urn:noticeable:projects:Kw4IZPXU5op9yMhYQCX2Barracuda Email Gateway Defense Updatesess.barracudanetworks.com2024-06-25T21:23:22.270ZCopyright © Barracuda Email Gateway DefenseNoticeable#1e88e5urn:noticeable:publications:48gDyl5yQw2h2mPB1C522024-06-25T21:22:11.635Z2024-06-25T21:23:22.270ZEnhanced Security with Malicious QR Code Detection in PDF AttachmentsEmail Gateway Defense now includes the ability to detect malicious QR codes within PDF attachments. This feature is available to all EGD customers and requires no additional configuration or setup....<p>Email Gateway Defense now includes the ability to detect malicious QR codes within PDF attachments. This feature is available to all EGD customers and requires no additional configuration or setup.</p>Barracuda Networks[email protected]urn:noticeable:publications:lVK0XU5vKfWD8j7dJz3P2023-12-04T17:12:58.085Z2023-12-04T17:16:50.546ZUpdate to LinkProtect to help secure Gateway against attacks leveraging Adobe InDesignBarracuda security researchers are warning of a recent surge in phishing attacks leveraging Adobe InDesign, a known and trusted document publishing system. Some of the attacks are targeted. Barracuda Email Protection includes a link...<p><span style="color: rgb(98, 98, 98);">Barracuda security researchers are warning of a recent surge in </span><a href="https://www.barracuda.com/support/glossary/phishing?utm_source=12042023a&utm_medium=blog&utm_campaign=blog&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.lVK0XU5vKfWD8j7dJz3P"><span style="color: rgb(0, 136, 206);">phishing attacks</span></a><span style="color: rgb(98, 98, 98);"> leveraging Adobe InDesign, a known and trusted document publishing system. Some of the attacks are targeted. </span><a href="https://www.barracuda.com/products/email-protection?utm_source=12042023a&utm_medium=blog&utm_campaign=blog&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.lVK0XU5vKfWD8j7dJz3P"><span style="color: rgb(0, 136, 206);">Barracuda Email Protection</span></a><span style="color: rgb(98, 98, 98);"> includes a link protection capability to ensure users do not click on any malicious URLs. Learn more by visiting our blog: </span><a href="https://blog.barracuda.com/2023/12/04/threat-spotlight-phishing-emails-adobe-indesign?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.update-to-linkprotect-to-help-secure-gateway-against-attacks-leveraging-adobe-indesign&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.lVK0XU5vKfWD8j7dJz3P&utm_medium=newspage" rel="noopener nofollow" target="_blank"><span style="color: rgb(98, 98, 98);">https://blog.barracuda.com/2023/12/04/threat-spotlight-phishing-emails-adobe-indesign</span></a></p>Barracuda Networks[email protected]urn:noticeable:publications:Wf1M1QRhgDd53heCWfDv2023-09-19T15:01:34.793Z2023-09-19T15:06:18.005Z Introducing the Enhanced End User Interface with Advanced AuthenticationWe’re gradually rolling out the new user interface for end users. To fully embrace the enhanced security features of our new user interface, the admin on the account is requested to review and accept app permissions from Microsoft when...<p>We’re gradually rolling out the new user interface for end users. To fully embrace the enhanced security features of our new user interface, the admin on the account is requested to review and accept app permissions from Microsoft when prompted.<br>There are <strong>two enhancements</strong> that are being rolled out together:<br>Auth0 authentication for Azure users: <a href="https://campus.barracuda.com/doc/100368461/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.introducing-the-enhanced-end-user-interface-with-advanced-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.Wf1M1QRhgDd53heCWfDv&utm_medium=newspage" rel="noopener nofollow" target="_blank">https://campus.barracuda.com/doc/100368461/</a><br>New User Interface for end users: <a href="https://campus.barracuda.com/doc/96023030/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.introducing-the-enhanced-end-user-interface-with-advanced-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.Wf1M1QRhgDd53heCWfDv&utm_medium=newspage" rel="noopener nofollow" target="_blank">https://campus.barracuda.com/doc/96023030/</a><br></p>Barracuda Networks[email protected]urn:noticeable:publications:YYX0j8tH7Lqd2tNACwXX2023-05-24T00:43:15.195Z2023-05-24T16:21:44.808ZIncident Report for EGD UI Outage on May 22, 2023Incident Summary (All times in UTC)
