![white-logo.png]](https://www.livingsecurity.com/hs-fs/hubfs/white-logo.png?height=40&name=white-logo.png){kind=logo}
More whitelisting considerations for Living Security Phish
Whitelisting in Content Filtering (Proxy)
Whitelisting Platform Addresses
The domain names of the Phishing Simulator should be whitelisted with content filtering (proxy) solutions to make sure that the domains can be accessed by the target users. If the target users can't access the phishing link in the network, the simulated phishing campaign might not be successful.
To find the domains to be whitelisted:
- Login to the administrator dashboard of Living Security Phish.
- In the left-hand menu expand Phishing Simulator.
- Click Settings to view the Domains.
ℹ️ It is only necessary to make exceptions for the domains you are launching simulations from.
Whitelisting in Data Loss Prevention (DLP)
System administrators may upload the target users' first name, last name, email address, department, or such other information to the platform; however, because DLP can be very sensitive, the platform domain information should be whitelisted to ensure DLP allows you to upload these pieces of information to the platform.
Excluding IP Addresses
The Exclude IP Address feature is designed to prevent false positive reporting due to security applications that analyze the links in the email in cooperation. It is designed as an alternative option to prevent false positive reporting. The permanent solution is to whitelist SMTP IP addresses of the platform to prevent false positive reporting but sometimes admins are not able to configure it on security applications.
You can add the individual IPv4/IPv6 addresses or ranges of IPv4/IPv6 addresses to prevent false positive reporting.
The following steps explain how to add Individual IP Addresses, range of IP addresses or Batch IP Addresses to exclude from reporting:
-
Go to Phishing Simulator > Settings > Exclude IP addresses menu.
- You can add individual IPv4/IPv6 addresses with the following example format.
- 192.168.1.1
- 192.168.1.1/32
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334/128
- Click the Save Changes button.
-
Go to Phishing Simulator > Settings > Exclude IP addresses menu.
- You can add a range of IPv4/IPv6 addresses with the following example format.
- 192.168.1.1/24
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334/124
- Click the Save Changes button.
-
Go to Phishing Simulator > Settings > Exclude IP addresses menu.
- You can add IPv4/IPv6 addresses by using the batch option with the following example format.
- 192.168.1.1/24
- 192.168.1.1/32
- 192.168.1.1
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334/124
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334/128
- 2001:0db8:85a3:0000:0000:8a2e:0370:7334
- Click the Save Changes button.
ℹ️ Please make sure that IP addresses are separated by a line break or comma.
A: Yes, after adding the IP addresses, the platform will exclude any data related to IP addresses for previous and future reports.
A: Yes, after removing the IP addresses, the platform will restore the excluded data related to IP addresses to all reports back.
A: Google Chrome’s Safe Browsing feature may show a deceptive site ahead message for some of our simulated phishing URLs. We try to ensure that our simulation URLs are always allowed by various URL reputation vendors, but we may not have complete coverage. To get around this, try changing the landing page domain in your simulation. Alternatively, you can disable Safe Browsing via Group Policy if your organization's risk appetite permits.
Questions? Please contact help@livingsecurity.com
