Cisco Cisco Email Security Appliance C170 Guía Del Usuario
18-34
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 18 Data Loss Prevention
Message Actions
•
Encrypting messages. The appliance only encrypts the message body. It does not encrypt the
message headers.
message headers.
•
Altering the subject header of messages containing a DLP violation.
•
Adding disclaimer text to messages.
•
Sending messages to an alternate destination mailhost.
•
Sending copies (bcc) of messages to other recipients. (For example, you could copy messages with
critical DLP violations to a compliance officer’s mailbox for examination.)
critical DLP violations to a compliance officer’s mailbox for examination.)
•
Sending a DLP violation notification message to the sender or other contacts, such as a manager or
DLP compliance officer. See
DLP compliance officer. See
.
Note
These actions are not mutually exclusive: you can combine some of them within different DLP policies
for various processing needs for different user groups. You can also configure different treatments based
on the different severity levels in the same policy. For example, you may want to quarantine messages
with critical DLP violations and send a notification to a compliance officer, but you may want to deliver
messages with low severity levels.
for various processing needs for different user groups. You can also configure different treatments based
on the different severity levels in the same policy. For example, you may want to quarantine messages
with critical DLP violations and send a notification to a compliance officer, but you may want to deliver
messages with low severity levels.
Related Topics
•
•
•
Defining Actions to Take for DLP Violations (Message Actions)
Before You Begin
•
Create at least one dedicated quarantine to hold messages (or copies of messages) that violate DLP
policies.
policies.
This can be a local quarantine on an Email Security appliance or a centralized quarantine on a
Security Management appliance.
Security Management appliance.
For deployments with Enterprise Manager:
–
Set a timeout large enough for Enterprise Manager to complete its tasks.
–
Consider automatic actions carefully; although quarantined messages must be managed in
Enterprise Manager, the Email Security appliance still releases or deletes quarantined messages
when the quarantine exceeds the allotted space.
Enterprise Manager, the Email Security appliance still releases or deletes quarantined messages
when the quarantine exceeds the allotted space.
For information, see
•
If you want to encrypt messages before delivery, make sure you have set up an encryption profile.
See
See
•
To include disclaimer text when delivering messages with DLP violations or suspected violations,
specify disclaimer text in Mail Policies > Text Resources. For information, see
specify disclaimer text in Mail Policies > Text Resources. For information, see
•
To send a notification to the sender of a DLP violation or to another person such as a compliance
officer, first create the DLP notification template. See
officer, first create the DLP notification template. See