User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680

441

442

443

444

445

446

447

448

449

450

17-25

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 17 Data Loss Prevention

RSA Enterprise Manager

Do This More Information

Step 1

Set up Enterprise Manager on your network and prepare

for partnering with the Email Security appliance.

See RSA’s documentation for DLP Datacenter, including

the online help and the technical note Managing Partner

Device DLP with Enterprise Manager.

Step 2

On the Email Security appliance, create Outgoing Mail

Policies to determine which messages will be scanned for

DLP violations.

Different policies can be assigned to different users or

groups of users.

See Chapter 10, “Mail Policies.”

Note:

The outgoing mail policy has an option to specify

recipients. However, for deployments with Enterprise

Manager, this information is not available from LDAP.

Step 3

On the Email Security appliance, define the actions that

can be taken for messages in which DLP violations are

found or suspected.

For example, you can quarantine such messages.

Message Actions, page 17-34

Step 4

Obtain and upload certificates for secure communications

between the Email Security appliance and Enterprise

Manager.

See (Recommended) Obtaining and Uploading

Certificates for SSL Connections between Email

Security Appliances and Enterprise Manager,

page 17-26

Step 5

On the Email Security appliance, select RSA Enterprise

Manager for the ESA's DLP Mode and configure the

connection between the Email Security appliance and

Enterprise Manager.

See Enabling Enterprise Manager DLP and Configuring

the Connection with the Email Security Appliance,

page 17-29.

Step 6

Provide the LDAP distinguished names of message

senders to Enterprise Manager.

Using LDAP to Identify Message Senders for Enterprise

Manager, page 17-30

Step 7

If you will export DLP policies from the Email Security

appliance and import them into Enterprise Manager, do so

now.

To export RSA Email DLP policies from the Email

Security appliance, see Exporting DLP Policies from an

Email Security Appliance, page 17-31.

To import the policies, see the RSA Enterprise Manager

documentation.

Step 8

On Enterprise Manager, create DLP policies to:

• identify the types of content to be considered

violations, and

• specify which actions will be taken for each

violation.

Follow instructions for creating DLP policies in RSA’s

documentation for DLP Datacenter, including the online

help and the technical note Managing Partner Device

DLP with Enterprise Manager.

Step 9

On Enterprise Manager, specify which DLP policies

apply to which senders and recipients by associating DLP

policies with Outgoing Mail Policies.

See About Associating Outgoing Mail Policies with

DLP Policies in Enterprise Manager Deployments,

page 17-31.