Web Mail Services

Mobile Access Check Point Software Blade on a Security Gateway that provides a Remote Access VPN access for managed and unmanaged clients. Acronym: MAB. supports built-in Web mail. Web mail provides a simple way for remote users, through a web browser interface, to access their email. Employees can access their email from any computer that has access to the Internet, such as a computer in a library, or Internet cafe. There is no need to install special email or remote access software. This is helpful for employees who work outside the office on a regular basis.

Note - The traffic log does not show actions done by the user through the Web mail interface.

Mobile Access also supports the IBM Lotus Domino Web Access (DWA, formerly known as iNotes) and Outlook Web Access (OWA). DWA and OWA are configured in Mobile Access as Web Applications.

Web Mail Services User Experience

Remote users login to Mobile Access and authenticate themselves in order to gain access to the portal. They can then click a link to access the Web mail application. Mobile Access can be configured to reuse the login credentials when authenticating to the IMAP account on the mail server. If the reused credentials are incorrect, Mobile Access again presents the user with a login page. Valid credentials are saved for future logins.

Once authenticated to the mail application, users can:

• Compose, send and receive email.

• Create, delete, rename, and manipulate mail folders.

• Index messages in various ways.

• Stores addresses.

• Search emails according to various criteria, such as body text, subject and sender's address.

• Highlight messages with different background colors, enabling quick differentiation.

• Display preferences.

Incoming (IMAP) and Outgoing (SMTP) Mail Servers

Mobile Access provides a Web front-end for any email application that uses the IMAP protocol for incoming mail, and SMTP for outgoing mail.

Email stored on the IMAP server is manipulated through the browser interface without having to transfer the messages back and forth. Users can connect to several mail servers depending on their authorization.

Configuring Web Mail Services

To configure a new Web Mail application:

1. In SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., click Objects > Object Explorer (Ctrl+E).

2. Click New Custom Application/Site > Mobile Application > Mail Service.

   The Web mail service window opens.

Web Mail Service - General Properties Page

1. Go to the General Properties page of the Web mail service object.

2. Fill in the fields on the page:

   • Name for the mail service, for example, my_mail_server

   • Outgoing Mail Server (SMTP)

     • Host or DNS Name, for example, smtp.example.com

     • Service is normally the standard predefined SMTP service.

   • Incoming Mail Server

     • IMAP server type

     • Host or DNS Name, for example, smtp.example.com

     • Service is normally the standard predefined IMAP service.

Web Mail Service - Link in Portal Page

1. Go to the Link In Portal page of the Web mail service object.

2. Fill in the fields on the page:

   • Link text (multi-language) - Shows in the Mobile Access Portal. If more than one link is configured with the same (case insensitive) text, only one of them will be shown in the portal.

   • Tooltip (multi-language) - Gives additional information. The text appears automatically when the user holds the cursor over the link. It disappears when the user clicks a mouse button or moves the cursor away from the link.

Web Mail Service - Single Sign-On Page

Configure the Single Sign-On settings for the Web Mail Service.

1. Go to the Single Sign On page of the Web mail service object.

2. Select the sign on method for the application.

Web Mail Service - Protection Level Page

1. Go to the Protection Level page of the Web mail service object.

2. Fill in the fields on the page:

   Security Requirements for Accessing this Application lets you:

   • Allow access to this application to any endpoint machine that complies with the security requirements of the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources.,

   • Give access to the application conditional on the endpoint being compliant with the selected Endpoint Compliance Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration. Profile.

Completing the Configuration of the Web Mail Service

To complete the configuration, add the Web Mail application to a policy rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. and install policy from SmartConsole.

For Unified Access Policy, see Mobile Access and the Unified Access Policy.

For legacy policy, see Getting Started with Mobile Access.

Enabling LDAP Contacts Search in Web Mail Applications

By default, the contact search in Web Mail applications works only for internal users that are defined on the Mobile Access Security Gateway. To enable search on contacts that are defined on an LDAP server, see sk34997.