Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Ironport Solution Required

                   Dear Experts,

I am looking for email security solution for environment wherein ,mail servers are hosted in Service provider Data Center and we dont have access to it. Looking for client based encryption solution with PKI infrastructure. Please suggest the right solution. Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions

Ironport Solution Required

If you can route the mail from Exchange to a gateway you could use a gateway based PKI encryption solution like totemomail.  That will use existing or create proxy certificates for internal users if necessary and harvest external user certificates for you through enrolment or other processes.  If some recipients can't or won't use PKI it can also encrypt in other ways for those users.  There are other gateway encryption products, but this is one I am familiar with and it is endorsed by Cisco as a replacement for the Cisco IronPort Encryption Appliance, which could also provide this function but is end of sale.  You can find more info here http://www.totemo.com/en/products/mail/encryption-gateway/overview/

If you can't route the mail to a gateway then you can encrypt at the desktop, using S/MIME (built in to Outlook and OWA) or PGP (client available for Outlook) but desktop encryption has many issues, primarily not being able to scan outbound email for virus, acceptable use or DLP at the gateway.

Hope this helps.

4 REPLIES

Ironport Solution Required

I would like to help but I need more clarity.  Are you looking for a hosted mail server or is that what you already have?  When you say mail server do you mean groupware like Exchange or MTA like ESA?  And when you say don't have access to it you mean you can't get admin access to change the configuration for example? If you can be more explicit I/we can offer some suggestions.

Thanks, Dave

Community Member

Ironport Solution Required

Hi Dave,

Thanks for the reply. Please find answer to your queries.

Mail servers are Microsoft Exchange Servers. That we already have. Mail Servers are hosted in Service Provider DC and we dont have admin rights to it, it is managed by them. Looking for client based encryption solution using PKI infrastructure.Hope this answer your queries.

Ironport Solution Required

If you can route the mail from Exchange to a gateway you could use a gateway based PKI encryption solution like totemomail.  That will use existing or create proxy certificates for internal users if necessary and harvest external user certificates for you through enrolment or other processes.  If some recipients can't or won't use PKI it can also encrypt in other ways for those users.  There are other gateway encryption products, but this is one I am familiar with and it is endorsed by Cisco as a replacement for the Cisco IronPort Encryption Appliance, which could also provide this function but is end of sale.  You can find more info here http://www.totemo.com/en/products/mail/encryption-gateway/overview/

If you can't route the mail to a gateway then you can encrypt at the desktop, using S/MIME (built in to Outlook and OWA) or PGP (client available for Outlook) but desktop encryption has many issues, primarily not being able to scan outbound email for virus, acceptable use or DLP at the gateway.

Hope this helps.

Community Member

Ironport Solution Required

Hi

Thanks a lot for your reply.

427
Views
0
Helpful
4
Replies
CreatePlease to create content