Migrate to Email security
This page aims at showing you how to perform Area 1 actions in Zero Trust Email security, and new terminology introduced in Email security.
In Area 1, you can reach out to support via the following email addresses:
- support@area1security.com
- phishguard@area1security.com (for PhishGuard customers only)
In Email security, you can raise a ticket by contacting technical support ↗ on the Cloudflare dashboard:
- Select your account and choose Technical support.
- In Solve your issue, answer the following questions:
- What type of question do you have? Select Technical - Other Products
- In what area can we help you? Select Email security
- What feature, service or problem is this related to? Choose among Configuration, Detections or PhishGuard.
In Area 1, you invite users by logging in to the Area 1 portal and inviting members.
To invite users in Zero Trust Email security:
- Log in to Cloudflare One ↗.
- Go to Manage Account.
- Select Members > Invite > Add account members.
Once you have added new account members, you will have to assign each member an Email security role.
| Area 1 | Email security | Description |
|---|---|---|
| N/A | Cloudflare Zero Trust | Can edit Cloudflare Zero Trust. Has administrator access to all Zero Trust products including Access, Gateway, the Cloudflare One Client, Tunnel, Browser Isolation, CASB, DLP, DEX, and Email security. |
| Super Admin | Email security Analyst + Email security Configuration Admin = Super Admin | Has full access to all admin features in Email security |
| Configuration Admin | Email security Configuration Admin | Has administrator access. Cannot take actions on emails, or read emails |
| SOC Analyst | Email security Analyst | Has analyst access. Can take action on emails and read emails. |
| Viewer | Email security Reporting | Can read metrics |
| N/A | Cloudflare Zero Trust PII | Can read PII in Zero Trust (this includes Email security) |
| N/A | Email security Policy Admin | Can read all settings, but only write allow policies, trusted domains, and blocked senders |
In Area 1, you can create alert webhooks.
In Zero Trust Email security, webhooks are instead referred to as logs. You can enable detection logs and/or user action logs. Additionally, you can enable Outbound Data Loss Prevention to protect sensitive information in outbound emails.
You can check the Area 1 and Email security status in the Cloudflare System Status ↗.
To view Area 1 status:
- Search for Email security (Area1) and check that the status is set to Operational. This means that emails are being processed.
- Search for Area 1 - Dash to check the status of the Area 1 dashboard.
- Search for Area 1 - API to check the status of the API endpoints.
To view Email security status:
- Search for Email security (Zero Trust) and check that the status is set to Operational. This means that emails are being processed.
- Search for Zero Trust Dashboard to check the status of the Zero Trust dashboard.
- Search for API to check the status of the API endpoints.
You can also check the status of APIs through the Cloudflare Status API ↗ and configure Cloudflare Notifications.
In Area 1, you receive daily or weekly updates of the number of emails dispositioned.
In Email security, you can view email monitoring over the last 90, 30, 7, 3, 1 day(s).
In Area 1, you receive an email when an email is assigned a disposition.
In Email security, you enable Logpush to enable detection logs.
In Area 1, you can perform two types of search: Fielded Search and Freeform Search.
In Email security, the ability to search emails has been expanded. You can use three different screen criteria to search emails:
In Area 1, you can check statistics in your Home section.
In Email security, you can check your metrics in the Monitoring section in the dashboard.
Area 1 allows you to set up message retraction to move messages to specific folders. This is known as retraction.
Moving messages to a specific folder is known as auto-moves in Zero Trust Email security.
This table displays the difference in terminology used when creating policies:
| Area 1 | Email security |
|---|---|
| Allowed patterns | Allow policies |
| Block lists | Blocked senders |
| Trusted domains | Trusted domains |
| Text add-ons | Text add-ons |
| Link actions | Link actions |
| Added detections | Additional detections |
This table displays the difference in terminology used when finding emails whose disposition is incorrect:
| Area 1 | Email security |
|---|---|
| Report false negative/false positive | Submit messages for review |
| N/A | Escalate user submissions |
| Team submission | Team submissions |
| User submission | User submissions |
In Area 1, you can set up a Business email compromise (BEC) list to protect against attackers who try to impersonate executives.
In Email security, this feature is known as impersonation registry.
In Area 1, you can integrate directories in your email provider.
In Email security, you can add and sync directories.
To access Area 1 API, go to the API Documentation ↗. You can set up a service account ↗ to configure API tokens.
To access Email security API, go to Email security API ↗. You can set up an API token to use the Email security API.