Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4864
Views
5
Helpful
5
Replies

Data Loss Prevention (DLP) | Email Encryption

Go to solution
John
Level 1
Level 1

‎06-17-2016 01:15 AM

Hello Cisco Community,

We would like to know what is the use of Data Loss Prevention (DLP) and Email Encryption in email security.

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎06-17-2016 06:40 AM

You can find the answer to this via the User Guide:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-7/ESA_9-7_User_Guide.pdf

DLP -

The Data Loss Prevention (DLP) feature secures your organization’s proprietary information and intellectual property and enforces compliance with government regulations by preventing users from maliciously or unintentionally emailing sensitive data from your network. You define the types of data that your employees are not allowed to email by creating DLP policies that are used to scan outgoing messages for any data that may violate laws or corporate policies.

Email Encryption -

AsyncOS supports using encryption to secure inbound and outbound email. To use this feature, you create an encryption profile that specifies characteristics of the encrypted message and connectivity information for the key server. The key server may either be:

• The Cisco Registered Envelope Service (managed service), or

• An Cisco Encryption appliance (locally managed server)

Next, you create content filters, message filters, and Data Loss Prevention policies to determine which messages to encrypt.

1. An outgoing message that meets the filter condition is placed in a queue on the Email Security appliance for encryption processing.

2. Once the message is encrypted, the key used to encrypt it is stored on the key server specified in the encryption profile and the encrypted message is queued for delivery.

3. If a temporary condition exists that prohibits the encryption of emails in the queue (i.e., temporary C-Series busyness or CRES unavailability), messages are re-queued and retried at a later time.

Cheers,
Robert Sherwin

View solution in original post

5 Replies 5

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎06-17-2016 06:40 AM

You can find the answer to this via the User Guide:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-7/ESA_9-7_User_Guide.pdf

DLP -

The Data Loss Prevention (DLP) feature secures your organization’s proprietary information and intellectual property and enforces compliance with government regulations by preventing users from maliciously or unintentionally emailing sensitive data from your network. You define the types of data that your employees are not allowed to email by creating DLP policies that are used to scan outgoing messages for any data that may violate laws or corporate policies.

Email Encryption -

AsyncOS supports using encryption to secure inbound and outbound email. To use this feature, you create an encryption profile that specifies characteristics of the encrypted message and connectivity information for the key server. The key server may either be:

• The Cisco Registered Envelope Service (managed service), or

• An Cisco Encryption appliance (locally managed server)

Next, you create content filters, message filters, and Data Loss Prevention policies to determine which messages to encrypt.

1. An outgoing message that meets the filter condition is placed in a queue on the Email Security appliance for encryption processing.

2. Once the message is encrypted, the key used to encrypt it is stored on the key server specified in the encryption profile and the encrypted message is queued for delivery.

3. If a temporary condition exists that prohibits the encryption of emails in the queue (i.e., temporary C-Series busyness or CRES unavailability), messages are re-queued and retried at a later time.

Cheers,
Robert Sherwin

Go to solution
John
Level 1
Level 1
In response to Robert Sherwin

‎06-19-2016 04:25 AM

How to setup DLP? 

0 Helpful

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to John

‎06-19-2016 05:38 PM

Hello John,

You can find the steps to enable/setup DLP within the same user guide that Robert has linked on page #431 under section "How to Set Up Data Loss Prevention for Deployments Using RSA Email DLP".

Thanks!

-Dennis M.

0 Helpful

Go to solution
amitmarathe
Level 1
Level 1
In response to Robert Sherwin

‎11-27-2016 11:13 PM

Can ESAV can integrate with DLP and PGP symentic for email encryotion.? How to configure?

0 Helpful

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee
In response to amitmarathe

‎11-28-2016 05:25 AM

Hi Amit,

The ESA currently has no feature availability relating to the PGP Gateway – in terms of integration I do not see any documentation available for the same.

- Libin

0 Helpful
Customers Also Viewed These Support Documents