Руководство Пользователя для Cisco Cisco Email Security Appliance C160
19-9
Cisco AsyncOS 9.5 for Email User Guide
Chapter 19 Cisco Email Encryption
Determining Which Messages to Encrypt
•
Using a TLS Connection as an Alternative to Encryption
Based on the destination controls specified for a domain, your Email Security appliance can securely
relay a message over a TLS connection instead of encrypting it, if a TLS connection is available. The
appliance decides whether to encrypt the message or send it over a TLS connection based on the TLS
setting in the destination controls (Required, Preferred, or None) and the action defined in the encryption
content filter.
relay a message over a TLS connection instead of encrypting it, if a TLS connection is available. The
appliance decides whether to encrypt the message or send it over a TLS connection based on the TLS
setting in the destination controls (Required, Preferred, or None) and the action defined in the encryption
content filter.
When creating the content filter, you can specify whether to always encrypt a message or to attempt to
send it over a TLS connection first, and if a TLS connection is unavailable, to encrypt the message.
send it over a TLS connection first, and if a TLS connection is unavailable, to encrypt the message.
shows you how an Email Security appliance will send a message based on the TLS settings
for a domain’s destination controls, if the encryption control filter attempts to send the message over a
TLS connection first.
TLS connection first.
For more information about enabling TLS on destination controls, see
Encrypting and Immediately Delivering Messages using a Content Filter
Before You Begin
•
To understand the concept of building conditions for content filters, see
.
•
(Optional) See
.
Procedure
Step 1
Go to Mail Policies > Outgoing Content Filters.
Step 2
In the Filters section, click Add Filter.
Step 3
In the Conditions section, click Add Condition.
Step 4
Add a condition to filter the messages that you want to encrypt. For example, to encrypt sensitive
material, you might add a condition that identifies messages containing particular words or phrases, such
as “Confidential,” in the subject or body.
material, you might add a condition that identifies messages containing particular words or phrases, such
as “Confidential,” in the subject or body.
Step 5
Click OK.
Step 6
Optionally, click Add Action and select Add Header to insert an encryption header into the messages
to specify an additional encryption setting.
to specify an additional encryption setting.
Step 7
In the Actions section, click Add Action.
Table 19-2
TLS Support on ESA Appliances
Destination Controls TLS Setting
Action if TLS Connection
Available
Available
Action if TLS Connection
Unavailable
Unavailable
None
Encrypt envelope and send
Encrypt envelope and send
TLS Preferred
Send over TLS
Encrypt envelope and send
TLS Required
Send over TLS
Retry/bounce message