We have IronPort C-series, M-series, and IEA appliances and are currently manually encrypting e-mails with the [send secure] subject string. All of that is working great. What we are now looking at is using the SSN smart tag in a content filter to start cleaning up our outgoing e-mails. Currently I only have 'notify' as an action so that we can see where and how much of a problem we have. That has run for a while and now we are getting ready to start possibly bouncing the mail back to the sender or automatically encrypting the outgoing e-mail with our IEA appliances. The question that I have is currently not all of our internal users are licensed for the IEA so I can't just encypt everything that the SSN smart tag finds. OK, so I can bounce the e-mail back to the users that are not licensed... Sounds good... well, what about false positives? How do they get the e-mail sent that IronPort is stopping because of SSN false positives?
I've thought of a couple of ideas but would be interested in hearing what the other admins have come up with that works for them. THANKS.
OH, does anyone know where CISCO put the old Knowledgebase? I thought there was some great information there.