At approximately 3:09pm on May 22, 2023, a routine update to Email Gateway Defense's (EGD) spam scoring logic inadvertently caused customers' email scores to be increased by 2.9 pts. This unfortunately...<h2>Incident Summary (All times in UTC)</h2><p>At approximately 3:09pm on May 22, 2023, a routine update to Email Gateway Defense's (EGD) spam scoring logic inadvertently caused customers' email scores to be increased by 2.9 pts. This unfortunately led to a significant amount of email messages to be blocked as false positives. The spam rule update was reverted, however a large number of users needed to sign onto EGD redeliver their incorrectly blocked messages.</p><p>At 4:30pm, the EGD team started to receive reports that the UI was experiencing an outage and customers were seeing a 504 timeout error when attempting to sign in and release their blocked mail. While we investigated the incident, the CAPTCHA login step was turned on for administrators in an abundance of caution. After investigation, it was determined that this UI outage in service was due to the web servers being overloaded by the large number of users trying to sign in and resend their mail at one time. </p><p>The EGD team tried to remediate this issue by refreshing and creating new web server instances to accommodate the much larger flow of traffic. While EGD has autoscaling settings in place to automatically fluctuate to changes in traffic patterns, these instances were incorrectly displaying as healthy and were not refreshing as needed. By 6:17pm, the fix to increase instance capacity for the web servers successfully accommodated the higher traffic and the UI returned to normal. </p><p>The following day, May 23, 2023, at approximately 2:38pm, the EGD team began hearing additional reports that the UI for the new React platform was displaying timeout errors ("link to login is invalid") for certain end users. The EGD team investigated and implemented a fix at 6:10pm for a log-in call to the database that was causing abnormally long load times. While this additional incident was not directly related to the spam scoring update, this problem was exacerbated by the higher than usual traffic attempting to log into the new UI to remediate their email. </p><p>The EGD team is currently investigating ways to prevent any future changes to spam scoring from leading to such a high number of emails being blocked as false positives. The team is also investigating ways to adjust autoscaling logic to prevent any loss in service in the future. We apologize for the inconvenience that this has caused to our customers. </p><h2>Impact Timeline (All times in UTC)</h2><p><strong>2023-05-22: </strong></p><ul><li><p>03:09pm: Update to spam scoring logic was implemented inadvertently causing customer's email scores to be increased (leading to a large amount of false positives).</p></li><li><p>03:09pm-04:29pm: Users begin to log into EGD at a high rate to redeliver their incorrectly blocked email messages causing the web servers to be overloaded. CAPTCHA login step was implemented for administrators. </p></li><li><p>04:30pm: EGD team creates incident and begins investigation of UI outage.</p></li><li><p>05:02pm-05:56pm: Multiple attempts were made to refresh and replace unhealthy web server instances with healthy ones to accommodate for larger traffic patterns.</p></li><li><p>06:17pm: Traffic flow is back to being accommodated by the new healthy instances and the UI loads correctly for users.</p></li></ul><p><strong>2023-05-23:</strong></p><ul><li><p>02:38pm - The EGD team began receiving reports that the UI for the new React platform was displaying timeout errors ("link to login is invalid").</p></li><li><p>02:40pm - The team begins investigation team identifies problem with autoscaling capacity and implements fix.</p></li><li><p>06:10pm - A fix is implemented to a call in the log-in process that was causing abnormally long load times and the UI begins to load as expected.</p></li></ul><h2>Impact Duration </h2><ul><li><p>Initial Issue Start: May 22, 2023 @ 3:09pm UTC</p></li><li><p>Initial Issue End: May 22, 2023 @ 6:17pm UTC</p></li><li><p>Secondary Issue Start: May 23, 2023 @ 2:38pm UTC</p></li><li><p>Secondary Issue End: May 23, 2023 @ 6:10pm UTC</p></li></ul><h2>Incident Analysis</h2><p>EGD's Web interface interruption for customers in the US region on May 22, 2023 was due to an autoscaling failure during increased traffic load. This higher traffic load was due to an update to spam scoring logic that caused a large amount of customer mail to be incorrectly blocked. As users logged in to manage their blocked mail, the web servers became overloaded and the UI failed to load. Once instances were refreshed successfully, the UI worked as expected. However, the following day, the new React platform web servers were also overloaded due to a call in the log-in process that was creating abnormally long load times. This call combined with the increased traffic caused the new UI login flow to be interrupted with timeout errors for customers. This problem was also remediated. </p><h2>Corrective Actions</h2><p>These are the areas being addressed as a result of this incident: </p><ul><li><p>The EGD team is investigating the problem caused by the update to the spam scoring logic that caused many false positives. </p></li><li><p>The EGD team is investigating improvements in the incident resolution process for quicker identification of the problem and remediation planning. </p></li><li><p>The EGD team is investigating updates to the autoscaling logic for web servers to automatically accommodate higher traffic changes.