mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 13:44:56 +03:00
mukul975
1.7 KiB
1.7 KiB
Proofpoint Email Security Gateway Deployment Template
Pre-Deployment Checklist
- Proofpoint license type confirmed (PPS / PoD)
- Current MX records documented
- All legitimate sending sources inventoried
- SPF record updated with Proofpoint include
- DKIM keys generated and DNS records published
- DMARC record configured in monitoring mode
- Firewall rules updated for Proofpoint IP ranges
- Microsoft 365 / Google Workspace connector configured
Policy Configuration
| Policy | Scope | Action | Status |
|---|---|---|---|
| Anti-spam (inbound) | All users | Quarantine high confidence | |
| Anti-virus | All users | Block + notify admin | |
| Impostor detection | VIP list | Quarantine + SOC alert | |
| URL Defense | All users | Rewrite + sandbox at click | |
| Attachment Defense | All users | Sandbox suspicious types | |
| TRAP auto-pull | All users | Retract post-delivery threats | |
| DLP (outbound) | All users | Block + manager notify |
VIP Protection List
| Name | Title | Protected | |
|---|---|---|---|
| CEO | Yes | ||
| CFO | Yes | ||
| CTO | Yes | ||
| VP Finance | Yes |
MX Record Migration
| Record Type | Priority | Old Value | New Value |
|---|---|---|---|
| MX | 10 | {org}.mail.protection.proofpoint.com |
Post-Deployment Validation
- Test inbound mail delivery through Proofpoint
- Verify message headers show Proofpoint processing
- Test URL Defense rewriting on inbound links
- Test Attachment Defense with EICAR test file
- Verify TRAP can retract delivered message
- Confirm quarantine digest notifications working
- Validate SPF/DKIM/DMARC pass for outbound mail
- Review false positive rate after 48 hours