Cisco Cisco Email Security Appliance X1070 User Guide
18-29
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 18 Data Loss Prevention
RSA Enterprise Manager
Completing SSL Configuration
You will complete the SSL configuration in “
.”
Enabling Enterprise Manager DLP and Configuring the Connection with the Email Security
Appliance
Appliance
Before You Begin
•
Complete all steps prior to this step in the table in
.
•
If your deployment includes RSA’s DLP Datacenter, you can enable fingerprinting. For more
information, see
information, see
.
Procedure
Step 1
Select Security Services > RSA Email DLP on the Email Security appliance.
Step 2
If you have previously enabled Data Loss Prevention, click Edit Settings and then skip to
.
Step 3
Click Enable.
Step 4
Scroll to the bottom of the license agreement page and click Accept to accept the agreement.
Note
If you do not accept the license agreement, Data Loss Prevention is not enabled on the appliance.
Step 5
Under Data Loss Prevention, select RSA Enterprise Manager.
Step 6
Enter the hostname for the Enterprise Manager server on your network that you want to use to manage
DLP policies and
DLP policies and
20000
for the port number. Separate the hostname and port number using a colon (
:
).
Step 7
To use an SSL connection between the Email Security appliance and Enterprise Manager:
a.
Check the Enable SSL Communication check box
b.
Select the Server Certificate. The server is Enterprise Manager.
c.
Select the Client Certificate. The client is the Email Security appliance.
You can use the same certificate for client and server.
Step 8
(Optional) If your deployment includes RSA’s DLP Datacenter, choose whether to enable fingerprinting
to improve detection of source code, databases, and other documents.
to improve detection of source code, databases, and other documents.
Step 9
(Optional) If message tracking is already enabled on your appliance, choose whether or not to enable
matched content logging.
matched content logging.
If you select this, the Email Security appliance logs DLP violations and AsyncOS displays the DLP
violations and surrounding content in Message Tracking, including sensitive data such as credit card
numbers and social security numbers.
violations and surrounding content in Message Tracking, including sensitive data such as credit card
numbers and social security numbers.
Step 10
Do not enable your appliance to automatically download updates to the DLP engine.
Step 11
Submit and commit your changes.
The Email Security appliance sends the configuration to Enterprise Manager, which automatically adds
the appliance as a partner device.
the appliance as a partner device.