</p></li><li><p>The EGD team is also investigating ways to allow users to more quickly and efficiently rescan and redeliver mail that may be blocked incorrectly due to an incident or setting update.</p></li></ul><h2>Next Steps for Customers</h2><p>Unfortunately, as there was an extremely high number of affected customers and email, we are unable to manually rescan and redeliver mail that was incorrectly blocked due to this incident. We apologize for the inconvenience this has caused to our customers.</p><p>Please see below for the steps to allow end users to redeliver their mail. This will lessen the burden on administrators with a high number of emails to remediate. </p><ol><li><p>Admin signs into EGD under the <strong>Users </strong>tab, select <strong>Default Policy</strong></p></li><li><p>Set the setting labelled <em><strong>Allow end users to view and deliver blocked messages</strong></em> to <strong>Yes </strong>(if this is set to off) and click<strong> Save Changes</strong></p></li><li><p>Now users will be able to login and deliver their incorrectly blocked mail. <strong>Note</strong>: this will potentially allow the users to send mail that should not be delivered, so please advise users to proceed with caution. If admins are concerned about future user behavior, they can reset this setting to <strong>No</strong> after mail has been delivered from this May 22, 2023 incident. </p></li></ol><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/YYX0j8tH7Lqd2tNACwXX/01h55ta3gs0v5f9bn0d1z6v39b-image.png" alt="" loading="lazy" title=""></figure><p></p><p></p><p><br></p>Barracuda Networks[email protected]urn:noticeable:publications:OmHDDnLDkDmpSA1k7yP32023-04-20T22:33:56.057Z2023-04-25T20:35:58.962ZTemporary Passcode AuthenticationOn March 31, 2023, the Email Gateway Defense (EGD) team published an update that disabled auto-authentication for end users from quarantine email digests. End users are now required to authenticate before they can view their account and...<p>On March 31, 2023, the Email Gateway Defense (EGD) team published an update that disabled auto-authentication for end users from quarantine email digests. End users are now required to authenticate before they can view their account and make updates to their quarantined mail. With this update, many users of shared mailboxes and distribution lists were no longer able to manage the quarantine messages themselves and instead had to reach out to their administrators for assistance. </p><p>The Email Gateway Defense (EGD) team has implemented a temporary passcode authentication method to allow users to access their shared mailbox and distribution list accounts. On April 25, 2023, this solution will be released to customers. Please see below for a step-by-step guide on how to enable and sign into EGD using temporary passcodes. </p><p><strong>Note</strong>: This sign-in method is optional. If you choose not to enable temporary passcode authentication for users, your sign-in flow will be unchanged. </p><p> </p><h2><strong>HOW IT WORKS </strong> </h2><p>Here’s a quick overview of how users can sign into EGD with temporary passcodes: </p><ul><li><p>The administrator of an account will enable temporary passcode authentication on an account or domain level (or both). See <em><strong>Enabling Temporary Passcodes</strong></em> section below. This feature will create the below sign-in scenarios: </p><ul><li><p>If both SSO and temporary passcodes are enabled, users can choose to continue with normal SSO login or request a temporary passcode. </p></li><li><p>If SSO is enabled but temporary passcodes are disabled, users will sign in through SSO as usual and will not be given the option to request a temporary passcode. </p></li><li><p>If SSO is disabled but temporary passcodes are enabled, users will have the option to log in with their EGD credentials or request a temporary passcode. </p></li><li><p>If both SSO and temporary passcodes are disabled, users will have to sign in with their EGD email and password credentials. </p></li></ul></li><li><p>User clicks on a link in quarantine digest email and is prompted to log into EGD at <a href="https://ess.barracudanetworks.com/.?