Whitelisting PhishGuard in Microsoft 365 (Advance Delivery)

Whitelisting IPs, Senders, and URLs in Phishing Simulation Advanced Delivery for Microsoft 365

This article shows how to whitelist IPs, Senders, and URLs in Phishing Simulation Advanced Delivery for Microsoft 365.

In Microsoft 365's Advanced Delivery for Phishing Simulation, administrators have the capability to whitelist specific IPs, senders, and URLs. Whitelisting ensures that simulated phishing emails bypass security filters, allowing users to receive and engage with them as part of the training process. This article provides step-by-step instructions on how to whitelist IPs, senders, and URLs within the Phishing Simulation Advanced Delivery settings.

Steps to Whitelist IPs, Senders, and URLs:

1. Access Microsoft 365 Security & Compliance Center: 
   Log in to your Microsoft 365 Admin Center with administrator credentials.
   
   
2. Navigate to Threat Management: 
   In the Admin Center, go to the "Security" section and select "Threat management" from the navigation menu.
   
3. Policies & rules: Within the "Email & collaboration" section, click on "Policies & rules" and then select "Threat Policies"
   
   
   
4.  Advance Delivery: Go to "Rules" section, click on "Advance delivery" then choose "Phishing Simulation"
   
   
5. Configure Phishing Simulation: Click on Edit button to change all the phishing simulation configuration from Sending IP, Domain, Allowed Simulation URL and if you don't have any existing phishing simulation configuration then you will be able to create new one .
   
   
6. Whitelist IPs: In the "Edit thirds party phishing simulations" settings, find the section for Sending IPs. Enter the IP addresses based on the region, ensuring that simulated phishing emails sent from these IPs are not blocked by security filters.
   
   
7. Whitelist Domains: Similarly, locate the section for whitelisting domains. Add the domains of senders that you want to whitelist for phishing simulation emails.
   
   
8. Whitelist URLs: In the "Edit thirds party phishing simulations" settings, find the option for whitelisting URLs. Enter the URLs that you want to whitelist, ensuring that links included in simulated phishing emails are not blocked by security filters. Note: You will need to add a simulation URL with Domain or Sending IP order to bypass Sandbox and un-accurate results.
9. Save Changes:After configuring the whitelisted IPs, domains, and URLs, save the changes to apply the settings to your phishing simulation configuration.

Note: It's essential to regularly review and update the whitelisted IPs, senders, and URLs to ensure that your phishing simulation remains effective and relevant to evolving security threats.

By following these steps, administrators can effectively whitelist IPs, senders, and URLs in Microsoft 365's Phishing Simulation Advanced Delivery settings. This allows for a more realistic and targeted training experience, enhancing users' awareness and response to phishing threats.