The Settings menu allows access to the Defend console's main configuration options. When making changes, always select Save Changes at the top-right corner of the screen.
To update, review, and make changes to your settings, follow the steps below:
- Log in to the Defend console.
- Navigate to Settings.
- Configure your settings accordingly.
- When you have finished making changes, select Save Changes in the top-right corner of the page.
Configurable Settings
The configurable settings are:
-
Banners
- Choose when each specific banner type is applied to emails.
-
Banner Configuration
- Select which type of banners are used and enable or disable silent mode.
-
Abuse Mailbox Automation
- Enter the address the Defend console should monitor for the abuse mailbox and select whether emails should be automatically remediated.
-
Link Rewriting
- Choose to enable link rewriting and what users will experience when interacting with rewritten links.
-
Summary Page
- Select whether to display or hide the Report Phish/Report Not Phish, Report Graymail/Not Graymail, and Report Spam/Report Not Spam buttons to users.
-
Harmful Code Removal
- Select whether to sanitize emails of javascript and other potentially harmful scripts.
-
Quarantine
- Select what action to take when emails are classified as dangerous or highly dangerous.
-
Admin Features
- Link to Microsoft 365 to enable the ability to view and remediate emails.
-
User Analysis
- Link to Microsoft 365 to allow the analysis of historical emails and mailbox details.
-
Allow Filtering By All In Recent Emails
- This setting can be used to determine which administrators can view all the emails processed on the Recent Emails page. The All threat filter can be enabled or disabled for all admins or just enabled for Global Admins and Admin Policies.
-
Allow View, Download or Delete of an External Email
- Enable or disable actions administrators can take on external emails.
-
Allow KnowBe4 Intelligence to View Emails
- Block or enable access for the KnowBe4 Intelligence team to view email content to aid in the investigation and identification of phishing emails.
-
Default Language
- Select which language banners, summary pages, and link re-writing summaries are written in.
- If a mail rule language cannot be detected for a user, we will use the default language which you can choose from the drop-down menu.
Recommended Default Settings
The recommended default settings are displayed below:
| Option | Default Setting |
|---|---|
| External | Always |
| Sensitive details | Only if the email is suspicious |
| Impersonation | Always |
| Dangerous | Always |
| First Time Sender | Only if the email is suspicious |
| Financial | Only if the email is suspicious |
| Suspicious | Always |
| Graymail | Always |
| Spam | Always |
| Option | Default Setting |
|---|---|
| Rewrite URLs to be scanned by Defend | Yes |
| Show Warning Page when user clicks on a link | Only show a Warning page when a user clicks on a link |
| Prohibit users from accessing potentially harmful links | Prevent users from following potentially harmful links from the warning page |
| Option | Default Setting |
|---|---|
| Display Report Phish or Not Phish Option | Show report phish or not phish |
| Display Report Graymail or Not Graymail Option | Show report graymail or not graymail |
| Display Report Spam or Not Spam Option | Show report spam or not spam |
| Option | Default Setting |
|---|---|
| Send dangerous phish to quarantine | Only send highly dangerous phishing emails with an attachment to Microsoft quarantine |