Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
851
Views
0
Helpful
1
Replies

Ability to deliver e-mails from CRES encrypted or dedicated TLS based on recipient?

Jason Meyer
Level 1
Level 1

‎09-03-2015 06:44 AM

We currently have 7500 internal users authorized to do e-mail encryption via our on-premise IronPort appliances and CRES.  All is working great except for responses from external recipients.   I have about 4000 users that do not want those e-mails encrypted, and want them delivered via a required TLS connection, mostly because they do not want to decrypt all of the e-mails.  Well, I also have about 3500 users who want the e-mails encrypted for security reasons.

 

My understanding is I can either setup CRES to deliver all e-mails to my organization encrypted or all e-mails to my organization via required TLS connection.   Still correct?   If so, how do I resolve the above problem?

 

My work around is I could possibly encrypt the e-mails after they arrive at my organization for the 3500 users, but this doesn't make much sense to me as they have already traversed the internet (albeit via a TLS connection) to get to me.

 

Thoughts?

Labels:
0 Helpful
1 Reply 1

David Miller
Level 1
Level 1

‎10-20-2015 04:09 AM

Hi Jason,

Rather late response but I only just saw this.

Your analysis is correct, and I think your workaround (encrypting incoming replies) is the only option.  Whether that is worth doing depends on why the 3500 users want the replies encrypting to their desktop.  Is there some regulatory reason?  Do the senders want to authenticate?  Do they not trust the internal network?  You will need to find the business reason behind this or convince them that is is secure enough with TLS to your gateway.

Hope this helps, Dave

0 Helpful
Customers Also Viewed These Support Documents