URL Sandbox

The URL sandbox function provides real-time analysis of uncategorized URLs that are embedded in inbound email. When a user clicks an uncategorized URL, a notification message prompts the user to initiate URL analysis, because the link may not be safe. If the user chooses not to analyze the URL, the requested web page is not accessible.

If analysis determines that the link is not malicious, the user receives a notification that lists the URL and category or categories of the page, and clicks Continue to site.

If the link is deemed malicious or if applicable policy does not allow a user to access uncategorized web pages, the user is notified that the site is blocked:

The user may also be notified in the following cases:

• If the function cannot access the requested page due to an inaccessible server or because the link is incorrect.
• If the protocol is not supported. Supported protocols are HTTP, HTTPS, and FTP. If you have selected the option Allow the recipient to follow links with an unsupported protocol, the user can proceed to view the page if desired; otherwise, the user cannot access the page.

Your subscription must include the Forcepoint Email Security Hybrid Module. URL sandbox capability is available only after the email hybrid service is successfully registered and enabled. See Email hybrid service configuration.

The URL sandbox configuration settings include three components:

• Default settings that apply to any recipient not covered by specific settings
• Recipient-specific settings that apply to an individual domain or email address
• List of domains to which sandbox settings do not apply