Cisco Cisco Email Security Appliance C670 사용자 가이드

The basic workflow for opening encrypted messages is:

When you configure an encryption profile, you specify the parameters for 
message encryption. For an encrypted message, the Email Security appliance 
creates and stores a message key on a local key server or on the hosted key service 
(Cisco Registered Envelope Service). 

The recipient opens the secure envelope in a browser.

When a recipient opens an encrypted message in a browser, a password may be 
required to authenticate the recipient’s identity. The key server returns the 
encryption key associated with the message. 

When opening an encrypted email message for the first time, the recipient 
is required to register with the key service to open the secure envelope. 
After registering, the recipient may be able to open encrypted messages 
without authenticating, depending on settings configured in the 
encryption profile. The encryption profile may specify that a password 
isn’t required, but certain features will be unavailable.

1) Email Security appliance encrypts and 
stores message key in key server

Key Server or Hosted Key Service

Password

Key

2) User opens secure 
envelope in browser

4) Decrypted message is 
displayed.

3) User authenticates 
and gets message key.