Chicago (Midwest) Data Loss Prevention User Group

 View Only

  • 1.  STARTTLS for DLP Email Prevent

    Posted Dec 07, 2012 08:22 AM

    Very basic question. In the forward mode, does Email Prevent unencrypt email to monitor content, or does it just pass through as encrypted?

     



  • 2.  RE: STARTTLS for DLP Email Prevent

    Posted Dec 07, 2012 01:10 PM

    Yes, Email Prevent can decrypt emails to apply a DLP scan and re-encrypt them before forwarding. You need to configure TLS accordingly.



  • 3.  RE: STARTTLS for DLP Email Prevent

    Trusted Advisor
    Posted Dec 07, 2012 01:10 PM

    If you are referring to EMAILS that are ALREADY encrypted before being sent to EMAIL PREVENT, then they will remain encrypted. There is no way to unencrypt something that has been encrypted by another source. 

    If you are asking about how the transmission of traffic from 1 hop to another is done..

    It will be sent unencrypted to the next hop UNLESS you have configured the TLS communication between the servers. This will require the exchange of certs.

    Hope this helps.



  • 4.  RE: STARTTLS for DLP Email Prevent

    Posted Dec 11, 2012 03:38 AM

    Hi Madstan,

     

    As to scan/read content must be decrypted so before sending to email prevnt the content is not encrypted it will further encrypted when scan completed and data will be sent out next MTA so that before MTA it has been sent out to encryption Gateway.
     
    Monitoring and prevention of TLS-encrypted email traffic is only supported with Email Prevent in version 10.0 and above, see the SMTP Prevent MTA Integration Guide for instructions.
     
    Network Monitor cannot inspect encrypted traffic.