User Guide
18-2
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 18 Cisco Email Encryption
How to Encrypt Messages with a Local Key Server
How to Encrypt Messages with a Local Key Server
Related Topics
• Encryption Workflow, page 18-2
Encryption Workflow
When using email encryption, the Cisco Email Security appliance encrypts a message and stores the
message key on a local key server or a hosted key service. When the recipient opens an encrypted
message, the recipient is authenticated by the key service, and the decrypted message is displayed.
Table 18-1 How to Encrypt Messages with a Local Key Server
Steps Do This More Info
Step 1 Set up the Cisco IronPort Encryption appliance
on the network.
See Chapter 3, “Setup and Installation.”
Step 2 Enable message encryption. Enabling Message Encryption on the Email Security
Appliance, page 18-4.
Step 3 Specify the encryption key server to use and the
security settings for the encrypted messages by
creating an encryption profile.
Configuring How a Key Service Handles Encrypted
Messages, page 18-4.
Step 4 Define the conditions that messages must meet
in order for the appliance to encrypt them.
Determining Which Messages to Encrypt, page 18-8.
Step 5 Determine when to encrypt messages in the
email workflow.
• Encrypting and Immediately Delivering Messages
using a Content Filter, page 18-9.
or
• Encrypting a Message upon Delivery using a Content
Filter, page 18-10.
Step 6 (Optional) Flag messages for additional
security.
Inserting Encryption Headers into Messages, page 18-11.
Step 7 Define groups of users for whom you want to
encrypt messages.
Create a mail policy.
See Chapter 10, “Mail Policies.”
Step 8 Associate the encryption actions that you
defined with the user groups you defined.
Associate the content filter with the mail policy.
See Chapter 10, “Mail Policies.”