cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2403
Views
5
Helpful
5
Replies

ESA + CRES on TLS failed connections

daro
Level 1
Level 1

Hi,

is it possible to have either content/message filter or some other solution to have a failover on TLS failed connections for a CRES envelope?

 

best case scenario would to have CRES configured to be used when a TLS connection fails.

 

any ideas?

thanks
daniel

1 Accepted Solution

Accepted Solutions

Mathew Huynh
Cisco Employee
Cisco Employee

Hey Daniel,

 

On the ESA (outgoing rules only) you can  configure emails to be sent with encryption profile configured and to use TLS and only fail-over to CRES when TLS fails.

 

However as shared, it's restricted to outbound traffic only - requires the encryption profile and CRES account and trusted TLS domains (cannot be applied globally, only via the list on CRES portal under your account).

 

Regards,

Mathew

View solution in original post

5 Replies 5

marc.luescherFRE
Spotlight
Spotlight

Is the idea for failed connection which can not be sent via TLS or for messages which did not come in via TLS ?

the current requirement is for outbound messages only.
What I would like to see is a setting in the default entry of destination control to setup TLS support to something like - required, use encryption profile XY if TLS fails.

Mathew Huynh
Cisco Employee
Cisco Employee

Hey Daniel,

 

On the ESA (outgoing rules only) you can  configure emails to be sent with encryption profile configured and to use TLS and only fail-over to CRES when TLS fails.

 

However as shared, it's restricted to outbound traffic only - requires the encryption profile and CRES account and trusted TLS domains (cannot be applied globally, only via the list on CRES portal under your account).

 

Regards,

Mathew

Hi Mathew,


outgoing is good enough for my use case.


I have configured CRES a few times before, but only as an on-demand encryption service with outgoing content filters to match for *secure* or other subject triggers.

 

Can you point me to the correct chapter in the CRES admin guide? seems like I am only finding the TLS domain settings for secure replies.

 

thanks

daniel

never mind, I found it :-)

image.png

thanks
Daniel