Cisco Cisco Email Security Appliance C190 Guía Del Usuario
18-6
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 18 Cisco Email Encryption
Encrypting Messages using the Email Security Appliance
Step 7
Click Advanced under Key Server Settings to specify whether to use HTTP or HTTPS for transferring
the envelope’s encrypted payload when the recipient opens the envelope. Choose from one of the
following:
the envelope’s encrypted payload when the recipient opens the envelope. Choose from one of the
following:
•
Use the Key Service with HTTP. Transfers the encrypted payload from the key service using HTTP
when the recipient opens the envelope. If you are using Cisco Registered Envelope Service, this is
the URL you specified in
when the recipient opens the envelope. If you are using Cisco Registered Envelope Service, this is
the URL you specified in
. If you are using the Cisco Encryption appliance, this is the external
URL you specified in
Since the payload is already encrypted, transporting it over HTTP is safe and faster than sending
over HTTPS. This provides better performance than sending image requests over HTTPS.
over HTTPS. This provides better performance than sending image requests over HTTPS.
•
Use the Key Service with HTTPS. Transfers the encrypted payload from the key service using
HTTPS when the recipient opens the envelope. If you are using Cisco Registered Envelope Service,
this is the URL you specified in
HTTPS when the recipient opens the envelope. If you are using Cisco Registered Envelope Service,
this is the URL you specified in
. If you are using the Cisco Encryption appliance, this is the
.
•
Specify a separate URL for payload transport. If you don’t want to use the key server for your
encrypted payload, you can use another URL and specify whether to use HTTP or HTTPS for the
payload transfer.
encrypted payload, you can use another URL and specify whether to use HTTP or HTTPS for the
payload transfer.
Step 8
In the Envelope Settings section, select the level of message security:
•
High Security. The recipient must always enter a password to open encrypted messages.
•
Medium Security. The recipient does not need to enter credentials to open the encrypted message
if the recipient credentials are cached.
if the recipient credentials are cached.
•
No Password Required. This is the lowest level of encrypted message security. The recipient does
not need to enter a password to open the encrypted message. You can still enable the read receipts,
Secure Reply All, and Secure Message Forwarding features for envelopes that are not
password-protected.
not need to enter a password to open the encrypted message. You can still enable the read receipts,
Secure Reply All, and Secure Message Forwarding features for envelopes that are not
password-protected.
Step 9
To enable users to open your organization’s URL by clicking its logo, you can add a link to the logo.
Choose from the following options:
Choose from the following options:
•
No link. A live link is not added to the message envelope.
•
Custom link URL. Enter the URL to add a live link to the message envelope.
Step 10
(Optional) Enable read receipts. If you enable this option, the sender receives a receipt when recipients
open the secure envelope.
open the secure envelope.
Step 11
(Optional) Click Advanced under Envelope Settings to configure the following settings:
•
Enter the length of time (in seconds) that a message can be in the encryption queue before timing
out. Once a message times out, the appliance bounces the message and sends a notification to the
sender.
out. Once a message times out, the appliance bounces the message and sends a notification to the
sender.
•
Select an encryption algorithm:
–
ARC4. ARC4 is the most common choice, providing strong encryption with minimal
decryption delays for message recipients.
decryption delays for message recipients.
–
AES. AES provides stronger encryption but also takes longer to decrypt, introducing delays for
recipients. AES is typically used in government and banking applications.
recipients. AES is typically used in government and banking applications.
•
Enable or disable the decryption applet. Enabling this option causes the message attachment to be
opened in the browser environment. Disabling this option causes message attachments to be
decrypted at the key server. If you disable this option, messages may take longer to open, but are not
dependent on the browser environment.
opened in the browser environment. Disabling this option causes message attachments to be
decrypted at the key server. If you disable this option, messages may take longer to open, but are not
dependent on the browser environment.
Step 12
In the Message Settings section, do the following:
•
To enable secure reply all feature, check the Enable Secure Reply All check box.