Cisco Cisco Email Security Appliance C160 Mode D'Emploi

To use encryption with the Email Security appliance, you must configure an encryption profile. You can 
enable and configure an encryption profile using the 

encryptionconfig

 CLI command, or via Security 

Services > Cisco IronPort Email Encryption in the GUI.

If PXE and S/MIME encryption is enabled on the appliance, AsyncOS encrypts messages using S/MIME 
first, and then using PXE.

Click Security Services > Cisco IronPort Email Encryption.

Click Enable.

(Optional) Click Edit Settings to configure the following options:

The maximum message size to encrypt. Cisco’s recommended message size is 10 MB. The 
maximum message size the appliance will encrypt is 25 MB.

Encrypting messages larger than the recommended 10 MB limit may slow down the 
performance of the appliance.
If you are using the Cisco Registered Envelope Service, message recipients will be unable 
to reply to an encrypted message that has attachments larger than 10 MB.

Email address of the encryption account administrator. When you provision an Encryption Profile, 
this email address is registered automatically with the encryption server.

Configure a proxy server.

You can create one or more encryption profiles if you use a key service. You might want to create 
different encryption profiles if you want to use different levels of security for different groups of email. 
For example, you might want messages containing sensitive material to be sent with high security, but 
other messages to be sent with medium security. In this case, you might create a high security encryption 
profile to associate with the messages containing certain key words (such as ‘confidential’), and create 
another encryption profile for other outgoing messages.