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank"><span style="text-decoration: underline">https://ess.barracudanetworks.com/.</span></a> </p></li><li><p>Instead of logging in with account password credentials, the user is given an option to request a temporary passcode. See <em><strong>Signing In with Temporary Passcodes</strong></em><strong> </strong>section below for a step-by-step guide. </p></li><li><p>User requests the temporary passcode and an email containing the passcode is sent to the shared inbox. The passcode is valid for 15 minutes. The user copies and pastes the passcode into the sign-in field on their open browser window. </p></li><li><p>The user is then authenticated into EGD and can manage their quarantined mail, view their message log, and utilize the actions (Deliver, Allow List, Block List) from the digest email as expected. User is also authenticated for their entire 24-hour browser session. </p></li><li><p>Here’s a <strong>demo</strong> <strong>video</strong> describing the process: <a href="https://share.vidyard.com/watch/G1GvuwKtM6nE6iG3kt5zMf?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank">https://share.vidyard.com/watch/G1GvuwKtM6nE6iG3kt5zMf</a></p></li></ul><p> </p><h2><strong>ENABLING TEMPORARY PASSCODES (ADMIN SETTING) </strong> </h2><p>Upon release, the temporary passcode authentication process will be set to disabled by default. To enable temporary passcode authentication for your users, the administrator of the account must follow the below steps: </p><ul><li><p>Account administrator signs into EGD </p></li><li><p>Click on <strong>Users </strong>tab </p></li><li><p>Click on <strong>Quarantine Notification</strong> tab </p></li><li><p>See new feature <strong>Allow users to sign in with temporary passcode</strong> (set to <strong>No</strong> by default) </p></li><li><p>To enable, select <strong>Yes</strong> for this feature </p></li><li><p>Click the <strong>Save Changes</strong> button on top right-hand side of the page </p></li><li><p>Temporary passcodes authentication is now an option for all users in this account </p><ul><li><p><strong>Note</strong>: If you’d like to enable for only a specific domain, sign in as domain administrator and follow the same steps above </p></li></ul></li></ul><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsbfaeqn9pzqy7apyd-image.png" alt="" loading="lazy" title=""></figure><p></p><p> </p><h2><strong>SIGNING IN WITH TEMPORARY PASSCODES</strong> </h2><p>Once the admin setting is enabled, the users of a shared mailbox or distribution list will see a new option when they attempt to sign into the shared email address. See below for a step-by-step guide to authenticating with a temporary passcode: </p><ul><li><p>User clicks on a link or button in their quarantine digest email (Manage Quarantine, View Message Log, Deliver, Allow List, Block List) or goes to directly to EGD site: <a href="https://ess.barracudanetworks.com/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank"><span style="text-decoration: underline">https://ess.barracudanetworks.com/</span></a> </p></li></ul><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsz0agw38tnvp7nvmw-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>User is prompted to sign into EGD </p></li><li><p>User enters shared inbox or distribution list email address in <strong>Email Address</strong> field and clicks the <strong>Next</strong> button </p></li></ul><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gs2pvcvt6mye2eqj5e-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>If account is <strong>SSO enabled</strong>, user will see an intermediary page to allow them to choose between continuing with SSO login (not for shared email addresses) or shown the option to request a temporary passcode </p></li></ul><p> </p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsay4bzb32zfrkaav3-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>If account does not have SSO enabled, user will be prompted to enter their password or shown the option to request a temporary passcode </p></li></ul><p> </p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsz7dttafepa3824y8-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>User clicks on <strong>email a temporary passcode</strong> to send the passcode to the shared mailbox (<strong>Note</strong>: Passcode is valid for 15 minutes) </p></li></ul><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsyyhgx47c93qwd8ef-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>User receives an email to the shared inbox where they can copy the passcode and