Cisco Cisco Email Security Appliance C650 Guía Del Usuario

the Email Security appliance must include the complete distinguished names for the message senders when it sends DLP 

incident data to Enterprise Manager. To acquire the sender name for Enterprise Manager, create a user distinguished name 

query for your LDAP server and add the query to the listeners that send outgoing messages on your Email Security appliance. 

The Email Security appliance only uses this query when RSA Enterprise Manager is enabled for DLP. Otherwise, it does not 

appear as an option for the server profile.

This section shows sample settings for an Active Directory server and the user distinguished name query. 
This example uses anonymous authentication for the Active Directory server and a query string for user 
distinguished name retrieval for Active Directory servers.

When you configure an LDAP profile, you can configure the Cisco appliance to connect to a list of 
multiple LDAP servers. To use multiple LDAP servers, you must configure LDAP servers to contain the 
same information, use the same structure, and use the same authentication information. (third party 
products exist that can consolidate the records).

When you configure the Cisco appliance to connect to redundant LDAP servers, you can configure the 
LDAP configuration for failover or load balancing. 

You can use multiple LDAP servers to achieve the following results:

Failover. When you configure the LDAP profile for failover, the Cisco appliance fails over to the 
next LDAP server in the list if it cannot connect to the first LDAP server.

Load Balancing. When you configure the LDAP profile for load balancing, the Cisco appliance 
distributes connections across the list of LDAP servers when it performs LDAP queries.

You can configure redundant LDAP servers from the System Administration > LDAP page or from the 
CLI 

ldapconfig

 command.

Anonymous

Active Directory

3268

[Blank]

Use SSL

(proxyAddresses=smtp:{a})