Endpoint Encryption

 View Only

  • 1.  Symantec Encryption and DLP

    Posted Dec 09, 2013 01:13 AM

    I am a newbie in the area of Symantec encryption and DLP.

    My client needs an email encryption solution that is integrated with active directory domain. Let's say that a user encrypts an email attachment such that only another user "name@domain.com" can decrypt it. Is it possible with Symantec Encryption?

     



  • 2.  RE: Symantec Encryption and DLP

    Broadcom Employee
    Posted Dec 09, 2013 01:19 AM

    please check this site for more information

    http://www.symantec.com/gateway-email-encryption

     



  • 3.  RE: Symantec Encryption and DLP

    Posted Dec 09, 2013 01:27 AM

    Thank you pete.

    I have already seen this link. You mean that Symantec Gateway email encryption includes the feature of active directory user authentication?

    One more question:

    If we deploy Symantec gateway email encryption at our end, our business partners and clients (to whom we send emails) also need this solution for decryption or not ?

    I am sorry if my questions are odd.



  • 4.  RE: Symantec Encryption and DLP

    Broadcom Employee
    Posted Dec 10, 2013 04:23 AM

    Hi Atif,

    Yes, if the LDAP (Active Directory) is one of the supported versions. Others *may* work but haven't been tested.
    You can find this same information under System Requirements:
    --- snip ---
    Supported External Authentication Products
    Symantec Encryption Management Server is compatible with the following LDAP directory products:
        Microsoft Active Directory 2010
        Microsoft Active Directory 2008
        Microsoft Active Directory 2003
        Lotus Notes/Domino Directory 7.0
        OpenLDAP 2.3.x

    For directory synchronization, Symantec Encryption Management Server supports:
        LDAPv2
        LDAPv3
        LDAPS
    --- snip ---

    The business partners don't have to use the same solution. However, both solutions must be able to work with the same encryption standard that you use to exchange encrypted emails. In the top of that same page:

    --- snip ---
    Messaging Security Standards
        PGP/MIME (RFC 3156)
        OpenPGP (RFC 4880)
        S/MIME v3 (RFC 2633)
    --- snip ---


    Regards,
    dcats



  • 5.  RE: Symantec Encryption and DLP

    Posted Dec 10, 2013 06:06 AM

    What's DLP to do in this scenario?  You can integrate DLP with PGP/SEMS to chek on data leakage through encrypted emails, but from your scenario you dont need DLP at all.



  • 6.  RE: Symantec Encryption and DLP

    Posted Dec 10, 2013 07:23 AM

    I believe my requirement can be fulfilled using Identity based encryption. Does Symantec supports identity based encryption?



  • 7.  RE: Symantec Encryption and DLP

    Broadcom Employee
    Posted Dec 10, 2013 08:28 AM

    Hi Atif,

    Unless there is some strict regulatory compliance requirement, I believe you meant Public-key cryptography. If so, yes.
    That's the usual way to secure email communication ("a user encrypts an email attachment such that only another user "name@domain.com" can decrypt it").

    The Symantec Encryption Management Server can work with S/MIME, in case you need to have a Certification Authority (CA) verifying the certificate. That's an example of PKI (Public-Key Infrastructure).
    If the trust can be established between both communication partners, then you can use PGP keys. This would be called WOT (Web of Trust).

    Rgs,
    dcats