Cisco Cisco Email Security Appliance C190 Guía Del Usuario
12-6
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 12 Cisco IronPortEmail Encryption
Step 7
Click Advanced under Key Server Settings to specify whether to use HTTP or HTTPS for transfering
the envelope’s encrypted payload when the recipient opens the envelope. You can from one of the
following:
the envelope’s encrypted payload when the recipient opens the envelope. You can from one of the
following:
•
Use the Key Service with HTTP. Transfers the encrpyted payload from the key service using HTTP
when the recipient opens the envelope. If you are using Cisco Registered Envelope Service, this is
the URL you specified in
when the recipient opens the envelope. If you are using Cisco Registered Envelope Service, this is
the URL you specified in
. If you are using the Cisco IronPort Encryption appliance, this is
the external URL you specified in
Since the payload is already encrypted, transporting it over HTTP is safe and faster than sending
over HTTPS. This provides better performance than sending image requests over HTTPS.
over HTTPS. This provides better performance than sending image requests over HTTPS.
•
Use the Key Service with HTTPS. Transfers the encrpyted payload from the key service using
HTTPS when the recipient opens the envelope. If you are using Cisco Registered Envelope Service,
this is the URL you specified in
HTTPS when the recipient opens the envelope. If you are using Cisco Registered Envelope Service,
this is the URL you specified in
. If you are using the Cisco IronPort Encryption appliance,
this is the external URL you specified in
•
Specify a separate URL for payload transport. If you don’t want to use the key server for your
encrypted payload, you can use another URL and specify whether to use HTTP or HTTPS for the
payload transfer.
encrypted payload, you can use another URL and specify whether to use HTTP or HTTPS for the
payload transfer.
Step 8
In the Envelope Settings section, select the level of message security:
•
High Security. The recipient must always enter a password to open encrypted messages.
•
Medium Security. The recipient does not need to enter credentials to open the encrypted message
if the recipient credentials are cached.
if the recipient credentials are cached.
•
No Password Required. This is the lowest level of encrypted message security. The recipient does
not need to enter a password to open the encrypted message, but the read receipts, Secure Reply,
Secure Reply All, and Secure Message Forwarding features will be unavailable to prevent another
email user from sending a message on behalf of the original recipient.
not need to enter a password to open the encrypted message, but the read receipts, Secure Reply,
Secure Reply All, and Secure Message Forwarding features will be unavailable to prevent another
email user from sending a message on behalf of the original recipient.
Step 9
To enable users to open your organization’s URL by clicking its logo, you can add a link to the logo.
Choose from the following options:
Choose from the following options:
•
No link. A live link is not added to the message envelope.
•
Custom link URL. Enter the URL to add a live link to the message envelope.
Step 10
Optionally, enable read receipts. If you enable this option, the sender receives a receipt when recipients
open the secure envelope.
open the secure envelope.
Step 11
Optionally, click Advanced under Envelope Settings to configure the following settings:
•
Enter the length of time (in seconds) that a message can be in the encryption queue before timing
out. Once a message times out, the appliance bounces the message and sends a notification to the
sender.
out. Once a message times out, the appliance bounces the message and sends a notification to the
sender.
•
Select an encryption algorithm:
–
ARC4. ARC4 is the most common choice, providing strong encryption with minimal
decryption delays for message recipients.
decryption delays for message recipients.
–
AES. AES provides stronger encryption but also takes longer to decrypt, introducing delays for
recipients. AES is typically used in government and banking applications.
recipients. AES is typically used in government and banking applications.
•
Enable or disable the decryption applet. Enabling this option causes the message attachment to be
opened in the browser environment. Disabling this option causes message attachments to be
decrypted at the key server. If you disable this option, messages may take longer to open, but are not
dependent on the browser environment.
opened in the browser environment. Disabling this option causes message attachments to be
decrypted at the key server. If you disable this option, messages may take longer to open, but are not
dependent on the browser environment.
Step 12
In the Message Settings section, enable or disable Secure Reply All.
Step 13
Enable or disable Secure Message Forwarding.