Ironport technical capabilities

AnthonyAskewSteriaUK · ‎03-23-2012

Wondered whether someone could explain whether the scenario that I describe below is acheivable and the technologies that I would need to implement along side our Ironport.

A little background. I am new a Technical Author new on a site, they have Ironport installed.. The install guy is long gone and there are no leads internally for me to follow with regards presales type questions around ironport.

My client has a new requirement to recieve encrypted emails, from specifically known senders. There are around 50. At the moment the senders send their emails encrypted, the ironport blocks their progression into our network due spam/malware checks not being run. an admin, on a daily basis, releases these emails so they hit the recipient mailbox, the reciever opens them, they have on a couple of occassions recieved junk type email through this method.

My question is, is it possible to get the ironport to decrypt these messages, run them through it's malware/spam filtering, re-encrypt them and then forward them onto the mailbox. Reading through the documentation on the Cisco Ironport website, it looks like it's achievable...

Ken Stieers · ‎03-26-2012

How are the incoming messages being encrypted? Are they coming to you in an encrypted envelope where users need some sort of login or password to decrypt it?

Andreas Mueller · ‎03-29-2012

Hello Anthony,

the IronPort appliances do not support any decryption, and works only as a gateway that processes mailflow. They can access a lot of archive types, however if something is password protected or encrypted, it will deal with those messages according to the rules set, but there is no way to access the actual content.

What you probably have read about is the Encryption Appliance (IEA) which supports en-/decryption of PGP and SMIME.

Hope that helps,

Andreas