Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
19-4
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 19 Cisco Email Encryption
Encrypting Messages using the Email Security Appliance
Encrypting Messages using the Email Security Appliance
To use encryption with the Email Security appliance, you must configure an encryption profile. You can
enable and configure an encryption profile using the
enable and configure an encryption profile using the
encryptionconfig
CLI command, or via Security
Services > Cisco IronPort Email Encryption in the GUI.
Note
If PXE and S/MIME encryption is enabled on the appliance, AsyncOS encrypts messages using S/MIME
first, and then using PXE.
first, and then using PXE.
Related Topics
•
•
•
•
Enabling Message Encryption on the Email Security Appliance
Procedure
Step 1
Click Security Services > Cisco IronPort Email Encryption.
Step 2
Click Enable.
Step 3
(Optional) Click Edit Settings to configure the following options:
•
The maximum message size to encrypt. Cisco’s recommended message size is 10 MB. The
maximum message size the appliance will encrypt is 25 MB.
maximum message size the appliance will encrypt is 25 MB.
Note
Encrypting messages larger than the recommended 10 MB limit may slow down the
performance of the appliance.
If you are using the Cisco Registered Envelope Service, message recipients will be unable
to reply to an encrypted message that has attachments larger than 10 MB.
performance of the appliance.
If you are using the Cisco Registered Envelope Service, message recipients will be unable
to reply to an encrypted message that has attachments larger than 10 MB.
•
Email address of the encryption account administrator. When you provision an Encryption Profile,
this email address is registered automatically with the encryption server.
this email address is registered automatically with the encryption server.
•
Configure a proxy server.
Configuring How a Key Service Handles Encrypted Messages
You can create one or more encryption profiles if you use a key service. You might want to create
different encryption profiles if you want to use different levels of security for different groups of email.
For example, you might want messages containing sensitive material to be sent with high security, but
other messages to be sent with medium security. In this case, you might create a high security encryption
profile to associate with the messages containing certain key words (such as ‘confidential’), and create
another encryption profile for other outgoing messages.
different encryption profiles if you want to use different levels of security for different groups of email.
For example, you might want messages containing sensitive material to be sent with high security, but
other messages to be sent with medium security. In this case, you might create a high security encryption
profile to associate with the messages containing certain key words (such as ‘confidential’), and create
another encryption profile for other outgoing messages.