Manage the approved and blocked lists centrally, applying them consistently across all supported Email and Collaboration Security solutions.
The approved and blocked lists in Email and Collaboration Security provide a centralized
way to manage trusted and suspicious objects across your organization’s email and
collaboration environments. These lists are designed to streamline policy enforcement
and improve detection accuracy across supported solutions, including Cloud Email and Collaboration
Protection and Cloud Email Gateway
Protection.
The blocked list allows administrators to define specific senders, domains, or other
indicators that should be proactively blocked. When configured, these entries act
as a pre-policy filter, preventing emails or collaboration content containing known
threats or unwanted sources from being delivered or accessed. This early-stage filtering
helps reduce the risk of exposure to malicious content and minimizes the burden on
downstream security layers. Blocked list entries are managed through Suspicious Object Management, where you can view, add, or remove entries.
The approved list, on the other hand, is used to allow trusted senders or content
to bypass certain filtering steps. This helps reduce false positives and ensures smoother
delivery and access for known-good sources across both email and collaboration platforms.
 |
NoteOnly sender address is currently supported for the approved list.
|
By managing these lists centrally, administrators benefit from a “configure once,
apply everywhere” model. This not only reduces configuration effort and administrative
overhead, but also ensures consistent enforcement of security policies across the
entire organization. It enhances your overall user experience and reinforces Email
and Collaboration Security on Trend Vision One as a unified, integrated security solution.
Approved and blocked objects apply across all supported Email and Collaboration Security
solutions when configured centrally. If you prefer to apply an approved or blocked
object to a specific solution only, you can configure it directly within that solution.
For example, for Cloud Email and Collaboration
Protection, in the Advanced Threat Protection or Data Loss Prevention policies or in the approved/blocked lists under Global settings.
Please note that additional configuration may be required within individual solutions
to ensure approved or blocked objects function as expected. For example, for Cloud Email Gateway
Protection, to specify whether to skip certain security checks on emails from approved senders,
go to the sender filter settings under Inbound Protection. Always refer to the relevant solution’s documentation to complete any necessary
setup.
Common resource actions
|
Action
|
Description
|
||
|
Manage the blocked list
|
Click Go to Suspicious Object Management, and then manage the blocked objects and actions for these objects upon detection.
|
||
|
View the approved list details
|
View each approved object, what it is about, when it was last updated, and its expiration
date.
|
||
|
Add objects to the approved list
|
Click Add and configure settings for the object. For details, see Adding an object to the approved list.
|
||
|
Edit an approved object
|
Click the object name and make necessary changes to the object.
|
||
|
Delete objects from the approved list
|
If an object is no longer needed or has expired, you can delete it.
To delete a single object, click the trash (
 ) icon corresponding to this object.To delete more than one object, select them and click Delete.
|
||
|
Search for objects in the approved list
|
Use the filter field to search for desired approved objects by object name.
|