Cisco Cisco Email Security Appliance C170 사용자 가이드

The basic workflow for opening encrypted messages is:

When you configure an encryption profile, you specify the parameters for message encryption. For 
an encrypted message, the Email Security appliance creates and stores a message key on a local key 
server or on the hosted key service (Cisco Registered Envelope Service). 

The recipient opens the secure envelope in a browser.

When a recipient opens an encrypted message in a browser, a password may be required to 
authenticate the recipient’s identity. The key server returns the encryption key associated with the 
message. 

When opening an encrypted email message for the first time, the recipient is required to register 
with the key service to open the secure envelope. After registering, the recipient may be able to 
open encrypted messages without authenticating, depending on settings configured in the 
encryption profile. The encryption profile may specify that a password isn’t required, but certain 
features will be unavailable.

The decrypted message is displayed. 

To use encryption with the Email Security appliance, you must configure an encryption profile. You can 
enable and configure an encryption profile using the 

encryptionconfig

 CLI command, or via Security 

Services > Cisco IronPort Email Encryption in the GUI.

Pass

word

Key

370550

1) Email Security appliance encrypts and
stores message key in key server

2) User opens secure
envelope in browser

3) User authenticates
and gets message key.

Key Server or Hosted Key Service

4) Decrypted message
is displayed.