McAfee Email Gateway 7.x Encryption and IronPort Integration Guide

Similar documents
Product Guide Revision A. McAfee Secure Web Mail Client Software

McAfee Host Data Loss Prevention 9.1 Cluster Installation Guide

Product Guide Revision A. McAfee Secure Web Mail Client Software

McAfee epolicy Orchestrator 4.5 Cluster Installation Guide

Application Note. Configuring McAfee Firewall Enterprise for McAfee Web Protection Service

McAfee Optimized Virtual Environments for Servers. Installation Guide

Release Notes McAfee Risk Advisor Software For use with epolicy Orchestrator and Software

Recommended Recommended for all environments. Apply this update at the earliest convenience.

McAfee Optimized Virtual Environments - Antivirus for VDI. Installation Guide

McAfee Risk Advisor 2.7

McAfee VirusScan Enterprise for Linux Software

McAfee Agent Handler

Hardware Sizing and Bandwidth Usage Guide. McAfee epolicy Orchestrator Software

McAfee Solidcore Change Reconciliation and Ticket-based Enforcement

Desktop Release Notes. Desktop Release Notes 5.2.1

McAfee Host Data Loss Prevention Best Practices: Protecting against data loss from external devices

Implementing McAfee Device Control Security

Total Protection Service

McAfee. Firewall Enterprise. Application Note TrustedSource in McAfee. Firewall Enterprise. version and earlier

Release Notes for McAfee epolicy Orchestrator 4.5

epolicy Orchestrator Log Files

Product Guide. McAfee Security-as-a-Service Partner SecurityDashboard 5.2.0

McAfee Cloud Identity Manager

McAfee VirusScan Enterprise for Storage 1.0 Sizing Guide for NetApp Filer on Data ONTAP 7.x

Release Notes for McAfee VirusScan Enterprise for Storage 1.0

McAfee Cloud Identity Manager

Verizon Internet Security Suite Powered by McAfee User Guide

McAfee Cloud Identity Manager

McAfee Total Protection Service Installation Guide

McAfee GTI Proxy Administration Guide

Application Note Configuring Department of Defense Common Access Card Authentication on McAfee. Firewall Enterprise

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Installation Guide. McAfee Security for Microsoft Exchange Software

McAfee Solidcore Product Guide

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Setup Guide. Archiving for Microsoft Exchange Server 2010

Setup Guide. Archiving for Microsoft Exchange Server 2007

Setup Guide Revision B. McAfee SaaS Archiving for Microsoft Exchange Server 2010

Product Guide. McAfee SaaS Endpoint Protection 5.2.0

McAfee UTM Firewall Control Center Product Guide. version 2.0

Installation Guide. McAfee epolicy Orchestrator Software

McAfee SaaS Archiving

SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Installation Guide. McAfee SaaS Endpoint Protection 5.2.0

Policy Based Encryption Essentials. Administrator Guide

Release Notes for McAfee(R) GroupShield(TM) version Patch 1 for Microsoft Exchange. Copyright (C) 2011 McAfee, Inc. All Rights Reserved CONTENTS

McAfee SiteAdvisor Enterprise 3.5.0

Creating a Content Group and assigning the Encrypt action to the Group.

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

McAfee Directory Services Connector extension

Product Guide. McAfee epolicy Orchestrator Software

PaperClip. em4 Cloud Client. Manual Setup Guide

Upgrade Guide. McAfee Vulnerability Manager Microsoft Windows Server 2008 R2

McAfee epolicy Orchestrator

McAfee(R) Security Virtual Appliance 5.6 Installation Guide

Network Threat Behavior Analysis Monitoring Guide. McAfee Network Security Platform 6.1

Best Practices Guide. McAfee Endpoint Protection for Mac 1.1.0

Set Up Setup with Microsoft Outlook 2007 using POP3

E Mail Encryption End User Guide

Product Guide. McAfee SaaS Endpoint Protection (October, 2012 release)

Policy Based Encryption Z. Administrator Guide

System Status Monitoring Guide. McAfee Network Security Platform 6.1

McAfee(R) and Web Security Virtual Appliance 5.6 Installation Guide

Setting up Microsoft Office 365

Setting up Microsoft Office 365

McAfee Security for Microsoft SharePoint User Guide

T E C H N I C A L S A L E S S O L U T I O N

For a list of supported environments for VirusScan Enterprise 8.7i on Microsoft Windows, see (McAfee) KnowledgeBase article KB51111.

