Data Loss Prevention

hello all,
i have an implementation in a site and i have been implemented the Symantec DLP Network Discovery and Network prevent for mail and the customer wants to integrate the DLP Emails with an Encryption Solution (not Symantec ICE) so how can i do this to let some emails from the only authorized person that can send his mail with confidential data but encrypted.
i appreciate your reply ASAP. 
Thank You.

Moustafa,

I am attaching the 15.7 email prevent guide.  It talks about how you can configure DLP to modify a email message for downstream encryption Page 13.  You will also need to setup a group rule using AD group or a pattern to only look for these users in your policy.   You can find that information in the admin guide for DLP.  Here is a link to all the guides.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Related-Documents.html

You will see the admin guide there.

Thanks,

Paul

Original Message:
Sent: 06-28-2020 08:36 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

hello all,
i have an implementation in a site and i have been implemented the Symantec DLP Network Discovery and Network prevent for mail and the customer wants to integrate the DLP Emails with an Encryption Solution (not Symantec ICE) so how can i do this to let some emails from the only authorized person that can send his mail with confidential data but encrypted.
i appreciate your reply ASAP.
Thank You.

Hello Paul,
thank you For your Reply but i already read this documents but i don't found any thing except the downstream message tagging but i would like to ask if there is something else or this is the only way to encrypt mails and if this is the only way how should i do it 
just create a response rule (modify SMTP) and put this (X-CFilter: Encrypt) in one of the header values or where should i put it 
is this the configuration only or there is some thing else i should do ?
Original Message:
Sent: 06-29-2020 02:14 PM
From: Paul Evans
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Moustafa,

I am attaching the 15.7 email prevent guide.  It talks about how you can configure DLP to modify a email message for downstream encryption Page 13.  You will also need to setup a group rule using AD group or a pattern to only look for these users in your policy.   You can find that information in the admin guide for DLP.  Here is a link to all the guides.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Related-Documents.html

You will see the admin guide there.

Thanks,

Paul

Original Message:
Sent: 06-28-2020 08:36 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

hello all,
i have an implementation in a site and i have been implemented the Symantec DLP Network Discovery and Network prevent for mail and the customer wants to integrate the DLP Emails with an Encryption Solution (not Symantec ICE) so how can i do this to let some emails from the only authorized person that can send his mail with confidential data but encrypted.
i appreciate your reply ASAP.
Thank You.

Hi Moustafa 

yes , you just need to add this as a response rule , and on the Email Gateway you should create a policy if the header contains encrypt it shoud encrypt or route it to the encryption server . 

please note if the encryption server is not on the email gateway then you have to create a rule if the email comes from the encryption server deliver it to avoid loops 

Hope this helps

------------------------------
Fady Azab
Senior Consultant
CCIT GMBH
------------------------------

Original Message:
Sent: 06-30-2020 05:18 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Hello Paul,
thank you For your Reply but i already read this documents but i don't found any thing except the downstream message tagging but i would like to ask if there is something else or this is the only way to encrypt mails and if this is the only way how should i do it
just create a response rule (modify SMTP) and put this (X-CFilter: Encrypt) in one of the header values or where should i put it
is this the configuration only or there is some thing else i should do ?
Original Message:
Sent: 06-29-2020 02:14 PM
From: Paul Evans
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Moustafa,

I am attaching the 15.7 email prevent guide.  It talks about how you can configure DLP to modify a email message for downstream encryption Page 13.  You will also need to setup a group rule using AD group or a pattern to only look for these users in your policy.   You can find that information in the admin guide for DLP.  Here is a link to all the guides.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Related-Documents.html

You will see the admin guide there.

Thanks,

Paul

Original Message:
Sent: 06-28-2020 08:36 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

hello all,
i have an implementation in a site and i have been implemented the Symantec DLP Network Discovery and Network prevent for mail and the customer wants to integrate the DLP Emails with an Encryption Solution (not Symantec ICE) so how can i do this to let some emails from the only authorized person that can send his mail with confidential data but encrypted.
i appreciate your reply ASAP.
Thank You.

Hello Fady,
Thank You for you replay, could you please tell me if the Header Name  and Header Value should has a unique Format. 

>> Header 1 Name (any name)       Header Value (X-CFilter: Encrypt)
is this the right format or there is something else
Original Message:
Sent: 06-30-2020 05:28 AM
From: Fady azab
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Hi Moustafa

yes , you just need to add this as a response rule , and on the Email Gateway you should create a policy if the header contains encrypt it shoud encrypt or route it to the encryption server .

please note if the encryption server is not on the email gateway then you have to create a rule if the email comes from the encryption server deliver it to avoid loops

Hope this helps

------------------------------
Fady Azab
Senior Consultant
CCIT GMBH

Original Message:
Sent: 06-30-2020 05:18 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Hello Paul,
thank you For your Reply but i already read this documents but i don't found any thing except the downstream message tagging but i would like to ask if there is something else or this is the only way to encrypt mails and if this is the only way how should i do it
just create a response rule (modify SMTP) and put this (X-CFilter: Encrypt) in one of the header values or where should i put it
is this the configuration only or there is some thing else i should do ?
Original Message:
Sent: 06-29-2020 02:14 PM
From: Paul Evans
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

Moustafa,

I am attaching the 15.7 email prevent guide.  It talks about how you can configure DLP to modify a email message for downstream encryption Page 13.  You will also need to setup a group rule using AD group or a pattern to only look for these users in your policy.   You can find that information in the admin guide for DLP.  Here is a link to all the guides.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/symantec-security-software/information-security/data-loss-prevention/15-7/Related-Documents.html

You will see the admin guide there.

Thanks,

Paul

Original Message:
Sent: 06-28-2020 08:36 AM
From: Moustafa Salah
Subject: DLP Network Prevent For E-Mail Integration with Encryption Solution

hello all,
i have an implementation in a site and i have been implemented the Symantec DLP Network Discovery and Network prevent for mail and the customer wants to integrate the DLP Emails with an Encryption Solution (not Symantec ICE) so how can i do this to let some emails from the only authorized person that can send his mail with confidential data but encrypted.
i appreciate your reply ASAP.
Thank You.