
Universal Allowlisting (Required for all Delivery Methods)
Regardless of your delivery method (Conventional or DTI), the following domains must be added to your email security solution (IDS, Firewall, or Cloud Filter) to ensure landing pages and educational content are accessible.
The following has been formatted for easy copying from here and pasting into a CSV for importing.
| PhishProof Landing Page and Template Domains |
*.phishproof.com accountsecurity.online |
Direct-to-Inbox Configuration
If your organization uses Microsoft 365 as your email platform, you must configure Direct-to-Inbox (DTI). Failure to use DTI will result in PhishProof campaigns being blocked or filtered, preventing simulations from reaching your users' inboxes.
Please navigate to PhishProof Direct-to-Inbox for complete details on how to configure DTI, including configuring an Inbound Connector in Microsoft 365 and configuring Mail Flow Rules.
Conventional Email Delivery
If you are using conventional SMTP delivery, ensure the IP addresses listed below are permitted through your gateway.
The following has been formatted for easy copying from here and pasting into a CSV for importing.
| Sending IP Addresses used for email delivery |
69.72.47.208 159.112.248.122 |
| SMTP Relay used by PhishProof | smtp.mailgun.org |
Additional Configuration
This section provides the necessary steps to ensure that simulated phishing emails and educational links are delivered and function correctly without being blocked or altered by Microsoft's security filters.
Steps Required for all Delivery Methods
Regardless of your delivery method (Conventional or DTI), action is required to prevent Microsoft Defender SmartScreen from misidentifying safe PhishProof educational landing pages as malicious.
Update Group Policy settings for SmartScreen:
- For assistance, refer to the following Microsoft knowledge base articles:
Steps Required for Conventional Delivery Only
If your organization uses conventional email delivery, the following configuration is required to further ensure seamless email delivery and proper functionality of your phishing simulations.
Configure Allow-Listing in Microsoft 365 Defender:
- Set exceptions in the Microsoft 365 Defender portal to allow simulated phishing emails to bypass filtering; for assistance, refer to Microsoft's knowledge base article
Bypass ATP Link and Attachment Processing:
- Create rules in Microsoft 365 to bypass Advanced Threat Protection (ATP) processing for links and attachments in simulated phishing emails; follow our process for creating rules to bypass Microsoft ATP
If your organization utilizes Microsoft 365 in conjunction with a third-party Secure Email Gateway (SEG), such as VIPRE Email Security Cloud, additional configuration is required to prevent mail flow disruptions. Due to intermediary routing, Microsoft 365 may not correctly recognize simulation emails as coming from PhishProof when using a third-party cloud filter.
Step 1: Create a Receive Connector in Office 365
A Receive Connector allows emails processed by your third-party filter to enter Microsoft's email service securely.
- If you already have a Receive Connector, skip ahead Step 2
- For assistance, refer to the following VIPRE resources:
Step 2: Enable Enhanced Filtering for the Receive Connector in Exchange Online
This ensures that Microsoft recognizes emails routed through your third-party filter as trusted.
- For assistance, refer to the following: