CyberCNS supports integrations for different purposes. Office 365 Email Integration being one of them, helps to send outbound emails for notification purposes.
For the reporting tool to operate properly, it is advised to use a licenced user's email address as the Send From address. There might be restrictions or configurations when using a shared mailbox that could prevent the reporting tool from producing reports.
Set up Office 365 Email Integration
This screen is likely to change as we go on adding more integrations.
Navigate to Global Settings(⚙) > Integrations and choose Office 365 Email from the integrations listed in this section.
It will lead to the “Add credentials” of your Email Instance. Provide details as requested.
Input Email Credentials as requested. Credential Name, SMTP Host, SMTP Port, SMTP Username, SMTP Password, From Address, & Test Address details are required to configure successfully.
Enter Credentials
Enter Credential Name: Choose a name of your choice for the set of credentials to be added.
Enter Email For Receiving Test Email: Enter an email address for receiving the test email for the credentials to be added.
Enter Client ID: Enter a Client ID for the credentials to be added.
Enter Client Secret: Enter a Client Secret for the credentials to be added.
Enter Tenant ID: Enter a Tenant ID for the credentials to be added.
Enter the Email Address the email to be sent from: Enter an email address for the email to be sent from.
Enter the Email Address For Sending Reply To: Enter an email address to test the email address to be replied to.
Select Company: To use these credentials to send outbound emails for any company, please select Associated Company from the dropdown.
Follow the below screenshots to fetch the details of Client ID, Client Secret, and Tenant ID:
In the Microsoft Azure portal, navigate to App Registrations> New registration.
In the Register an application page, enter a Name of your choice for app registration.
Please select Account types as Single tenant (shown below). As supported by Microsoft, we need to select Single Tenant.
Navigate to API Permissions -> click on + to Add a permission and click on Grant admin consent.
As depicted in the below image, Grant admin consent permission for MailSend, MailSendShared, and UserRead.
To grant consent for the requested permissions for all accounts choose either Yes or No of your choice.
Navigate to Certificates and Secrets and click on New Client Secret for this application.
Provide a description for this new client secret and click on Add.
Copy the new client secret from here to be provided into the CyberCNS portal.
Navigate to the Overview section for the registered application.
Copy the Application (Client) ID and Directory(tenant) ID from here to be provided into the CyberCNS portal.
Default Template
When the credentials are added, an option to add the default template is seen.
Instead of selecting each time for ticket creation in the integration action, we can add a default template here for a particular integration.
In the Default template, Enter the Email IDs, the email address that the email is to send from, and send a reply to the Email.
Click on Save once all the fields are provided.
The next step is to map local companies in CyberCNS to Email Integration companies corresponding to the selected domain.
Company Mapping
Multiple companies can be mapped using company mapping.
Click on Company Mapping.
Choose Email Credentials from the dropdown and click on + Add to add Integration Mapping.
Here a set of Events is to be set to get notified for. Those events are categorized as Agent, Company, Asset, Ports, Remediation, Vulnerability, Azureerror, AD Audit, Azure AD Audit, and Unquoted Service Path. Every category will have certain events which can be set.
Enter the Event Name and select the category and an Event/s as required.
Every Category has a set of events/alerts under them which can be selected as per the requirement.
e.g. Asset category has below-listed alerts and selection of all or any is allowed.
The Ports category has the below-listed alerts, and the selection of all or anyone is allowed.
For the Remediation category, selection of Remediation by Company OR Remediation by Assets OR Remediation by Product, Remediation by Asset and Product is allowed, and Enable Remediation for Critical and High Severity(Select any one of them).
For the Vulnerability & Azure error category, the below-listed alert, and selection is allowed.
For the AD Audit category, the below-listed alerts are available and selection of all or any is allowed. (Make sure to select the needed as it will create tickets based on the events)
For the Azure AD Audit & Unquoted service path, the below-listed alert and selections are allowed.
Once the above details are selected, click on Save.
In case the local company is already created to be mapped with Email, then select Map Existing Company to Email company and click on Add.
As shown in the below image, select the Local company by using a dropdown as per the requirement.
Click on Finish to map all the selected Email companies.
There is an option to Edit, Delete and set as default for the Alert Rules using the Action column. The listed Alert Rule can be edited and deleted if needed.
For setting the created Event as default, select the option Set as Default.
To confirm the Set as a default action, select Yes or No in the confirmation dialogue box.
Once the event is set to default, under Is Default column, the status Yes can be seen.
Integration Profile
Users will be able to set Alerting rules from integrations right away for conditions listed under it.
Under the Integration Profile, click on +Add to add the Integration Rule.
Enter the Name, Select the credential, and fill out all of the required fields in the Integration Parameters.
Once the below details are provided, click on Save.
There is an option to Edit, Delete and Set as default under the Integration Rules using the Action column. The listed Integration Rule can be edited and deleted if needed
For setting the newly created Event as the default, select the option Set as Default.
To confirm the Set as a default action, select Yes or No in the confirmation dialogue box.
Manage Company Mapping
Click on Manage Company Mapping.
Choose Office 365 Email Credentials from the dropdown and click on + Add to add Integration Mapping for specific companies.
In New Company Mapping, choose the Office 365 Email Credential which is listed. (These are to be added under the Integration> Credentials section for Office 365 Email).
In case the local company is already created in CyberCNS and is to be mapped with ConnectWise company, then select Map Existing Company to Office 365 Email company and click on Next.
As shown in the below image, select the Local company( CyberCNS) by using a dropdown or with the search bar as per the requirement so it will map the companies accordingly.
Please choose/select the Pause Ticket Creation option only if no notifications are required using this integration and click Add.
Once the Create Office365 Email Alert is enabled, select the Event Set, and the Integration Profile, and click on '+' to add the record.
Delete the Integration profile in case not required using the bin icon as shown below.
Click on Add to see all the details of the selected fields and click on Finish.
Once all the fields are provided, Click on Finish to map all the selected Office 365 Email companies.
Delete the company record in case not required using the bin icon as shown below.
Selected companies are shown in the image below, along with details such as Existing Company Name, Company Name, Event Set, Integration Profile, Pause Ticket Creation, and Mapped Date.
Using the Action column can edit or delete the integration mapping. Any mapping can be edited or deleted, whenever necessary.
This completes the documentation of Office 365 Email Integration.