Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1343
Views
0
Helpful
1
Replies

Encryption Content Filter vs. DLP Encrypt Action

johnsmith1000
Level 1
Level 1

‎04-25-2013 06:16 PM

As I go through the IronPort Email Config Guide, I see two places that email encryption is mentioed:

1) Under DLP configuration (chapter 11): as an action for DLP policy violation 

2) Under Email Encryption configuration (chapter 12): as a content filter which determines which messages should be encrypted

Are both of these methods using the same encryption engine? Does DLP "encrypt" policy action ends up invoking CRES and send an encrypted message to a recipient which has the same format as the encrypted message generated by encryption content filter (assuming no DLP filter configured)?

Thanks.

Labels:
0 Helpful
1 Reply 1

kjohnson1024
Level 1
Level 1

‎04-26-2013 06:25 AM

I ran into this recently and both of them use the same encryption engine. DLP policies will trigger messages to be encrypted; however, policies are processed top to bottom and left to right, so DLP policies will be enforced after Content Filter policies. Additionally, each policy can be set with specific features. In my opionon, Content Filters provide more options to catch interesting traffic via regular expressions, dictionarys, text resources, etc.

0 Helpful
Customers Also Viewed These Support Documents