paste into <strong>Temporary passcode</strong> field (<strong>Note</strong>: Passcodes are case sensitive) and clicks <strong>Log in</strong> </p><ul><li><p><strong>Note</strong>: Users can also request a new passcode by clicking <strong>resend temporary passcode</strong> </p></li></ul></li></ul><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/OmHDDnLDkDmpSA1k7yP3/01h55ta3gsa4a69bsnk0n7arbv-image.png" alt="" loading="lazy" title=""></figure><p></p><ul><li><p>The user will then be signed into their Message Log and can manage their quarantine email </p></li><li><p>Now that the user has signed in with a temporary passcode, they are authenticated for the entire length of their browser session (24 hours) </p><ul><li><p>The user can now use the <strong>Deliver</strong>, <strong>Allow List</strong>, <strong>Block List</strong> buttons on the quarantine digest email as expected </p></li></ul></li></ul><ul><li><p>If you have any questions on the above process, please contact Barracuda Networks Technical Support <a href="https://www.barracuda.com/support?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank"><span style="text-decoration: underline">https://www.barracuda.com/support</span></a>. </p></li></ul><p> </p><h2><strong>Frequently Asked Questions (FAQs):</strong> </h2><p><strong>What if someone else in the shared mailbox also requests a temporary passcode? </strong> </p><p>If 2 users request a temporary passcode around the same time, 2 separate emails with different passcodes will be sent to the shared inbox. Both passcodes will be active for 15 minutes after they are requested, and either user can use either passcode within these 15 minutes. One passcode does not invalidate another. A passcode only becomes invalid after its 15-minute lifespan runs out. </p><p>Only 5 passcodes are active at one time for each account. If users have requested 5 passcodes within the same 15 minutes, no more passcodes can be requested. Any of the 5 active passcodes can be used to authenticate. Once 1 of the 5 passcodes expires, another temporary passcode can be requested. </p><p> </p><p><strong>How frequently do I need to sign in with a temporary passcode? </strong> </p><p>Once you have signed in with a temporary passcode, you are authenticated into the account for the length of your browser session which is 24 hours. After your browser session has ended, you will need to request another temporary passcode to start another 24-hour session. </p><p> </p><p><strong>What if my account uses SSO (Azure AD or LDAP) to log-in? </strong> </p><p>If your Admin has set up your account to use Azure AD or LDAP authentication with Single Sign-On, they will need to enable the temporary passcodes feature in the <em><strong>Enabling Temporary Passcode</strong></em> section above. This will allow the users to sign in with a temporary passcode for a shared mailbox. For non-shared email addresses, users will still be able to sign in with their AD or LDAP credentials. </p><p> </p><p><strong>How do I request a new temporary passcode? </strong> </p><p>Press the <strong>resend temporary passcode</strong> link on the <strong>Enter temporary passcode</strong> page. If requested for a shared mailbox or distribution group, please wait a couple of minutes before requesting a new passcode as multiple emails may be sent to everyone in your shared mailbox or distribution list. </p><p> </p><p><strong>What if I am still having trouble signing in? </strong> </p><p>Please contact Barracuda Networks Technical Support at <a href="https://www.barracuda.com/support?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank"><span style="text-decoration: underline">https://www.barracuda.com/support</span></a> to help you log in or escalate your issue to the correct team. </p><p></p><p></p><h2><strong>Related Campus Articles:</strong></h2><ul><li><p><a href="https://campus.barracuda.com/product/emailgatewaydefense/doc/96023043/quarantine-notifications/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank" title="Quarantine Notifications">https://campus.barracuda.com/product/emailgatewaydefense/doc/96023043/quarantine-notifications/</a></p></li></ul><ul><li><p><a href="https://campus.barracuda.com/product/emailgatewaydefense/doc/98227966/temporary-passcode-authentication/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.temporary-passcode-authentication&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.OmHDDnLDkDmpSA1k7yP3&utm_medium=newspage" rel="noopener nofollow" target="_blank" title="Temporary Passcode Authentication">https://campus.barracuda.com/product/emailgatewaydefense/doc/98227966/temporary-passcode-authentication/</a></p></li></ul>Barracuda Networks[email protected]urn:noticeable:publications:VCeDQa4GmUvZIATGeN802023-04-04T01:11:36.081Z2023-04-04T14:49:34.995ZUpdate to End User AuthenticationAs of Friday, March 31, 2023, the Email Gateway Defense (EGD) team published an update that disabled auto-authentication for end users from quarantine email digests. End users will now be required to authenticate before they can view their...