WatchGuard WG018273 Manuel D’Utilisation
www.watchguard.com
page 3
All email sent from the organization passes through the WatchGuard XCS appliance Data Loss Prevention
engine, which scans the data and matches it against pre-defined company and regulatory policies. Each
message then undergoes remediation whereby it is checked to determine if it needs to be encrypted,
quarantined, bounced, or handled in other ways as set by the policies set up by the Administrator, as shown
in Figure 2 below.
engine, which scans the data and matches it against pre-defined company and regulatory policies. Each
message then undergoes remediation whereby it is checked to determine if it needs to be encrypted,
quarantined, bounced, or handled in other ways as set by the policies set up by the Administrator, as shown
in Figure 2 below.
Once undergoing content filtering
inspection, if content or an attachment of
a message matches a policy which has
been specified for encryption, the
WatchGuard XCS processes the outbound
email and encrypts the message locally.
The key used to encrypt the message is
stored by Cisco Registered Envelope
Service (CRES), while the message is
queued for outbound delivery.
inspection, if content or an attachment of
a message matches a policy which has
been specified for encryption, the
WatchGuard XCS processes the outbound
email and encrypts the message locally.
The key used to encrypt the message is
stored by Cisco Registered Envelope
Service (CRES), while the message is
queued for outbound delivery.
Recipients of encrypted messages using
the WatchGuard Email Encryption solution
do not require special software or
applications to open an encrypted email.
Encrypted messages can be opened with
any email program and any web browser
running on any operating system. The
process is quite simple: recipients open an
HTML email attachment, enter a
password, and view the secure message.
the WatchGuard Email Encryption solution
do not require special software or
applications to open an encrypted email.
Encrypted messages can be opened with
any email program and any web browser
running on any operating system. The
process is quite simple: recipients open an
HTML email attachment, enter a
password, and view the secure message.
Figure 2: Discovery, Remediation and Inspection of Outgoing
Messages
Messages
HOSTED KEYS SERVICE
WatchGuard Email Encryption uses the CRES hosted key service, thus enabling instant-on deployment and
reduced management and hardware costs typically associated with local key servers. CRES technology
provides the following benefits:
reduced management and hardware costs typically associated with local key servers. CRES technology
provides the following benefits:
Accounts are instantaneously created and users automatically enrolled
User authentication and message key delivery
Message tracking
SecureReply capability for responding to encrypted messages
User authentication and message key delivery
Message tracking
SecureReply capability for responding to encrypted messages
The CRES hosted key server only holds encryption keys and management information. It does not ever hold
actual email messages and hence offers significant security benefits over other encryption solutions that
host both messages and encryption keys on the same system.
actual email messages and hence offers significant security benefits over other encryption solutions that
host both messages and encryption keys on the same system.
FILTERS AND LEXICONS FOR COMPLIANCE & POLICY MANAGEMENT
WatchGuard Email Encryption pulls on the capabilities of the WatchGuard XCS compliance and policy
dictionaries or custom dictionaries created by the administrator, as well as policies that search the subject
headers and body text of email messages as well as attachments, assisting organizations to comply with
industry regulations including:
dictionaries or custom dictionaries created by the administrator, as well as policies that search the subject
headers and body text of email messages as well as attachments, assisting organizations to comply with
industry regulations including:
HIPAA (Health Insurance Portability and Accountability Act)
GLBA (Graham-Leach-Bliley Act)
GLBA (Graham-Leach-Bliley Act)