How to integrate DLP Network Prevent for Email with PGP Encryption and SMG server
Article ID: 230647
Updated On:
Products
Issue/Introduction
We are trying to configure the policy to encrypt the email if it contains policy violations and facing some issues.
What is the recommended way to configure the policy to encrypt the message, and forward the message to the PGP server for encryption.
Currently, the DLP Email prevents server is configured as reflect mode with the SMG server. So, we need to configure the DLP server to forward the messages to the PGP server for encryption and receive this message after encryption, then DLP will forward these encrypted messages to the SMG server for external delivery.
Environment
Component : Default-Sym
Resolution
Firstly create a response rule add a header for encryption, for example: X-Encrypt with the value Yes
Then create a policy with your desired rule that will identify what messages should be encrypted. For example if the message contains the keyword [Encrypt]
On the policy Response Rule tab add the Response Rule you created earlier:
Save the policy and that's all you need to do on the DLP side.
This will add the header X-Encrypt to any email identified as requiring encryption in PGP email Gateway.
In SMG you'll need to create a Policy to Route Messages to PGP where the header X-Encrypt exists with the value Yes in the mail header.
On a side note please ensure that you create a Policy in SMG to prevent the email from getting stuck in a loop with either DLP or PGP.
Feedback