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

Basic Exchange Setup Guide

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

McAfee Endpoint Encryption for PC 7.0

Best Practices Guide. McAfee Security for Microsoft Exchange Software

McAfee Firewall Profiler Product Guide. version 1.5

Install and Configure RelayFax

McAfee Policy Auditor 6.0 software Product Guide for epolicy Orchestrator 4.6

McAfee Cloud Single Sign On

Data Center Connector for OpenStack

PageScope Router. Version 1.5. Configuration Guide

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

McAfee VirusScan Enterprise 8.8 software Product Guide

PaperClip. em4 Cloud Client. Setup Guide

McAfee Public Cloud Server Security Suite

Encryption Made Simple

Administration Guide Revision E. SaaS Protection

Novar Database Mail Setup Guidelines

Product Guide Revision A. McAfee Total Protection for Data Loss Prevention 9.2 Software

Performance Optimizer Software

Secure Outgoing Mail (SMTP) Setup Guide

McAfee Encrypted USB Hard Disk Non-Bio Quick Start Guide

McAfee SiteAdvisor Enterprise 3.5 Patch 2

Transcription:

Sample deployment architecture For this guide, we have provided a deployment architecture example. This example includes an IronPort Email Gateway sending outbound email, and the McAfee Email Gateway Encryption (MEG) appliance revealing Push and Pull Encryption processes. The diagrams below illustrate the architecture used in this guide. Push Encryption Example: Secure Web Delivery (SWD) Push encryption refers to the ability to push an encrypted email directly to the users email inbox. Similar to Pull encryption, Push does not require users to install client software in order to read the encrypted message. In this model, users receive an email message with an attachment, which is actually an encrypted file that contains the complete message. When users double-click on the attachment, it launches their Web browser where they are authenticated and the message can be displayed. From there, users can save attachments, as well as forward and reply. Pull Encryption Example: SWD Pull technology provides a way to deliver the encrypted message to users without requiring users to install client software to read the email. Users receive a notification link message with only a link to the secure portal. When users click the link, they are sent to the portal where they are authenticated. From there, messages are decrypted, downloaded and presented via their Web browser. McAfee Email Gateway Encryption will allow users to compose a new message, or reply and forward the original message, thus providing full two-way secure communication. Page 1

Routing outbound messages to McAfee Encryption When outbound email is sent from IronPort, it follows the defined default route for delivery to the recipient. At this time, TLS encryption may be negotiated for encryption, so long as the recipient supports TLS. If TLS cannot be negotiated during the SMTP session, the email will be delivered insecurely via plain text. The following steps can be followed on the IronPort appliance to route messages to McAfee Email Gateway for full encryption, thus preventing plain text delivery of sensitive content: Outgoing Content Filters Navigate to Mail Policies > Outgoing Content Filters Click Add Filter to create a new entry Create the initial policy to identify outbound messages to deliver to MEG Encryption. Provide a name for the policy In the Description (optional) field, you may optionally add a rule description. For example: Route all outbound mail to MEG Encryption when message subject = [Secure] Click the Add Condition button to start creating the filter rule Many conditions can be used to create a filter for redirecting email to MEG as an encryption server. One common condition is using a special subject string to initiate Encryption on demand when users define the message subject. In this example, the message subject to initiate encryption is [Secure]. Click OK to save changes Click the Add Action button to define what happens when the condition criteria are met To have email sent to the MEG Encryption server, select Send to Alternate Destination Host Page 2

Enter the IP address (preferred) or Host Name of the MEG Encryption server in the Mail Host field Click OK Click Submit to create the filter rule Click Commit Changes in the upper right corner of the IronPort Administration console Enabling Content Filters for an Outbound Policy New filters are not applied to a policy by default, so it is necessary to assign the filter to an appropriate outbound mail policy. This example will use the Default Policy found in the IronPort Administration Console. Navigate to Mail Policies > Outgoing Mail Policies Use the Default Policy or use the Add Policy button to create a new one For this example, we will edit the Default Policy by clicking Disabled under Content Filters Clicking this link will open a new Mail Policies: Content Filters page as seen below: Page 3

Click the drop-down menu (default is Disable Content Filters ) Select Enable Content Filters (Customize settings) It is essential to check the Enable box for the filter to work properly Click Submit Click Commit Changes in the upper right corner of the IronPort Administration console You can optionally add a comment to why the changes were added to the system, and click Commit Changes again Other Configuration Notes Multiple Content Filter rules may be added to one outbound policy Multiple Outgoing Mail Policies can be assigned to a specific order Content filters are only limited to the conditions in the Add Condition window; however regular expressions are allowed in may areas Page 4

COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAF EE OR THE PLACE OF PURCHASE FOR A FULL REFUND. License Attributions Refer to the product Release Notes. Page 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information