Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 0 subscribers
  • Views 4905 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ES1100 TLS features

Azwan

Hi,

Yesterday I receive some good question from customer about security related with ES1100 POC.

The question is simple and straight forward "How or Can we secure connection/email from email server to ES1100 since email only encrypted when go through ES1100 only?".

I know ES1100 have features call TLS to secure connection from server to ES1100 but i never use and knowledge regarding this features perhaps anyone have use/configure this features on live production can guide or share information regarding TLS feature.

Below are equipment/server use for ES1100 POC .

Email Server : IBM Lotus Domino

Email Appliance : Sophos ES1100

:20177


This thread was automatically locked due to age.
Parents
  • 0

    Hi Azwan,

    When you turn the TLS feature ON, the email appliance will attempt oppurtunistic TLS with any mail server (including your internal Domino server).  So if your Domino server is also configured to perform TLS then this will happen automatically.

    You can force TLS between Domino and the ES1100 by entering your own domain in 'Configuration > Policy > Encryption > TLS' and select to either 'Require encryption' or 'Require encryption and validate certificate'.  However, if TLS encryption fails messages will not be delivered so you should be careful when doing this.

    Information about whether delivery was encrypted can be found in 'Search > Mail Logs'.

    Another option would be to use the SPX encryption feature which allows particular e-mails to be encrypted in a secure PDF based on policies.  More info on both these encryptions methods can be found here:

    http://esa.sophos.com/docs/esa/sea_docs/en/ESA/con​cepts/ConfigPolEncryption.html

    Hope this helps,

    Tom.

    :20185
Reply
  • 0

    Hi Azwan,

    When you turn the TLS feature ON, the email appliance will attempt oppurtunistic TLS with any mail server (including your internal Domino server).  So if your Domino server is also configured to perform TLS then this will happen automatically.

    You can force TLS between Domino and the ES1100 by entering your own domain in 'Configuration > Policy > Encryption > TLS' and select to either 'Require encryption' or 'Require encryption and validate certificate'.  However, if TLS encryption fails messages will not be delivered so you should be careful when doing this.

    Information about whether delivery was encrypted can be found in 'Search > Mail Logs'.

    Another option would be to use the SPX encryption feature which allows particular e-mails to be encrypted in a secure PDF based on policies.  More info on both these encryptions methods can be found here:

    http://esa.sophos.com/docs/esa/sea_docs/en/ESA/con​cepts/ConfigPolEncryption.html

    Hope this helps,

    Tom.

    :20185
Children
No Data
Unfiltered HTML