Configuring Appliance Encryption Policies
You can configure inbound SMTP encryption options for mail from the Internet to the Email Security appliance. Additionally, you can enable SSL connections to all Email Security product dashboards.
To configure appliance encryption policies:
Encryption >> Policies
|
1.
|
If you want to enable a secure connection to all dashboards, select the checkbox. |
|
2.
|
Select the inbound encryption policy in the drop-down list under Inbound SMTP. Options are: |
|
•
|
Never Encrypt: Transport Layer Security (TLS) is never offered during the session. |
|
•
|
Offer to Encrypt: If an encrypted session cannot be established, the message is received in the clear. |
|
•
|
Always Encrypt: If an encrypted session cannot be established the connection is closed. Requiring that all incoming mail be encrypted can block a substantial portion of your incoming mail. |
|
3.
|
Deselect the TLS protocols to disable in the SSL/TLS Configuration for HTTPS and SMTP section. By default, all TLS protocols are enabled. |
|
4.
|
If you want to disable weak ciphers to increase security, deselect the checkbox for each cipher you want to disable. |
|
|
Note: Restart the appliance software after making changes to the HTTPS or cipher selections. You must log back into the server after the restart. See Restarting the Appliance for more information.
|