Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
11-4
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 11 Data Loss Prevention
When you switch the Email Security appliance’s data into RSA Enterprise Manager mode, the Email
Security appliance saves your existing RSA Email DLP policies in case you switch back to RSA Email
DLP mode later on.
Security appliance saves your existing RSA Email DLP policies in case you switch back to RSA Email
DLP mode later on.
Note
See RSA’s technical documentation on Enterprise Manager for information on managing DLP policies
for the Email Security appliance.
for the Email Security appliance.
Step 1
Select Security Services > RSA Email DLP.
Step 2
Click Enable.
Step 3
The license agreement page is displayed.
Note
If you do not accept the license agreement, RSA Email DLP is not enabled on the appliance.
Step 4
Scroll to the bottom of the page and click Accept to accept the agreement.
Step 5
Under Data Loss Prevention, select RSA Enterprise Manager.
Step 6
Enter the hostname for the Enterprise Manager on your network that you want to use to manage DLP
policies and
policies and
20000
for the port number. Separate the hostname and port number using a colon (
:
).
Step 7
Enter the service port on Email Security to which Enterprise Manager will connect.
Step 8
If you want the Email Security appliance and Enterprise Manager’s connection to use SSL, check the
Enable SSL Communication check box and then select the server certificate for Enterprise Manager and
the client certificate for the Email Security appliance. The certificates must have the appliance’s
hostname for the common name. You can use the same certificate for both the client and server.
Enable SSL Communication check box and then select the server certificate for Enterprise Manager and
the client certificate for the Email Security appliance. The certificates must have the appliance’s
hostname for the common name. You can use the same certificate for both the client and server.
See
for information on setting up certificates for SSL communication between
the appliance and Enterprise Manager.
Step 9
Choose whether to enable fingerprinting for source code and document detection If you select this
option, Enterprise Manager sends fingerprinting detection content to the Email Security appliance.
Fingerprinting can be used to detect the following:
option, Enterprise Manager sends fingerprinting detection content to the Email Security appliance.
Fingerprinting can be used to detect the following:
•
Databases
•
Full or partial text matches in the text of a document
•
Full binary match, which is a bit-by-bit exact match of a file
Step 10
If message tracking is already enabled on your appliance, choose whether or not to enable matched
content logging. By selecting this, the Cisco IronPort appliance logs DLP violations and AsyncOS
displays the DLP violations and surrounding content in Message Tracking, including sensitive data such
as credit card numbers and social security numbers.
content logging. By selecting this, the Cisco IronPort appliance logs DLP violations and AsyncOS
displays the DLP violations and surrounding content in Message Tracking, including sensitive data such
as credit card numbers and social security numbers.
Step 11
Submit and commit your changes.
Exporting the DLP Configuration
If you want to use the active policies in your existing RSA Email DLP configuration to Enterprise
Manager, you can export the configuration as a .zip file and import the policies into Enterprise Manager.
Manager, you can export the configuration as a .zip file and import the policies into Enterprise Manager.