- 28 Sep 2023
- 5 Minutes to read
- Print
- PDF
Conditional Email Access Control Panel
- Updated on 28 Sep 2023
- 5 Minutes to read
- Print
- PDF
Now that you have configured Conditional Email Access policies, it is time to look at the CEA Control Panel provided by Scalefusion. The control panel gives you a snapshot of how emails are being accessed, and it also provides user-level details. The control panel also allows you to take any remediation action by giving you the flexibility to Allow or Block a particular device of a user.
In this document, we will go through the various options available in the CEA control panel.
Basics of the CEA Control Panel
Once you have configured the CEA and the initial sync has succeeded, the CEA control panel will be updated to the screen below. We have added the markers and the description below.
- Overview By Devices: This section gives you a snapshot by devices,
- Devices Secured: The number of devices where email access has been secured by Scalefusion.
- Grace Period: The number of devices where the user is in a grace period currently.
- Devices Unsecure: The number of devices where the user has been allowed to access emails even though devices are not managed by Scalefusion
- Overview By Users: This section gives you a quick overview of users.
- Users Secured: The number of users whose email access has been secured by Scalefusion at least on one device.
- Grace Period: The number of users currently in the grace period, at least in one of the devices.
- Users Unsecure: The number of users who have at least one device where access has been allowed as per policy or explicitly.
- Utility Bar: The utility bar lets you do the following,
- Filters: Allows you to filter the available information by various states such as Blocked, Grace Period, Secured or Unsecured.
- Search: Allows you to search by email address or by exchange id.
- Download CSV: Click on the 3 dots menu to Download a CSV report of the data.
- Email Access Information: This table lets you view the email access information in detail and at a per-user level. This section also allows you to perform actions at a per-user level.
- Username & Email: The username and email of a user.
- Total Devices: The number of devices where this user is accessing email.
- Managed: Out of the total devices, the number of devices that are managed by Scalefusion.
- Unmanaged (Allowed): Out of the total devices, the number of devices that are not managed by Scalefusion but email access has been allowed. This can be either due to policy or if the access has been explicitly allowed for that user on a device.
- Grace Period: Out of the total devices, the number of devices where the user has been given a grace period.
- Blocked: Out of the total devices, the number of devices where user's access to email has been blocked as their devices are not yet managed by Scalefusion.
- View Details: Allows you to view details of email access on various devices by a particular user and allows you to take action.
- Edit: Use this option to edit the CEA Policies. Note that once the CEA is configured, the Gateway/Admin URL cannot be changed.
- Sync Now: Use this option to initiate a force sync that will fetch the details of the latest email access information. Please note once you click Sync Now, the options will be disabled till the sync is complete.
User Level Details & Actions
Scalefusion periodically synchronizes the information of email access by targeted users as per CEA policy and updates the list. This list allows IT Admins to view the details of devices where a particular user is accessing emails and also allows them to allow or block a particular device of a user.
- Click View Details of a particular user information row to see details for that user,
- View Details displays the information about the devices from where the user is accessing email,
- Device OS: Indicates the Operating System from where the Email access is being done.
- Device Model: Provides device model information. This information can be blank or sometimes generic as the APIs do not provide this information.
- Status: Can be one of the following,
- Allowed: Email access has been allowed on this device.
- Blocked: Email access has been blocked on this device.
- Quarantined: Email access has been quarantined on this device.
- Reason: This column gives you the details on Status and can be one of the following,
- Secured: This indicates that the device is managed by Scalefusion and the email access is secured.
- As per Policy: Indicates that the current Status of the device is as per the policy.
- Allowed Explicitly: Indicates that email access on this device has been allowed explicitly by the administrator.
- Blocked Explicitly: This indicates that email access on this device has been blocked explicitly by the administrator.
- Exchange ID: This indicates the Exchange ID of the device as reported by the Email app. The exchange ID is the unique ID assigned by the email application for that device. This acts as the identifier that helps us determine whether the device is managed by Scalefusion or not.
- Actions: This section allows the following actions,
- Allow: Displayed for the devices where the access has been blocked. This is helpful if you want to allow access to a particular user on a particular device even though their devices are not managed.
- Block: Displayed for the devices where the access has been explicitly allowed. This is helpful when you want to prevent access on a particular device of a user.
Frequently Asked Questions
Question: We have a lot of users in our organization, but why does the control panel only display selected users?
Answer: The users that are considered for CEA are dependent on the Target Users defined in the CEA policy. If you had selected All users, then we consider all users as targeted, and if you had selected Imported/Added, then we only consider the users that have been imported to Scalefusion.
Question: We have imported a user to Scalefusion and allowed/blocked their access on a device from the Microsoft ECP portal/IceWarp admin panel, and now we do not see that user in Scalefusion CEA Control Panel.
Answer: If a target user's access has been allowed or blocked outside of Scalefusion, then we do not have a way to detect that, and hence they are not shown in the portal. If they happen to access email on a new device, and no changes have been done from Microsoft ECP for that device, then the user would start appearing after the next periodic sync.
Question: I have enrolled Android device and accessed email using Gmail, but the device is still displayed under Grace instead of Managed. What can be the reason?
Answer: The Android devices should be EMM-managed. Hence, please ensure the Android Enterprise Setup is done on the Scalefusion Dashboard beforehand.