File Share Encryption

I am installing a PGP Universal server in as a gateway so that email can be encrypted, but I am trying to understand how the user keys are going to be created to allow this to happen. I would like this process to be totally transparent to the user so I would like to avoid using the PGP Desktop if possible.

Can anyone give me an idea of how to configure the PGP Server to accomplish this process?

As additional information, I will eveltually automate the encryption process through the Symantec DLP solution (formerly Vontu).

You only need PGP Desktop if you require End-to-End encryption.  That means that emails in the mailstore (presumably exchange) will be encrypted.  If that isnt a requirement, you do not need PGP Desktop installed.

You use Directory Synchronisation via LDAP or LDAPS to sync with an Active Directory or other LDAP directory to populate the Universal Server.

You can use DLP to automate the encryption process, but UN itself has a lot of policy options to automate the encryption process also, you should definately look at the policy chains.

Edit:

You also want to have SKM (Server Key Mode) enabled as that means that keys will be generated and managed by the UN only and are only provided to authenticated users (via directory synch) - only downside to this is smart cards dont work in this mode but that doesnt sound like a requirement for you.

Good luck!

Thank you very much for your response. Everything that you had written was along the lines that I was thinking that I would have to do, but I wanted to make sure before I went down that path.

Thanks again.

Glad I could help, please mark the relevant post as a solution for future visitors please :)

Thanks!