Standard encryption is typically used to enforce encryption policy when the recipient's MTA does not support TLS. This functionality relies on a TLS connection with you to secure communications between your MTA and Forcepoint Email Security Cloud. Recipients require a manually-generated password to access the encrypted email.
Advanced encryption uses identity-based encryption (IBE) to protect data without the need for certificates. Protection is provided by a key server that controls the mapping of identities to decryption keys. The recipient of an encrypted email authenticates against the key server to receive the decrypted version of the message.