<p>As of Friday, March 31, 2023, the Email Gateway Defense (EGD) team published an update that disabled auto-authentication for end users from quarantine email digests. End users will now be required to authenticate before they can view their account and make updates to their quarantined emails. </p><p>When end users open their email digests going forward, they can still click “Manage Quarantine” or “View Message Log” buttons. However, these buttons will now direct them to the EGD login page prior to taking them into their account. Users can authenticate with their EGD account email and password, or through LDAP or Azure AD. </p><p>Currently users that are members of a shared mailbox or distribution list will have to go through their account administrator to make adjustments to their quarantine mail. The EGD team is actively working on an alternative authentication approach for shared mailboxes. </p><p> </p><p><strong>Admin feature "Require login credentials to access quarantined messages" Disabled:</strong> </p><p>When Admins log in and select the Users Tab à Quarantine Notification, there is a feature named “Require login credentials to access quarantined messages.” This feature has been enabled to “Yes” for all users and greyed out to ensure that all end users must log in to view their accounts. </p><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/VCeDQa4GmUvZIATGeN80/01h55ta3gsp266zmk8ssqe9r7f-image.png" alt="" loading="lazy" title=""></figure><p></p><p> </p><p><strong>Frequently Asked Questions (FAQs):</strong> </p><p><strong>What if I don’t know my password? </strong> </p><p>If you have an EGD managed password/account login, you will be redirected to the EGD login page. Enter your email address and click “Next.” </p><p> </p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/VCeDQa4GmUvZIATGeN80/01h55ta3gstmrb9kkawks0qppx-image.png" alt="" height="259.02155688622753" loading="lazy" title="" width="691"></figure><p></p><p>Once on the password submission page, click “Send login information.” This will trigger a password reset link to be sent to your email address. Go to your email to use the password reset link. </p><p> </p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/VCeDQa4GmUvZIATGeN80/01h55ta3gsnw8a38s9p36pv4g1-image.png" alt="" height="276.72768878718534" loading="lazy" title="" width="695"></figure><p></p><p> </p><p><strong>What if I use Azure AD or LDAP to login? </strong> </p><p>If your Admin has set you to have Azure AD or LDAP authentication with Single Sign-On, you will be automatically redirected to the AD or LDAP page for entering your credentials. </p><p> </p><p><strong>What if I am a member of a shared mailbox or distribution list? </strong> </p><p>If you are a member of a shared mailbox or distribution list, you will need contact your administrator to manage your quarantine, i.e. releasing an email or adding/removing a sender policy. </p><p> </p><p><strong>What if I am still having trouble logging in? </strong> </p><p>Please reach out to Customer Support at 1-408-342-5300. Our support team will be able to help you log in or escalate your concern to the EGD team. </p>Barracuda Networks[email protected]urn:noticeable:publications:HgqYiuyYMCDVLxANruUl2023-02-08T21:00:52.798Z2023-05-01T17:37:08.163ZNew React Platform Launch for End User InterfaceBarracuda expands new React platform to Email Gateway Defense
Barracuda has been working extremely hard over the past year to bring all our solutions to a new, modern, front-end technology stack (ReactJS). You may have already seen the...<p><strong>Barracuda expands new React platform to Email Gateway Defense </strong> </p><p>Barracuda has been working extremely hard over the past year to bring all our solutions to a new, modern, front-end technology stack (ReactJS). You may have already seen the new UI in our other solutions (Impersonation Protection and Incident Response). This new framework will allow us to build new UI features much quicker, which means faster updates for our customers. We are pleased to announce that the new React platform has now been launched on the end user interface of Email Gateway Defense. </p><p>Additional information to be aware of: </p><ul><li><p>This platform launch is a 1-for-1 migration from the old framework, which means that there are no new features/capabilities at this time, just