Manualsbrain.com
  1. Manuali
  2. Marche
  3. Cisco
  4. Cisco Email Security Appliance C670
  5. Libro bianco

Cisco Cisco Email Security Appliance C670 Libro bianco

Scarica
Pagina di 12
© 2016 Cisco and/or its affiliates. All rights reserved.
3
Preface
This document is for Cisco customers, Cisco channel partners and 
Cisco Engineers setting up secure communications via email using  
S/MIME.
Secure/Multipurpose Internet Mail Extensions or S/MIME is one of the 
ways to achieve end-to-end secure communication. In this document 
we will focus only on S/MIME.
S/MIME is corporate-friendly because it is built into most email clients 
versus PGP (Pretty Good Privacy), which is old and requires plugins.
S/MIME encryption on Cisco Email Security has complete feature parity 
across all deployment methods – Cloud Email Security (CES), Email 
Security Appliance (ESA) or Email Security Virtual Appliance (ESAV).
S/MIME is a security feature that does not require any additional license. 
S/MIME uses asymmetric encryption technology and provides gateway-
to-gateway and end-to-end message encryption.
S/MIME offers support for mobile devices.
S/MIME does not provide reliable read receipts. The key revocation is 
possible, but complex and it uses an optional PKI infrastructure for key 
storage.
S/MIME is built on open standards.
In this tutorial document you will learn how to securely send messages 
via email that are encrypted and signed and only the intended recipient 
of that message will be able to decrypt or decode the message. The 
signature helps in verifying that the email is unaltered using checksum 
and it is from the actual sender and not from someone else, i.e. to 
prevent the forgery of email.
Introduction
This document covers the following:
• 
What is S/MIME – basic definition?
• 
What is needed to enable S/MIME on Cisco Email Security?
• 
Scenario: business-to-business
• 
Scenario: business-to-consumer
• 
Cisco Email Security S/MIME certificate installation requirements
• 
Creation of S/MIME certificate in a test environment
• 
Importing a certificate
• 
Associate a PEM certificate to S/MIME public keys
• 
S/MIME verification and decryption flowcharts
• 
S/MIME verification and public key harvesting features – mail flow 
policies
• 
S/MIME sending profiles configuration
• 
S/MIME reporting and tracking
Technical Details
What is S/MIME – Basic definition?
S/MIME is an email security protocol that was designed to prevent 
the interception and forgery of email by using encryption and digital 
signatures. S/MIME builds security on top of the MIME protocol and is 
based on technology originally developed by RSA Data Security, Inc.
What is needed to enable S/MIME on Cisco Email Security?
1. Certificates to help identify the organization rather than the 
individual user without requiring that all end users possess their own 
certificates.
Cisco Email Security provides the following S/MIME security services 
for business-to-business (B2B) and business-to-consumer (B2C) 
scenarios:
• 
Sign, encrypt, or sign and encrypt messages using S/MIME.
• 
Verify, decrypt, or decrypt and verify messages using S/MIME.
Note:
 Cisco Email Security allows you to create a self-signed S/MIME certificate, 
which provides customers with a self-signed certificate that they can use; 
however, depending upon specific business restrictions and requirements, Cisco 
Email Security also provides a way to generate a certificate signing request (CSR). 
Customers can the submit this CSR to the trusted certificate authority and get a 
certificate they can import that meets their organization’s business requirements.
Cisco Email Security How-To Guide
How-To Secure Communications
Cisco Public