This article outlines the supported environments framework for Mimecast end user applications and administrative portals, as well as Large File Send access key generation pages.
Browser Support Matrix
|Browser||Administration Console *||Connect Application||Mimecast Personal Portal||Secure Messaging||Large File Send||Targeted Threat Protection|
|Internet Explorer 11||✓||✓||✓||✓||✓||✓|
|Firefox v3 Onwards||✓||✓||✓||✓||✓||✓|
* Devices with a browser resolution lower than 768px aren't currently supported.
TLS and SSL Protocols
Our web applications are accessed using Hypertext Transfer Protocol Secure (HTTPS). Technically HTTPS is not a protocol. It's the result of layering HTTP on top of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) thereby adding the security of these protocols to cleartext HTTP communications. Using these cryptographic protocols doesn't guarantee the connection is secure. As such, we only support certain protocol versions and ciphers.
The quality of the protection provided by SSL relies on the private key (the basis for the security) and the certificate (which conveys the identity of the server to its visitors). We use an SSL certificate issued by Verisign, a reputable Certificate Authority (CA) that has a 2048-bit RSA key. We no longer support SSLv3 for inbound browser connections. Instead one of the following TLS versions should be used:
|Considered to be secure. There are no known major security weaknesses (provided it is properly implemented).|
|TLS v1.1 and 1.2||The most secure protocols that have no known security issues. However, many server and client systems do not currently support these protocols.|
TLS/SSL cipher suites enforce the actual security of the encrypted session. We support several strong cipher suites with a minimum of 128 bits. This guarantees your secure connection cannot be decrypted if intercepted. The following cipher suites aren't supported:
|Cipher||Reason for Non-Support|
|Anonymous Diffie-Hellman (ADH) suites||It provides no authentication.|
|NULL cipher suites||It provides no encryption.|
|EXPORT cipher suites||It uses trivial encryption.|
|WEAK cipher suites||It typically uses less than 128 bit.|
|Rivest Cipher 4 (RC4)||It is insecure.|
We're also unable to support any connections using the RC4 cipher, and will be rejected by the Mimecast API. We strongly recommend you update your operating system and browsers to more recent secure versions in order to maintain security.
Internet Explorer Settings
We recommend that the following Internet Explorer browser settings are used:
|Disable compatibility mode for our domains.|
|Add our logon URLs to your trusted sites.|
|Clear all temporary internet files, cookies, and browsing history.|
If you've Device Enrollment enabled, deleting cookies will mean re-enabling your device.
With older IE versions, data can only be cleared if your browser is closed. To clear this data, right click on the IE icon and click on the "Internet Options" menu item.
|Allow first and third party cookies.|
|Allow webpage animations.|
|Disable accessing data sources across across domains.|
This is required for Administration Console access only using IE 10 / 11.