By enforcing Transport Layer Security (TLS) between you and the Symantec.cloud infrastructure, you have a guarantee that emails will only be sent in TLS between your mail servers and the service.
This enforcement can be configured either for inbound emails, from Symantec Email Security Services (ESS) to your servers, for outbound emails (from your servers to ESS), or both.
Note: When you configure enforcements under the Default Settings, they apply to any domains configured to use the Default Settings.
Outbound TLS enforcement means that the ESS infrastructure only accepts SMTP connections from your outbound servers when sent over TLS.
Inbound TLS enforcement means that the ESS infrastructure always uses TLS to secure SMTP connections to your domain's inbound mail servers. Before enabling this feature, verify that the inbound mail server is correctly TLS-enabled by running the TLS connectivity Test.