Setting Up Secure Messaging - Lite

Document created by user.oxriBaJeN4 Employee on Nov 14, 2016Last modified by user.oxriBaJeN4 Employee on Mar 28, 2017
Version 11Show Document
  • View in full screen mode

Before you can use Secure Messaging - Lite to send and receive messages securely, there are some tasks to perform. Whilst some of these are mandatory, others are optional. However the optional tasks can be used to automate the sending of secure messages based on a message's content.

 

Applies To...

 

  • Administrators responsible for setting up Secure Messaging - Lite

 

Mandatory Tasks

 

The following mandatory tasks must be performed:

  • Enabling Secure Messaging - Lite

 

Enabling Secure Messaging - Lite

 

Enabling Secure Messaging - Lite requires a change to your Application Settings. Any change made can take up to 15 minutes to propagate and take effect. You'll also need to restart Mimecast to see the change.

 

To enable Secure Messaging - Lite:

  1. Log in to the Administration Console.
  2. Click on the Administration toolbar button. A menu drop down is displayed.
  3. Click on the Services | Applications menu item.
  4. Click on either the:
    • Default Application Settings record to setup Secure Messaging - Lite for all users.
    • New Application Settings button to to setup Secure Messaging - Lite for a limited group of users.
  5. Complete the following General section fields as indicated below:

    FieldValue
    GroupClick on the Lookup button to select a group of users to which the application settings will apply.
    Authentication ProfileClick on the Lookup button to select an authentication profile that will apply to the application settings.
  6. Complete the following Gateway Settings section fields as indicated below:

    FieldValue
    Send as Secure MessageSelected
  7. Click the Save and Exit button.

 

Optional Tasks

 

The following optional tasks can be performed:

 

Creating a Content Examination Definition and Policy

 

A Content Examination policy (with an associated definition) can be used to automatically send messages using Secure Messaging - Lite, based on the messaging content. For example, they can be used to look for any message sent with "Confidential" in the Subject field. 

 

To create a Content Examination definition and policy:

  1. Log in to the Administration Console.
  2. Click on the Administration toolbar button. A menu drop down is displayed.
  3. Click on the Gateway | Policies menu item.
  4. Create a Content Examination Definition, but with the following settings:

    Field / OptionBest Practice SettingComments
    Secure Messaging OverrideSee the "Comments"

    Click the Lookup button to select one of the following Secure Messaging definitions:

    • External Recipients: This only sends a secure message to external recipients. Internal recipients receive the message as usual in their Inbox.
    • All Recipients: This sends a secure message to all internal and external recipients.
  5. Click the Save and Exit button. 
  6. Create a Content Examination Policy, but with the following settings:

    Field / OptionBest Practice SettingComments
    Select Content DefinitionSee the "Comments"

    Click the Lookup button to select the Content Examination Definition created in the previous step.

  7. Click the Save and Exit button.

 

Creating a Secure Delivery Definition and Policy

 

A Secure Delivery policy (with an associated definition) can be used to automatically send messages using Secure Messaging - Lite, if specific criteria is met. For example, if Mimecast cannot create a secure SSL link when connecting to an external server, a policy can be configured to deliver messages securely via Secure Messaging. 

 

Secure messages are delivered using Transport Layer Security (TLS). This:

  • Protects confidentiality and data integrity by encrypting the server connections.
  • Transmits messages through an SSL encrypted tunnel.
  • Reduces the risk of eavesdropping, interception, and alteration of the message.
TLS requires a valid SSL certificate from a Mimecast trusted public root certificate authority to be installed and configured at each end of the encrypted tunnel. 

To create a Secure Delivery policy:

  1. Log in to the Administration Console.
  2. Click on the Administration toolbar button. A menu drop down is displayed.
  3. Click on the Gateway | Policies menu item.
  4. Create a Secure Delivery Definition, but with the following settings:

    Field / OptionBest Practice SettingComments
    Select OptionEnforced TLS - Fall Back to Secure Messaging

    This ensures all messages triggered by this definition are sent via Secure Messaging - Lite.

  5. Click the Save and Exit button. 
  6. Create a Secure Delivery Policy but with the following settings:

    Field / OptionBest Practice SettingComments
    Secure DeliverySee the "Comments"

    Click the Lookup button to select the Secure Delivery Definition created in the previous step.

  7. Click the Save and Exit button.

 

See Also...

 

Attachments

    Outcomes