Cisco Cisco Email Security Appliance C650 Guía Del Usuario
15-30
Cisco AsyncOS 8.0 for Email User Guide
Chapter 15 Data Loss Prevention
RSA Enterprise Manager
Step 10
Do not enable your appliance to automatically download updates to the DLP engine.
Step 11
Submit and commit your changes.
The Email Security appliance sends the configuration to Enterprise Manager, which automatically adds
the appliance as a partner device.
the appliance as a partner device.
Using LDAP to Identify Message Senders for Enterprise Manager
When the Email Security appliance sends DLP incident data to Enterprise Manager, the appliance must
include the complete LDAP distinguished names in order to identify message senders. The appliance
retrieves this information from an LDAP server.
include the complete LDAP distinguished names in order to identify message senders. The appliance
retrieves this information from an LDAP server.
Before You Begin
•
Complete all steps to this point in the table in
. The User Distinguished Name Query option is not
available unless you follow these instructions.
•
Create an LDAP server profile on your Email Security appliance. See
for more information.
•
Create a query string that the appliance will use to retrieve the complete distinguished name unless
you want to use the default query. For Active Directory servers, the default query string is
you want to use the default query. For Active Directory servers, the default query string is
(proxyAddresses=smtp:{a})
. For OpenLDAP servers, the default query string is
(mail={a})
. You
can define your own query and email attributes, including multiple attributes separated by commas.
Procedure
Step 1
Select System Administration > LDAP on the Email Security appliance.
Step 2
Edit the profile for the LDAP server you want to use.
Step 3
Select the check box for User Distinguished Name Query.
This option is available only if you have selected RSA Enterprise Manager as the DLP deployment
option.
option.
Step 4
Enter a name for the query.
Step 5
Enter the query string for retrieving the user distinguished name.
Step 6
Click the button to test your query.
Step 7
Submit and commit your changes.
About Associating Outgoing Mail Policies with DLP Policies in Enterprise Manager Deployments
You will use Enterprise Manager to associate Outgoing Mail Policies with DLP policies, in order to
specify which DLP policies apply to which senders and recipients. For information, see the RSA
Enterprise Manager documentation. Enterprise Manager sends this information to the Email Security
appliances for use when scanning messages.
specify which DLP policies apply to which senders and recipients. For information, see the RSA
Enterprise Manager documentation. Enterprise Manager sends this information to the Email Security
appliances for use when scanning messages.
Unlike with RSA Email DLP, outgoing mail policies cannot use the default mail policy’s DLP settings
when Enterprise Manager is enabled. If a mail policy is not specified for a DLP policy in Enterprise
Manager, DLP scanning is not enabled on the mail policy.
when Enterprise Manager is enabled. If a mail policy is not specified for a DLP policy in Enterprise
Manager, DLP scanning is not enabled on the mail policy.