Guides
ProductDeveloper
Guides

Enable Cloud Malware Protection for Box Tenants

Umbrella supports Cloud Malware protection for all files within your Box deployment.

Table of Contents

Prerequisites

  • The person performing the installation must be a Box Admin (not Co-Admin)
  • Chrome or Firefox (recommended) with pop-up blockers and ad blockers disabled (only for the duration of authorization)
  • Published and unpublished applications must be enabled in the Box Admin Console (see Verify Box Application Settings.

Limitation

  • A tenant that fails to authenticate cannot be deleted.

Verify Box Application Settings

  1. Log into the Box Admin Console.
  2. Navigate to Settings (the Gear icon) > Enterprise Settings > Apps.
  3. In the Global App Settings section:
  • Do not check: Disable published third party apps by default.
  • Check: Require web app integrations to use secure connections (SSL).
  1. Click Save.

Authorize a Tenant

  1. Navigate to Admin > Authentication.
  2. Under Platforms, click to expand Box.
  1. Under Cloud Malware, click Authorize New Tenant to add a Box tenant to your Umbrella environment.
  2. In the Box Authorization dialog box, check the checkbox to verify you meet the prerequisites, then click Next.
  1. Enter the tenant name, then click Next.
  1. Select a Response Action for Umbrella to apply to Box files found with malware, then click Next.
  • Choose Monitor to cause Umbrella to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
  • Choose Quarantine to:
  • Move the file into a folder named Cisco_Quarantine > Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Box admin.
  • Replace the file in its original location with a text file named filename.ppt_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
  1. Click Next to be redirected to the Box login page.
  1. Log in to Box with admin credentials to grant access.
924

You are redirected to Umbrella and a message appears showing the integration was successful. It may be up to 24 hours for the integration to be confirmed and appear as Authorized.

  1. Click Done to complete.

Edit a Tenant

You can change the Response Action you have selected for a tenant.

  1. Navigate to Admin > Authentication.
  2. Under Platforms, click Box.
  3. In the Cloud Malware section , under Action, click Edit. You can edit any tenant.
  1. Select a Response Action for Umbrella to apply to Box files found with malware, then click Next.
    • Choose Monitor to cause Umbrella to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
    • Choose Quarantine to:
    • Move the file into a folder named Cisco_Quarantine> Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Box admin.
    • Replace the file in its original location with a text file named filename.ppt_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
  2. Click Next to complete.
  1. The new Response Action is displayed.

Revoke Authorization

  1. Under Action, click Revoke. You can revoke any authorized tenant.
  1. Confirm to proceed. The selected account will no longer be authorized.

Enable Cloud Malware Protection for Dropbox Tenants < Enable Cloud Malware Protection for Box > Enable Cloud Malware Protection for Microsoft 365 Tenants