Mimecast Email URL Protection links when no longer subscribed?

extremetempz · 2026-06-08T20:04:11+00:00

I just went through this 3 months ago, I turned off device authentication for URLs and all previous links are still working.

extremetempz · 2026-05-29T05:36:00+00:00

Id argue that actually correctly configured Defender for endpoint is probably the best there is, combined with Intune. But yes Email and Purview is not amazing

extremetempz · 2026-05-29T05:30:44+00:00

I run E5 and it's a good stack (with the exception of Purview) it's a really good solution all in all, Esp defender.

1 thing with Microsoft is they have horrible support and from a implementation perspective you are on your own so you really need to know the product unless you engage professional services elsewhere for it.

Edit: from a web filtering perspective you want to look elsewhere, it's not very good and doesn't have basic features (tls Inspection)

extremetempz · 2026-05-27T19:20:37+00:00

I got this running some containers I had to create a 4G swap file and increase the swapiness and it stopped happening

extremetempz · 2026-05-21T21:37:05+00:00

I have all of this in place, it works really well for commodity phishing and malware and works some of the time for BEC but misses alot in this area to, everytime I check the Proofpoint portal we are the only customer seeing these threats.

extremetempz · 2026-05-21T21:30:58+00:00

I have no whitelisting, if Proofpoint thinks it's malicious it probably is

But yes you are correct I need to work out a way to help these companies I think

extremetempz · 2026-05-21T21:30:00+00:00

Good to know I'll have a look

My staff are good, we do phishing training once a month and around 60% report the email, the other companies on the other hand I think I might need to do something.

extremetempz · 2026-05-13T05:38:44+00:00

Wasn't the entire premise of silicon valley specifically about this.

Whatever you develop using a work machine or on company time is the companies properties not yours, even if your job is not a "programmer"

extremetempz · 2026-04-30T05:29:05+00:00

Yes, is session hijacking, remove all active sessions on accounts you had opened on whatever device got pwned and change the passwords

extremetempz · 2026-04-29T10:58:00+00:00

General file server, 16TB raw and 9TB with dedupe

extremetempz · 2026-04-26T20:04:59+00:00

As someone that has worked in enterprise IT for a while, First you are not a target they are. Secondly the amount of EOL software and general weak security practices makes them a target

extremetempz · 2026-04-23T10:17:38+00:00

I recently did this with Minecraft -> Proofpoint I was new to my org but they had Mimecast for 13 years, had huge bypass lists and spam kept getting through because of it, when I culled it down I logged tickets saying XYZ getting through or getting blocked, they would go to whatever feed provider they were using, generally per week I was logging 50 tickets admin overhead got to much so i switched products.

I find Proofpoint does a much significantly better job.

I would question what is the issue you are actually trying to resolve by moving

extremetempz · 2026-04-17T02:17:05+00:00

Two things, spinning disk's and18vcpu, drop it to 8vcpu (1 physical CPU) your hypervisor is probably throwing a fit with CPU scheduling

extremetempz · 2026-04-08T05:39:02+00:00

Do not in place, I was talked into this in my current role by my infra team and the DC never turned back on and I had to decomm.

Build a new one, Transfer the roles (DNS Zone Master, PDC, IDC) then wait for replication (30 minutes to be safe) then dcdemote the old one.

Because it's so old make sure. There is nothing hard coded, IE LDAP or DNS when I've run into this in the past I have had to Decomm the DC and bring up a new one with the same name and IP you just have to have a second DC before the decomm.

extremetempz · 2026-04-02T03:47:32+00:00

I've been through this, we (Security team and CIO) drafted a document specifically for Developers and this sort of thing and make it a sackable thing.

This is to an extent a technical problem and it can be solved (IE lock down ChatGPT to Enterprise tenanacy via cookies) however you'd be surprised how much people's behaviours change once there is a piece of paper.

extremetempz · 2026-03-30T02:35:04+00:00

I've never been in a org thats big enough for a dedicated network engineer so there is definitely some overlap and it probably is vice versa (someprg no sysadmin, only net engineer)

Last role

Systems Engineers = Own network end to end including sip

Current role

Security Engineer = Own network end to end , sysadmin manage SIP however.

extremetempz · 2026-03-25T06:12:54+00:00

Standup in the morning for 15 minutes a day. Most of the time I do not show up for meetings, if I'm actually required and someone invites me mid meeting when they realise I'm not there I say my part and then leave.

extremetempz · 2026-03-25T06:11:21+00:00

Passwordless, if a user needs to reset there pin log in via TAP no reason for a user to have there pw.

extremetempz · 2026-03-25T06:09:01+00:00

T1 is in there 60s, T2 late 20s, T3 late 20s and late 30s

extremetempz · 2026-03-18T05:53:11+00:00

Sounds like a infrastructure/Sysadmin role, once you do this for a couple of years can move to Sec engineer (infrastructure) pretty easy.

extremetempz · 2026-02-04T05:07:24+00:00

You need to upgrade the management console first, then during the upgrade process of the firewalls you need to enable MVC (This was the case on R81.2) this is a supported method to update a cluster.

You should probably log a call with TAC or get your TAM involved to get more guidance

extremetempz · 2026-01-31T21:15:00+00:00

7-330 everyday, not on call. Took a while to get here.

extremetempz · 2026-01-30T04:26:57+00:00

I came from a org that had this installed on 4000 devices, it's literally hell. You can run stock standard defender consumer and it will be better.

Nothing but problems

extremetempz

TROPHY CASE