Cisco Cisco Email Security Appliance C650 Guía Del Usuario
17-30
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 17 Data Loss Prevention
RSA Enterprise Manager
c.
Select the Client Certificate. The client is the Email Security appliance.
You can use the same certificate for client and server.
Step 8
(Optional) If your deployment includes RSA’s DLP Datacenter, choose whether to enable fingerprinting
to improve detection of source code, databases, and other documents.
to improve detection of source code, databases, and other documents.
Step 9
(Optional) If message tracking is already enabled on your appliance, choose whether or not to enable
matched content logging.
matched content logging.
If you select this, the Email Security appliance logs DLP violations and AsyncOS displays the DLP
violations and surrounding content in Message Tracking, including sensitive data such as credit card
numbers and social security numbers.
violations and surrounding content in Message Tracking, including sensitive data such as credit card
numbers and social security numbers.
Step 10
Do not enable your appliance to automatically download updates to the DLP engine.
Step 11
Submit and commit your changes.
The Email Security appliance sends the configuration to Enterprise Manager, which automatically adds
the appliance as a partner device.
the appliance as a partner device.
Using LDAP to Identify Message Senders for Enterprise Manager
When the Email Security appliance sends DLP incident data to Enterprise Manager, the appliance must
include the complete LDAP distinguished names in order to identify message senders. The appliance
retrieves this information from an LDAP server.
include the complete LDAP distinguished names in order to identify message senders. The appliance
retrieves this information from an LDAP server.
Before You Begin
•
Complete all steps to this point in the table in
. The User Distinguished Name Query option is not
available unless you follow these instructions.
•
Create an LDAP server profile on your Email Security appliance. See
for more information.
•
Create a query string that the appliance will use to retrieve the complete distinguished name unless
you want to use the default query. For Active Directory servers, the default query string is
you want to use the default query. For Active Directory servers, the default query string is
(proxyAddresses=smtp:{a})
. For OpenLDAP servers, the default query string is
(mail={a})
. You
can define your own query and email attributes, including multiple attributes separated by commas.
Procedure
Step 1
Select System Administration > LDAP on the Email Security appliance.
Step 2
Edit the profile for the LDAP server you want to use.
Step 3
Select the check box for User Distinguished Name Query.
This option is available only if you have selected RSA Enterprise Manager as the DLP deployment
option.
option.
Step 4
Enter a name for the query.
Step 5
Enter the query string for retrieving the user distinguished name.
Step 6
Click the button to test your query.