Enable Cloud Malware Protection for Box Tenants
Umbrella supports Cloud Malware protection for all files within your Box deployment.
Table of Contents
- Prerequisites
- Limitation
- Verify Box Application Settings
- Authorize a Tenant
- Edit a Tenant
- Revoke Authorization
Prerequisites
- The person performing the installation must be a Box Admin (not Co-Admin)
- Chrome or Firefox (recommended) with pop-up blockers and ad blockers disabled (only for the duration of authorization)
- Published and unpublished applications must be enabled in the Box Admin Console (see Verify Box Application Settings.
Limitation
- A tenant that fails to authenticate cannot be deleted.
Verify Box Application Settings
- Log into the Box Admin Console.
- Navigate to Settings (the Gear icon) > Enterprise Settings > Apps.
- In the Global App Settings section:
- Do not check: Disable published third party apps by default.
- Check: Require web app integrations to use secure connections (SSL).
![](https://files.readme.io/36162ef-VerifyBoxAppSettings.jpg)
- Click Save.
Authorize a Tenant
- Navigate to Admin > Authentication.
- In the Platforms section, click to expand Box.
![](https://files.readme.io/e628f88-AuthStep2.jpg)
- In the Cloud Malware section, click Authorize New Tenant to add a Box tenant to your Umbrella environment.
- In the Box Authorization dialog box, check the checkbox to verify you meet the prerequisites and then click Next.
![](https://files.readme.io/81ac13b-AuthStep4.jpg)
- Add a Tenant Name and then click Next.
![](https://files.readme.io/4990398-AuthStep5.jpg)
- Select a Response Action for Umbrella to apply to Box files found with malware and then click Next.
- Choose Monitor to cause Umbrella to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
- Choose Quarantine to:
- Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Box admin.
- Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
![](https://files.readme.io/5ea3346-AuthStep6.jpg)
- Click Next to be redirected to the Box login page.
![](https://files.readme.io/da6c0ff-AuthStep7.jpg)
- Log in to Box with admin credentials to grant access.
![auth-box-sign-in.jpg 924](https://files.readme.io/3c15b9d-auth-box-sign-in.jpg)
You are redirected to Umbrella and a message appears showing the integration was successful. It may be up to 24 hours for the integration to be confirmed and appear as Authorized.
- Click Done to complete.
![](https://files.readme.io/410849c-AuthStep9.jpg)
Edit a Tenant
You can change the Response Action you have selected for a tenant.
- Navigate to Admin > Authentication.
- In the Platforms section, click Box.
- In the Cloud Malware section , from the Edit column, click Edit. You can edit any tenant.
![](https://files.readme.io/e8d437b-EditStep3.jpg)
- Select a Response Action for Umbrella to apply to Box files found with malware and then click Next.
- Choose Monitor to cause Umbrella to log files detected with malware. You will be able to manually quarantine these files from the Cloud Malware report.
- Choose Quarantine to:
- Move the file into a folder named Cisco_Quarantine_Malware in the root path of the admin who authorized the tenant, remove all collaborators, and change the file owner to the Box admin.
- Replace the file in its original location with a text file named filename.ppt_Cisco_Quarantined.txt explaining to the original file owner that the file is identified as malware and for more information to contact their organization administrator.
- Click Next.
![](https://files.readme.io/b55a38a-AuthStep7.jpg)
The new Response Action is displayed.
![](https://files.readme.io/e2fa0ae-EditStep6.jpg)
Revoke Authorization
- From the Action column, click Revoke. You can revoke any authorized tenant.
![](https://files.readme.io/cc8acff-RevokeStap1.jpg)
- Click Revoke. The selected account is no longer authorized.
![](https://files.readme.io/6bbc247-RevokeStep2.jpg)
Enable Cloud Malware Protection for Dropbox Tenants < Enable Cloud Malware Protection for Box > Enable Cloud Malware Protection for Microsoft 365 Tenants
Updated 3 months ago