Cisco Cisco Email Security Appliance C190 Guia Do Utilizador

Cisco IronPort AsyncOS supports using encryption to secure inbound and outbound email.

To use this feature, you create an encryption profile that specifies characteristics of the encrypted 
message and connectivity information for the key server. The key server may either be the Cisco 
Registered Envelope Service (managed service) or an Cisco IronPort Encryption appliance (locally 
managed server). Next, you create content filters or message filters (or both) to determine which 
messages to encrypt.

An outgoing message that meets the filter condition is placed in a queue on the Email Security appliance 
for encryption processing. Once the message is encrypted, the key used to encrypt it is stored on the key 
server specified in the encryption profile and the encrypted message is queued for delivery. If a 
temporary condition exists that prohibits the encryption of emails in the queue (i.e., temporary C-Series 
busyness or CRES unavailability), messages are re-queued and retried at a later time.

You can also set up the appliance to first attempt to send a message over a TLS connection before 
encrypting it. For more information, see 

.

If you want to use a local key server, configure the Cisco IronPort Encryption appliance. For 
instructions on configuring key servers, see the IronPort Encryption Appliance Local Key Server User 
Guide.

Configure an encryption profile. For instructions on configuring the encryption profile, see