We've just implemented IronPort mainly for E-Mail encryption, but we are taking advantage of the great AntiSpam and A/V capabilities of the device also.
In testing our E-Mail encryption, I have these feedback points and I'm hoping someone can help me address some of these concerns.
1) It seems that some people behind a corporate firewall had no issues at all receiving the email, signing up for an account, and responding to the secure message.
2) Others, however, received error messages, the links may not have worked if saved to their desktop, or had other possible network issues.
3) Some replied within the secure message, which I received. Others replied to the original email, which I also received. However, if I then replied to the original email that was encrypted as well, even though their response to me was not and my reply to them was not.
4) Within the secure message, the only clear options to a user are “Reply” or “Reply to all”. There are no clear instructions that if you want to cancel, you need to close the browser.
2) Could you be specific of what kind of errors you noticed? When you say links saved to desktop are you referring to securedoc.html? If there is an issue accessing links for activation or registration these might be related to proxy or network related issues. Please have these user's try accessing these links outside the network and see if the issue persists.
3) Are you referring to secure replies being received as encrypted envelopes? This is part of how secure replies work, if you want secure replies coming into your domain as plain text instead of PXE envelopes use the TLS feature.
I had in the subject line, if subject contains [send secure]. I changed it to if subject begins with [send secure]. This way the RE: [send secure] won't always be encrypted.
If you want it encrypted we allow them to reply from the decrypted securedoc.html. I was referring to replying to the initial "You have received a secure message" notification.
For number 2: I have info from an individual who saved securedoc.html to their desktop and opened it in IE. She entered the password and it just sat there for a really long time until she lost patience and closed out. Just sat there...
I'm wondering if those compatibility issues could be minimized with the checkbox that says "Use Decryption Applet" under the Encryption Envelope Profile in Ironport. The description for this checkbox (which is currently checked) states "Disabling this setting will cause message attachments to be decrypted at the key server. The message will take longer to open (but is guaranteed to work in all user environments). "
What's your opinion? For broader compatibility, it appears as if I should uncheck that box.
Other feedback seems to pertain to confused users saying "Why do we have to register for Cisco?" So that would be more branding and clearer communication that our Marketing team can come up with for our text resource that kicks off the "You have received a secure message" notification.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...