You must create three compliance rules. The first rule ensures that all the emails are routed towards Nightfall for scanning. It is mandatory for you to create the scan rule.

The second and third compliance rules are required for blocking and quarantining emails. You must create these rules only if you wish to use the block and quarantine actions in Gmail policies. You can configure either any one or both block and quarantine rules. It is recommended that you configure at least one of the two rules.

The Scan rule is used to select emails for scanning. This rule adds a Nightfall header to all the emails that are to be scanned.

To create Scan rule:

1. Login to your Google Workspace with an admin account.

2. Click the menu icon.

3. Select Admin.

1. In the left menu, expand Apps and then expand Google Workspace.

2. Click Gmail.

1. Scroll down and click Compliance.

1. Scroll down to the Content Compliance section and click ADD ANOTHER RULE. (If you have not created any Compliance rule previously, the button might be displayed as CONFIGURE).

1. Enter a name for the compliance rule.

2. Select Outbound and Internal - Sending checkboxes in the Email messages to affect section.

1. Select the If ANY of the following match the message option.

Steps 11 to 16 help you create a Compliance rule to block emails.

1. Click ADD.

1. In the Add setting dialog box, select the Advanced Content match option.

1. In the Location drop-down menu, select Full headers.

1. In the Match type drop-down menu select Not Contains text.

1. In the Content field enter x-nightfall-scanned. x-nightfall-scanned is a header that is added to emails that Nightfall scans. This condition ensures that all unscanned emails go through the scanning process.

2. Click SAVE.

The condition expression is created as follows. This ensures all emails that are not yet scanned by Nightfall need to be scanned.

You must now configure rules to route the email towards Nightfall for scanning.

17. In stage 3, select Modify message.

1. Under the Headers section, select the Add X-Gm-Original-To header check box.

2. Under the Envelope recipient section, select the Change envelope recipient check box.

1. In the Replace recipient field, enter dlp@secure.nightfall.ai. This is the email address to which emails must be routed for scanning.

1. Click SAVE.

The block rule blocks emails that contain sensitive information. Some of the initial configuration steps are the same as in the case of the Scan rule.

1. Execute steps 1-13 of the Configure Scan Rule. If you are already on the Compliance page of the Google Workspace, execute steps 7-13 of the Configure Scan Rule.

2. In the Match type drop-down menu, select Contains text.

1. In the Content field enter x-nightfall-block. Nightfall updates the headers for all emails that need to be blocked with “x-nightfall-block”, once they are processed and before they are routed back to Gmail. This enables Gmail to block the emails with this header and these are not delivered to the recipient.

2. Click SAVE.

You can now see that a condition expression is added for the block as well.

When an email is blocked, you must notify the sender about the same. The following steps must be configured to notify the sender about the blocked email.

1. In stage 3, select Reject message.

1. (Optional) Enter an optional message to the sender. This message is included in the body of the email.

2. Click SAVE.

Once you create the rules, you must whitelist the Nightfall IP addresses to allow emails sent by Nightfall back to your domain.

To whitelist Nightfall IP addresses:

1. Login to your Google Workspace with an admin account.

2. Click the menu icon.

3. Select Admin.

1. In the left menu, expand Apps and then expand Google Workspace.

2. Click Gmail.

1. Scroll down and select Routing.

1. 1. Scroll down to the SMTP relay service section and click ADD ANOTHER RULE (the button can be displayed as CONFIGURE if you have not created any SMTP rules).

1. Enter a name for the SMTP rule.

2. Select the Only accept mail from the specified IP addresses check box.

1. Click ADD.

Contact your Nightfall CSM or sales representative to get the IP addresses to be entered in the next steps.

1. Enter a description in the Description field.

2. Enter the IP address in the Enter IP address/range field.

3. Click SAVE.

The IP address is added. Repeat steps 10-13 to add the other two Nightfall IP addresses.

1. Click SAVE.

The Quarantine rule quarantines the email that contains sensitive data. The initial configuration steps are the same as in the case of the Scan rule.

1. Execute steps 1-13 of the . If you are already on the Compliance page of the Google Workspace, execute steps 7-13 of the .

2. In the Match type drop-down menu, select Contains text.

3. In the Content field enter x-nightfall-quarantine. Nightfall updates the headers for all emails that need to be quarantined with “x-nightfall-quarantine”, once they are processed and before they are routed back to Gmail. This enables Gmail to quarantine the emails with this header.

4. Click SAVE.

1. In stage 3, select Quarantine message.

1. (Optional) Select the Notify sender when mail is quarantined check box to notify the sender when their email is quarantined.

2. Click SAVE.

This document explains the process of installing the Nightfall for Gmail. Nightfall for Gmail allows you to scan all outgoing emails for sensitive data. Nightfall for Gmail can scan both, email body and attachments.

Prerequisites

• You must have a Google Workspace account.

• You must have administrator access to the above Google Workspace account.

Overview

When Nightfall detects emails with sensitive data, it can either Block or Quarantine the email, based on the settings configured in the Gmail policy. To enable Nightfall to perform these actions (Block, Quarantine), you must set up compliance rules in Google Workspace.

Once you set up the compliance rules, you must then whitelist Nightfall IP addresses to receive emails from Nightfall.

Finally, you must enter your organization's domain to complete the installation process.

The following documents explain the installation process in detail.

This domain configuration must be performed in the Nightfall UI.

1. Log in to Nightfall.

2. Click Gmail under MY INTEGRATIONS.

1. Click Begin Setup.

1. Select the first and second check boxes since we have configured these stages.

2. Click CONTINUE.

1. Enter your domain address.

2. Click Continue.

1. Click Finish.