Skip to main content

How to Whitelist Right-Hand in Harmony Email & Collaboration(formerly Avanan) via Microsoft 365 and Google Workspace?

K
Written by Karthek S
Updated this week

Table of contents:

1) How do I whitelist Right-hand in Avanan with the help of Microsoft Office 365 mail flow rules?

2) How do I whitelist Right-hand in Avanan(Checkpoint Harmony) with the help of Google Workspace rules?

If your organisation uses Harmony Email & Collaboration (formerly Avanan) by Check Point, you can whitelist Right-Hand in both Microsoft 365 and Google Workspace to ensure that simulated phishing emails and training notifications are delivered successfully to your users' inboxes.

To do this, you will create rules in Microsoft 365 or Google Workspace that instruct Harmony Email & Collaboration not to block or filter emails originating from Right-Hand. This ensures our emails reliably reach your users' Exchange and Gmail inboxes without being quarantined or flagged.

How do I whitelist Right-hand in Avanan with the help of Microsoft Office 365 mail flow rules?

To whitelist Right-Hand in Office 365, you must set up a mail flow rule in the Exchange admin center. This rule will detect emails from Right-Hand's IP addresses and add a header to inform Avanan that the email is safe.

To create this mail flow rule, follow these steps:

  1. Sign in to your Microsoft Admin console.

  2. In the navigation panel, go to Admin centers > Exchange. Alternatively, you can access the Exchange admin center directly by visiting admin.exchange.microsoft.com.

  3. In the navigation panel, go to mail flow > rules.

  4. Click the plus sign icon at the top of the page to open a drop-down menu.

  5. Select Create a new rule from the drop-down menu. This will open a new rule pop-up window.

  6. In the Name field, input a name for the rule. For instance, you might enter "Right-Hand Whitelisting".

  7. In the Apply this rule if… drop-down menu, hover over The sender, then choose IP address is any of these ranges or exactly matches. This will display a pop-up window to specify IP address ranges.

  8. In the pop-up window, enter the Right-Hand IP addresses 52.74.95.172, 168.245.54.27, and 149.72.49.118. After entering each IP address, click Add.

  9. Click the Save button.

  10. In the Do the following… drop-down menu, choose Modify the message properties, then select set a message header.

  11. Click the first Enter text… option beside the Do the following... field. This will open a message header pop-up window.

  12. In the Header name field, type X-CLOUD-SEC-AV-Info.

  13. Click the Save button.

  14. Click the second Enter text… option next to the Do the following... field. This will open a header value pop-up window.

  15. In the Value field, enter the following — replacing [portalname] with your Infinity Portal tenant identifier: [portalname],office365_emails,inline

Note: Example: mycompany,office365_emails,inline.

The [portalname] value is your unique Infinity Portal tenant identifier, visible in the URL when logged in to the Harmony Email & Collaboration Administrator Portal (e.g. mycompany.avanan.net).

16. Click the Save button and click Next.

17. In the Set rule settings section:

◦ Select the Audit this rule with severity level checkbox, and choose High from the drop-down.

◦ Under Choose a mode for this rule, select Enforce.

◦ Check the box labelled Stop processing more rules.

18. Click Next, then click Finish to apply the rule.

19. Set rule priority: Return to Mail flow > Rules. Locate your newly created rule and drag it (or use the priority arrows) to position it above the Avanan – Protect rule in the list.

How do I whitelist Right-hand in Avanan(Checkpoint Harmony) with the help of Google Workspace rules?

To whitelist Right-Hand in Google Workspace, you need to complete two tasks:

  • Create a new content compliance rule to identify Right-Hand IP addresses and mark the email as safe for Harmony Email & Collaboration

  • Update an existing Harmony Email & Collaboration content compliance rule to exclude Right-Hand IPs from additional filtering

This configuration prevents sandbox tools used by your organisation from blocking simulated phishing tests and training notifications.

Part A - Create a New Content Compliance Rule

  1. Sign in to your Google Admin console.

  2. From the Admin console home page, go to Apps > Google Workspace > Gmail.

  3. If you manage multiple organizations, select the organization where you want to apply the rule from the navigation panel.

  4. Navigate down to the Compliance section of the page.

  5. Place your cursor over the Content Compliance setting.

  6. Click either the CONFIGURE or ADD ANOTHER RULE button, depending on whether a rule has already been added. This will open an Add setting pop-up window.

  7. In the Content compliance section, describe this rule. For instance, you could enter "Right-Hand Whitelisting".

  8. In step one, select the Inbound check box.

  9. In step two, complete the fields by following these instructions:

    a) Choose "If ALL of the following match the message" from the drop-down menu to display the Expressions section.

    b) Then, click the ADD button in the Expressions section.

    c) Next, select "Metadata match" from the drop-down menu.

    d) In the Message authentication drop-down menu, choose "Source IP" and then in the Match type drop-down menu choose "Source IP is within the following range".

    e) Finally, enter "168.245.54.27/32" in the Match type field and click Save.

  10. In step 3, complete the fields by following these steps:

    a) Choose "Modify message" from the drop-down menu.

    b) Then, under Headers, check the box labeled "Add custom headers" to display the Custom headers section.

    c) In this section, click the ADD button.

    d) Enter "X-CLOUD-SEC-AV-Info" in the Header name field.

    e) In the Value field, enter the following — replacing [portalname] with your Infinity Portal tenant identifier:

    [portalname],google_mail,inline

11. Click Save at the bottom of the pop-up, then save the overall settings.

Part B - Update the Existing Harmony Email & Collaboration Content Compliance Rule

To learn more about content compliance rules in Google Workspace, refer to Google’s page on setting up rules for advanced email content filtering.

  1. Return to Apps > Google Workspace > Gmail > Compliance.

  2. Hover over the Content Compliance setting.

  3. Locate the existing Harmony Email & Collaboration rule — it will be named using your portal tenant identifier in the format:

[portal_name]__inline_ei

4. Click the Edit button next to this rule. The Add setting pop-up will open.

5. In Step 2, click Add to add a new expression condition to the existing rule.

6. Configure the new expression as follows:

◦ From the expression type drop-down, select Metadata match.

◦ In the Attribute drop-down, select Source IP.

◦ In the Match type drop-down, select Source IP is NOT within the following range.

◦ In the value field, enter:

168.245.54.27/32

7. Click Save to confirm the new expression.

Expected outcome: You will now see two conditions listed under this rule — the original Harmony Email & Collaboration condition and the new exclusion condition for the Right-Hand IP range.

This prevents Right-Hand emails from being re-evaluated by the Harmony inline rule after the whitelist rule has already marked them as safe.

To learn more about content compliance rules in Google Workspace, refer to Google’s page on setting up rules for advanced email content filtering.

Did this answer your question?