TABLE OF CONTENTS


If your organization uses Harmony Email & Collaboration (formerly Avanan), you'll need to properly whitelist ATTACK Simulator to ensure our security awareness training emails and simulated phishing tests reach your users. This guide provides step-by-step instructions for configuring whitelist rules in both Microsoft 365 and Google Workspace environments.


By creating these whitelist rules, you'll inform Harmony Email & Collaboration that messages from ATTACK Simulator should be delivered without being filtered or blocked, allowing our training materials and phishing simulations to reach your users' Microsoft Exchange and Gmail inboxes as intended.


Note: If you encounter difficulties implementing these whitelist configurations, please reach out to our support team for assistance, or contact Harmony Email & Collaboration directly.

Important: Some whitelist configuration options may vary in environments outside the US.


Whitelisting in Harmony Email & Collaboration for Microsoft 365


To properly whitelist ATTACK Simulator in Microsoft 365, create a mail flow rule in the Exchange admin center that identifies our IP address and adds a header indicating the email is safe.


Step-by-Step Instructions:

  1. Log in to your Microsoft Admin console
  2. Navigate to Admin centers > Exchange (or go directly to admin.exchange.microsoft.com)
  3. From the navigation panel, select Mail flow > Rules
  4. Click Add a rule at the top of the page
  5. Select Create a new rule from the dropdown menu
  6. In the "Name" field, enter "ATTACK Simulator Whitelist"
  7. In the Apply this rule if dropdown menu:
    • Select The sender
    • Choose IP address is any of these ranges or exactly matches
    • In the popup window, enter our IP address: 168.245.96.234
    • Click Add and then Save
  8. In the Do the followingdropdown menu:
    • Select Modify the message properties
    • Select set a message header
  9. Click the first Enter textoption under the "Do the following" menu
    • In the popup window, enter "X-CLOUD-SEC-AV-Info" in the text field
    • Click Save
  10. Select the second Enter textoption
  11. Click Next at the bottom of the page
  12. On the "Set rule settings" page:
    • In the "Rule mode" section, select Enforce
    • Check the Stop processing more rules box
  13. Click Next
  14. Review your settings on the "Review and finish" page
  15. Click Finish
  16. Ensure the priority of this new rule is positioned above your Avanan Harmony Email - Protect mail flow rule


Whitelisting in Harmony Email & Collaboration for Google Workspace


For Google Workspace environments, you'll need to create a content compliance rule to identify ATTACK Simulator's IP address and add the appropriate header.


Step-by-Step Instructions:

  1. Log in to your Google Admin console
  2. From the Admin console home page, navigate to Apps > Google Workspace > Gmail

    Tip: If managing multiple organizations, select the appropriate organization from the navigation panel

  3. Select the Compliance section
  4. Navigate to the Content Compliance subsection
  5. Click the Configure or Add Another button (depending on existing rules)
  6. Under "Content compliance," enter a description such as "ATTACK Simulator Whitelist"
  7. In the "Email messages to affect" section, check the Inbound box
  8. In the "Expressions" section, click Add
  9. In the popup window:
    • Select Metadata match from the first dropdown
    • Under "Attribute," select Source IP
    • In the "Match type" dropdown, select Source IP is within the following range
    • Enter our IP address: 168.245.96.234
    • Click Save
  10. Below the "Expressions" section, click Add again
  11. In the popup window:
    • Select Metadata match from the first dropdown
    • Under "Attribute," select Source IP
    • In the "Match type" dropdown, select Source IP is not within the following range
    • Enter our IP address: 168.245.96.234
    • Click Save
  12. In the "Headers" section, check the Add custom headers box
  13. In the "Custom headers" field, click Add
  14. In the "Header key" field, enter "X-CLOUD-SEC-AV-Info"
  15. In the "Header value" field, enter "[portalname],google_mail,inline"
  16. Click Save
  17. Review all settings and click Save to finalize the rule


By following these instructions, you'll ensure that all ATTACK Simulator's security awareness training emails and simulated phishing tests will be properly delivered to your users' inboxes without being blocked by Harmony Email & Collaboration's filtering systems.