cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Cisco Secure Email Support Community

Product Support Talos Support Cisco Support Reference + Current Release
Gateway Reputation Lookup Open a support case Secure Email Guided Setup
Gateway: 14.0.0-698
Cloud Gateway Email Status Portal Support & Downloads docs.ces.cisco.com
Email and Web Manager: 14.0.0-404
Email and Web Manager Web & Email Reputation Worldwide Contacts Product Naming Quick Reference
Reporting Plug-in: 1.1.0.136
Encryption Bug Search
Encryption Plug-in: 1.2.1.167
Cloud Mailbox Notification Service
Outlook Add-in(s): More info

3017
Views
5
Helpful
5
Replies
John
Beginner

Data Loss Prevention (DLP) | Email Encryption

Hello Cisco Community,

We would like to know what is the use of Data Loss Prevention (DLP) and Email Encryption in email security.

1 ACCEPTED SOLUTION

Accepted Solutions
Robert Sherwin
Cisco Employee

You can find the answer to this via the User Guide:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-7/ESA_9-7_User_Guide.pdf

DLP -

The Data Loss Prevention (DLP) feature secures your organization’s proprietary information and intellectual property and enforces compliance with government regulations by preventing users from maliciously or unintentionally emailing sensitive data from your network. You define the types of data that your employees are not allowed to email by creating DLP policies that are used to scan outgoing messages for any data that may violate laws or corporate policies.

Email Encryption -

AsyncOS supports using encryption to secure inbound and outbound email. To use this feature, you create an encryption profile that specifies characteristics of the encrypted message and connectivity information for the key server. The key server may either be:

• The Cisco Registered Envelope Service (managed service), or

• An Cisco Encryption appliance (locally managed server)

Next, you create content filters, message filters, and Data Loss Prevention policies to determine which messages to encrypt.

1. An outgoing message that meets the filter condition is placed in a queue on the Email Security appliance for encryption processing.

2. Once the message is encrypted, the key used to encrypt it is stored on the key server specified in the encryption profile and the encrypted message is queued for delivery.

3. If a temporary condition exists that prohibits the encryption of emails in the queue (i.e., temporary C-Series busyness or CRES unavailability), messages are re-queued and retried at a later time.

View solution in original post

5 REPLIES 5
Robert Sherwin
Cisco Employee

You can find the answer to this via the User Guide:

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-7/ESA_9-7_User_Guide.pdf

DLP -

The Data Loss Prevention (DLP) feature secures your organization’s proprietary information and intellectual property and enforces compliance with government regulations by preventing users from maliciously or unintentionally emailing sensitive data from your network. You define the types of data that your employees are not allowed to email by creating DLP policies that are used to scan outgoing messages for any data that may violate laws or corporate policies.

Email Encryption -

AsyncOS supports using encryption to secure inbound and outbound email. To use this feature, you create an encryption profile that specifies characteristics of the encrypted message and connectivity information for the key server. The key server may either be:

• The Cisco Registered Envelope Service (managed service), or

• An Cisco Encryption appliance (locally managed server)

Next, you create content filters, message filters, and Data Loss Prevention policies to determine which messages to encrypt.

1. An outgoing message that meets the filter condition is placed in a queue on the Email Security appliance for encryption processing.

2. Once the message is encrypted, the key used to encrypt it is stored on the key server specified in the encryption profile and the encrypted message is queued for delivery.

3. If a temporary condition exists that prohibits the encryption of emails in the queue (i.e., temporary C-Series busyness or CRES unavailability), messages are re-queued and retried at a later time.

View solution in original post

How to setup DLP? 

dmccabej
Cisco Employee

Hello John,

You can find the steps to enable/setup DLP within the same user guide that Robert has linked on page #431 under section "How to Set Up Data Loss Prevention for Deployments Using RSA Email DLP".

Thanks!

-Dennis M.

Can ESAV can integrate with DLP and PGP symentic for email encryotion.? How to configure?

Hi Amit,

The ESA currently has no feature availability relating to the PGP Gateway – in terms of integration I do not see any documentation available for the same.

- Libin

Content for Community-Ad