a new “skin” or “look and feel.” However, this migration will allow us to add new features or make changes to our products much more quickly in the future. </p></li><li><p>This launch is for the end user portion of the product only. We’ve begun work on the admin interface and will have a beta version available for users to try. </p></li><li><p>This new interface will be rolled out slowly to end users over the next 4 weeks to be completed by the end of May 2023. </p></li><li><p>Only accounts with a “User” role will see the new UI. If you have set a user as a “domain admin” or “helpdesk” role within EGD, they will need to be set to “user” in order to see the new UI. This is NOT the same thing as setting up an administrator through Barracuda Cloud Control. </p></li></ul><p>Please see image below for an example of the new UI.</p><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/HgqYiuyYMCDVLxANruUl/01h55ta3gsevmz33bebpcnwden-image.png" alt="" height="198" loading="lazy" title="" width="624"></figure><p></p>Barracuda Networks[email protected]urn:noticeable:publications:vo3M4rQZ9IQVseX1695b2021-12-14T21:37:38.612Z2021-12-14T21:54:46.385ZForce TLS for inbound mailWhat: New feature to Force TLS for inbound mail To require mail coming inbound to Email Gateway Defense to use a TLS connection, use the SMTP Encryption section on the Domains > Edit Settings page for each domain. Use the Require TLS to...<p><strong>What</strong>: New feature to Force TLS for inbound mail<br>To require mail coming <em>inbound</em> to Email Gateway Defense to use a TLS connection, use the <strong>SMTP Encryption </strong>section on the <strong>Domains > Edit Settings</strong> page for each domain.<br></p><p>Use the <strong>Require TLS to Barracuda from these domains </strong>list to require a TLS connection from certain domains to Barracuda. You can manually add specific domains one at a time or use the <strong>Bulk Edit</strong> button.</p><p>Note: TLS provides secure transmission of email content, both inbound and outbound, over an encrypted channel using the Secure Sockets Layer (SSL). If a TLS connection cannot be established, then the mail will not be delivered.</p><p></p><figure><img src="https://storage.noticeable.io/projects/Kw4IZPXU5op9yMhYQCX2/publications/vo3M4rQZ9IQVseX1695b/01h55ta3gsvm7rjv5bcex1zhka-image.jpg" alt="" loading="lazy" title=""></figure><p></p>Barracuda Networks[email protected]urn:noticeable:publications:sC0mgzH3GsnirGJZYB4k2021-12-06T16:24:56.544Z2021-12-06T16:25:14.067ZNEW! Email Protection SaaS PlansThey’re here! We are excited to announce the general availability of our new email protection plans. As part of our mission to provide innovative security products that are easy to buy, deploy, and use, our new plans are designed to better...<p>They’re here! We are excited to announce the general availability of our new email protection plans. As part of our mission to provide innovative security products that are easy to buy, deploy, and use, our new plans are designed to better align with customer’s Office 365 security needs and buying preferences. As an existing customer there will be <strong>no changes to your products or plans</strong>. However, some features have new, more descriptive names and have undergone small changes. For more information on the new plans please visit <a href="https://campus.barracuda.com/doc/96014231/?utm_source=noticeable&utm_campaign=kw4izpxu5op9ymhyqcx2.new-email-protection-saas-plans&utm_content=publication+link&utm_id=Kw4IZPXU5op9yMhYQCX2.dL8KwLEKv2q8Jg9gygjr.sC0mgzH3GsnirGJZYB4k&utm_medium=newspage" rel="noopener nofollow" target="_blank">https://campus.barracuda.com/doc/96014231/</a></p>Barracuda Networks[email protected]urn:noticeable:publications:3BSMPrTbzhvTJ80JUtaD2021-06-23T23:18:23.520Z2021-06-23T23:30:06.674ZReport Messages and Provide Feedback from the Outlook Add-inNow, you can use the Outlook Add-In to report suspicious messages and also provide feedback. When you click on the Outlook Add-In, you can simply submit the message as suspicious or choose to provide details as to why you think that message...<p>Now, you can use the Outlook Add-In to report suspicious messages and also provide feedback. When you click on the Outlook Add-In, you can simply submit the message as <strong>suspicious</strong> or choose to provide details as to why you think that message was suspicious. To do so, click <strong>Report & Provide Feedback</strong>, and you will be redirected to a feedback response form. Your feedback is extremely important to us. Providing additional details helps us improve our systems and allows better understanding of your email preferences. </p><p></p>Barracuda Networks[email protected]