Cisco Cisco Email Security Appliance C650 Guía Del Usuario
12-3
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 12 Cisco IronPortEmail Encryption
Note
When opening an encrypted email message for the first time, the recipient is required to register
with the key service to open the secure envelope. After registering, the recipient may be able to
open encrypted messages without authenticating, depending on settings configured in the
encryption profile. The encryption profile may specify that a password isn’t required, but certain
features will be unavailable.
with the key service to open the secure envelope. After registering, the recipient may be able to
open encrypted messages without authenticating, depending on settings configured in the
encryption profile. The encryption profile may specify that a password isn’t required, but certain
features will be unavailable.
Step 4
The decrypted message is displayed.
Configuring the Email Encryption Profile
To use encryption with the Email Security appliance, you must configure an encryption profile. You can
enable and configure an encryption profile using the
enable and configure an encryption profile using the
encryptionconfig
CLI command, or via Security
Services > IronPort Email Encryption in the GUI.
Editing Email Encryption Global Settings
Step 1
Click Security Services > IronPort Email Encryption.
Step 2
Click Enable.
Step 3
Optionally, click Edit Settings and configure a proxy server.
Figure 12-2
Configuring Global Settings
Adding an Encryption Profile
You can create one or more encryption profiles if you use a local key service. You might want to create
different encryption profiles if you want to use different levels of security for different groups of email.
For example, you might want messages containing sensitive material to be sent with high security, but
other messages to be sent with medium security. In this case, you might create a high security encryption
profile to associate with the messages containing certain key words (such as ‘confidential’), and create
another encryption profile for other outgoing messages.
different encryption profiles if you want to use different levels of security for different groups of email.
For example, you might want messages containing sensitive material to be sent with high security, but
other messages to be sent with medium security. In this case, you might create a high security encryption
profile to associate with the messages containing certain key words (such as ‘confidential’), and create
another encryption profile for other outgoing messages.
You can assign an encryption profile to a custom user role to allow delegated administrators assigned to
that role to use the encryption profile with their DLP policies and content filters. Only administrators,
operators, and delegated users can use encryption profiles when configuring DLP policies and content
that role to use the encryption profile with their DLP policies and content filters. Only administrators,
operators, and delegated users can use encryption profiles when configuring DLP policies and content