Skip to main content

Check Point Email Protection Portal Access

Updated this week

Overview

Guardz customers using Check Point Email Protection (formerly known as Avanan) can access parts of the security console (portal) to monitor threats, investigate suspicious emails, and review security activity.

To maintain consistent protection across all Guardz-managed environments, The MSPs access to the console is role-based and certain configuration areas are restricted.

Important Notes:

  • Some configuration settings are not accessible, and managed directly by Guardz to ensure consistent protection.

  • Changes made in supported console sections (e.g., Exceptions) that are also represented in the Guardz platform are automatically synchronized and reflected in Guardz.

  • Access is granted for MSPs only (not to the end-customers).

Access Levels

A. Tenant view:

  • MSP access: user will be able to view all tenants existing under the MSP (organization)

  • Tenant access: user will be able to view selected tenants only

B. Regarding user permissions, console access is divided into three categories:

Access Level

Description

Editor (Read & Write)

Users can view information and perform actions (such as investigations, remediation, or configuration changes).

Note that smart banners can be customized by users with the Editor role only.

Viewer (Read Only)

Users can view settings and data but cannot modify them.

Note that there are:

Hidden / Not Accessible sections

These areas are managed directly by Guardz and are not available in the console.

How to Submit a Console Access Request?

  • Log in to Guardz and navigate to the 'Security Controls' section

  • Locate the email protection section and open it

  • Click on the 'Portal Access' record

  • Click on the 'Add User' button

  • Fill in the requested details and click 'Add'

Please note:

  • Requests can be submitted for one user at a time only.

  • It may take a couple of minutes to create the user. Once the process is complete, an email containing a link to the portal will be sent to the user.

What Elements are Accessible (per Role)?

1. Read & Write Access

Users have full access to investigate threats, review email activity, and manage certain security actions.

Home Dashboard

The Home Dashboard provides a high-level overview of your organization's email security activity. It includes key metrics such as:

  • Detected threats

  • Phishing attempts

  • Malware detections

  • Quarantined emails

  • Security activity trends

This dashboard helps admins quickly understand the current threat landscape and identify areas that require further investigation.

Events Management

The Events Management page provides a centralized view of all security events detected by the email protection system. Each event represents a message or activity that triggered a security detection engine. From this page, admins can:

  • Review detected threats

  • Filter events by sender, recipient, threat type, or timeframe

  • Open events for deeper investigation

  • Take remediation actions

Event Investigation and Remediation

The Event Investigation view provides detailed information about individual security events. Admins can review:

  • Sender and recipient details

  • Email metadata

  • Threat classification

  • Detection engines involved

  • Security verdicts

From this view, admins can also perform remediation actions such as:

  • Quarantining malicious emails

  • Releasing false positives

  • Removing messages from user mailboxes

Mail Explorer

Mail Explorer allows admins to search across email traffic within the environment. Using advanced filters, admins can locate messages based on:

  • Sender or recipient

  • Subject

  • Time range

  • Detection results

  • Attachments

User Interactions

The User Interactions section provides visibility into how end users interact with the security system. This includes user-reported phishing emails and system-generated security actions.

User Interaction Dashboard

The dashboard summarizes user-reported activity and interaction trends.

It provides visibility into:

  1. Phishing Reports

    This section displays emails reported by users as suspicious through reporting tools such as a Report Phishing button. admins can:

    1. Review reported emails

    2. Confirm whether the email is malicious

    3. Trigger remediation if necessary

  2. Quarantined Items

    The Quarantine section lists emails that were automatically or manually quarantined by security engines. Admins can:

    1. Review quarantined emails

    2. Release legitimate messages

    3. Confirm malicious emails remain quarantined

  3. Modified Attachments

    This section shows emails where attachments were modified by the system to remove potential threats. Examples include:

    1. Removal of malicious content

    2. Sanitization of suspicious attachments

    3. Conversion of risky file types

  4. Smart Banners

    Smart Banners are warning messages added to emails that display suspicious characteristics. Examples include warnings for:

    1. External senders

    2. Potential phishing attempts

    3. Unusual sender behavior

    Admins have the ability to edit the smart banners.

Analytics

The Analytics section provides reporting and visual insights into security activity.

Admins can analyze:

  • Threat detection statistics

  • Email traffic patterns

  • User interaction trends

  • Security engine performance

Security Settings β†’ Security Engines

The Security Engines section displays the detection engines used to analyze email traffic. These engines use multiple technologies to detect threats such as:

  • Phishing attempts

  • Malware

  • Malicious links

  • Suspicious sender behavior

Admins will be able to set the security engine.

Exceptions

The Exceptions section allows admins to create rules that bypass or modify security processing for specific emails. Exceptions can be configured based on:

  • Sender or domain

  • Recipient

  • Subject

  • Attachment type

Please note:
Exceptions created in the console are automatically synchronized back to the Guardz platform to maintain configuration consistency.

2. Read-Only Access

Under this role the users can view the same areas as detailed above without the ability to modify them.

3. Hidden / Not Accessible

Certain areas of the console are not available when accessed through Guardz. These sections are restricted to prevent configuration conflicts with Guardz-managed security policies.

User Interactions β†’ Misdirected Emails

The Misdirected Emails feature is not available through the Guardz-integrated console.

Security Settings

Most advanced security configuration areas are hidden. Restricted features include:

  • SaaS Applications

  • Smart Config

Check Point Documentation

For further details on Check Point configuration and portal functionality, please consult the publicly available Help Center via this link.

Related Articles
Guardz Email Protection
Your Guide to the User Portal
Introduction to Check Point Email Protection
Check Point Email Protection: Management, Configuring & Policies Handling
Check Point Email Protection Early Access
Did this answer your question?