SWCD and SonicWall Cloud App Security portal for SonicWall quarantined or flagged emails – How to get there and what to do

Raised from ticket #3381

Steps provided by WesternNRG

If you receive a notification about a quarantined email, follow these steps to determine if it is safe to release:

1. Check the sender’s email address carefully. Ensure it matches the expected domain.
2. Verify if you were expecting an email from that sender.
3. Access the CAS Admin Portal to review the quarantined email:
   • Log in to the CAS Admin Portal.
   • Navigate to Quarantine > Quarantine Items.
   • Find the email in question and click on the subject header.
   • Review the Security Stack on the right side to see the analysis of the email.
   • Check for any flagged attachments and their details.
4. If an attachment is flagged as potentially malicious, do not release the email immediately.
5. Consider downloading the attachment to an isolated computer with strong antivirus software to scan it for threats.
6. Based on the scan results, decide whether to release the email or not.

Always exercise caution when dealing with quarantined emails, especially if they contain attachments. If in doubt, consult your IT support team for further assistance.