Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Cisco
  4. Cisco Email Security Appliance X1070
  5. Libro blanco

Cisco Cisco Email Security Appliance X1070 Libro blanco

Descargar
Página de 11
© 2016 Cisco and/or its affiliates. All rights reserved.
3
Preface
This document is for Cisco customers, Cisco channel partners and 
Cisco Engineers setting up secure communications via email using TLS.
Transport Layer Security or TLS is one of the ways to achieve this. In 
this document we will focus only on TLS.
TLS is a security feature that does not require an additional license.
In this guide, you will learn how to send encrypted messages securely 
via email that only the intended recipient of that message can decrypt or 
decode.
Note:
 Cisco Email Security includes the following deployment options:
• 
Cloud Email Security (CES)
• 
Email Security Virtual Appliance (ESAV)
• 
Email Security Appliance (ESA)
TLS can be implemented in any of these deployment options using the 
same configuration steps.
Introduction
This document covers the following:
• 
What is TLS – basic definition?
• 
What is needed to enable TLS on Cisco Email Security?
• 
How to setup SSL certificates on Cisco Email Security for TLS 
encryption
• 
How to enable TLS for incoming emails (receiving)
• 
How to enable TLS for incoming emails (receiving) from specific 
domains or users@specificdomain
• 
How to enable TLS for outbound emails (delivery)
• 
How to enable TLS for outbound emails (delivery) for specific partner 
domains
• 
How to determine if Cisco Email Security is using TLS for delivery or 
receiving
• 
The Performance Impact of TLS Encryption
Technical Details
What is TLS – basic definition?
As defined in RFC 3207, “TLS is an extension to the SMTP service 
that allows an SMTP server and client to use transport-layer security to 
provide private, authenticated communication over the Internet. TLS is 
a popular mechanism for enhancing TCP communications with privacy 
and authentication.” The STARTTLS implementation on Cisco Email 
Security provides privacy through encryption. It allows you to import a 
X.509 certificate and private key from a certificate authority service, or 
use a self-signed certificate.
What is needed to enable TLS on Cisco Email Security?
1. Certificates – obtain a Third Party SSL certificate from your preferred 
Certificate Authority
2. Installation of certificates on Cisco Email Security 
3. Enable TLS on the system for receiving, delivery, or both
Note:
 Cisco Email Security includes a demonstration certificate 
for testing purposes. The demo certificate is not secure and is not 
recommended for general use.
Cisco Email Security Certificate Installation Requirements
You must have these items available in Privacy Enhanced Mail (PEM) 
format in order to install a certificate on the Cisco Email Security:
• 
The X.509 certificate
• 
The private key that matches your certificate
• 
Any intermediate certificates that are provided by your Certificate 
Authority (CA)
Cisco Email Security Services that Require Certificates
Certificates can be used for these four services:
• 
Inbound Transport Layer Security (TLS)
How-To Secure Communications -  
Setting Up Transport Layer Security (TLS)
Cisco Public