Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Email Security Message Encryption : Third-party application message encryption
Third-party application message encryption
Email Encryption | Forcepoint Email Security | Updated: 29-Apr-2022
 
Forcepoint Email Security supports the use of third-party software for message encryption. Enable this encryption method by selecting the option Third-party application in the pull-down menu Encryption method (Settings > Inbound/Outbound > Encryption).
The third-party application must support the use of x-headers for communication with the Email Security module.
Forcepoint Email Security can be configured to add an x-header to a message that triggers an encryption policy. Other x-headers can indicate encryption success or failure. These x-headers facilitate communication between the email protection system and the third-party encryption software. You must ensure that the x-header settings made on the Encryption page of the Email Security module match the corresponding settings in the third-party software configuration. See Forcepoint Email Security Administrator Help for information about configuring the Email Security module for a third-party encryption application.
It is also necessary to configure an outbound email DLP policy in the Data Security module. See Forcepoint DLP Administrator Help for details about configuring an email DLP policy with an encryption action plan. See Creating an email DLP policy for encryption for a sample email DLP policy configuration.
Preparations for using third-party application encryption also involve the following tasks:
*
*
Setting the encryption gateway IP address
Perform the following steps in the Security Manager Email Security module to configure the encryption gateway IP address:
1.
On the page Settings > Inbound/Outbound > IP Groups, from the IP Address Group List, click Encryption Gateway.
2.
3.
4.
Setting the encryption gateway options
Perform the following steps in the Email Security module to configure the encryption gateway options:
1.
On the page Settings > Inbound/Outbound > Encryption, from the pull-down menu Encryption method, select Third-party application.
2.
3.
 
Important 
*
Mark the check box Enable MX lookup for encrypted message routing based on the hostname MX record.
4.
5.
In the pull-down menu Encrypted IP address group, ensure that Encryption Gateway is displayed.
This selection helps to prevent the creation of an email routing loop.
6.
Ensure that users present credentials to view encrypted mail, mark the check box Require authentication and supply the desired user name and password in the appropriate fields.
Authentication must be supported and configured on your encryption server to use this function.
7.
In the field Encryption X-header, enter the header name and value that you created in your third-party application using the following format:
header name:value
8.
In the field Encryption success X-header, enter the header name and value that you created in your third-party application for the encryption success header using the format shown in the previous step.
9.
In the field Encryption failure X-header, enter the header name and value that you created in your third-party application for the encryption failure header using the format shown in step 7.
10.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Forcepoint Email Security Message Encryption : Third-party application message encryption
Copyright 2022 Forcepoint. All rights reserved.