Cisco Cisco Email Security Appliance C160 Mode D'Emploi
18-32
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 18 Data Loss Prevention
RSA Enterprise Manager
RSA Enterprise Manager and Language Support
The Email Security appliance displays any data it receives from RSA Enterprise Manager in the language
that was used in Enterprise Manager. The appliance does not display this information in the language
you selected for the appliance interface. This applies to DLP policies, content matching classifiers,
dictionaries, and anything else created in Enterprise Manager that the appliance receives in the data
package. For example, if the DLP policies and classifiers from Enterprise Manager were written in
English but the interface of the Email Security appliance is displayed in French, the Email Security
appliance displays the name and descriptions of the DLP policies and classifiers from Enterprise
Manager in English. The rest of the interface remains in French.
that was used in Enterprise Manager. The appliance does not display this information in the language
you selected for the appliance interface. This applies to DLP policies, content matching classifiers,
dictionaries, and anything else created in Enterprise Manager that the appliance receives in the data
package. For example, if the DLP policies and classifiers from Enterprise Manager were written in
English but the interface of the Email Security appliance is displayed in French, the Email Security
appliance displays the name and descriptions of the DLP policies and classifiers from Enterprise
Manager in English. The rest of the interface remains in French.
Using Enterprise Manager with Clustered Appliances
If you are using Enterprise Manager to manage the DLP policies for clustered Email Security appliances,
be aware of the following:
be aware of the following:
•
The Email Security appliance sends Enterprise Manager the outgoing mail policies and message
actions from the lowest cluster level where these settings are configured. If these settings are
configured differently at the cluster and machine level, the Email Security appliance sends
Enterprise Manager the settings from the machine level. If you want to use the outgoing mail
policies and message actions configured at a higher cluster level, delete the policies and actions
defined at the lower levels that you do not want to use.
actions from the lowest cluster level where these settings are configured. If these settings are
configured differently at the cluster and machine level, the Email Security appliance sends
Enterprise Manager the settings from the machine level. If you want to use the outgoing mail
policies and message actions configured at a higher cluster level, delete the policies and actions
defined at the lower levels that you do not want to use.
•
The Email Security appliance uses the Data Loss Prevention mode specified at the lowest cluster
level where this setting is configured. For example, if a clustered appliance is configured to use the
local RSA Email DLP mode at machine level and RSA Enterprise Manager at the cluster level, the
appliance uses RSA Email DLP for data loss prevention and does not communicate with Enterprise
Manager.
level where this setting is configured. For example, if a clustered appliance is configured to use the
local RSA Email DLP mode at machine level and RSA Enterprise Manager at the cluster level, the
appliance uses RSA Email DLP for data loss prevention and does not communicate with Enterprise
Manager.
About Deleting and Disabling Policies in Enterprise Manager Deployments
Deleting and Disabling DLP Policies
•
To delete DLP policies, use Enterprise Manager.
•
To disable or enable DLP policies, use the Email Security appliance. Go to Mail Policies > DLP
Policy Manager.
Policy Manager.
Any outgoing mail policies associated with the disabled DLP policy will skip the policy when
evaluating messages for DLP violations.
evaluating messages for DLP violations.
Deleting Outgoing Mail Policies
If you try to delete an outgoing mail policy that is linked to a DLP policy, the Email Security appliance
displays a message warning you that the mail policy is currently in use. If you delete the policy anyway,
Enterprise Manager automatically unlinks the deleted outgoing mail policy from any DLP policy that
used it. Other than not scanning for messages based on the configuration of the deleted mail policy, DLP
scanning continues to work as before. The next DLP policy package sent to the Email Security appliance
by Enterprise Manager will not include anything related to the deleted mail policy.
displays a message warning you that the mail policy is currently in use. If you delete the policy anyway,
Enterprise Manager automatically unlinks the deleted outgoing mail policy from any DLP policy that
used it. Other than not scanning for messages based on the configuration of the deleted mail policy, DLP
scanning continues to work as before. The next DLP policy package sent to the Email Security appliance
by Enterprise Manager will not include anything related to the deleted mail policy.