Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 27 subscribers
  • Views 2109 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Each email sent from the LAN to WAN must be scanned and the Email Body with the attachment must be able to read by the IT Admin?

Srk

Brought Sophos XG 135 v3 for small business, I want to configure DLP & the requirement from client is ,

each email sent from the LAN to WAN must be scanned and the Email Body with the attachment must be able to read by the IT Admin? .

Please let me how can it be done, as i am new to this



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    additional information to make life easier for the forum.

    1/. where is the email server?

    2/. do you use an AD?

    3/. how many devices?

     

    If you email server is external you will need to install a CA on each mail client.

    The IT Admin must be very bored if he has to read every email out of the company and very knowledgeable about the way the company finance work?

    Ian

Reply
  • 0

    Hi,

    additional information to make life easier for the forum.

    1/. where is the email server?

    2/. do you use an AD?

    3/. how many devices?

     

    If you email server is external you will need to install a CA on each mail client.

    The IT Admin must be very bored if he has to read every email out of the company and very knowledgeable about the way the company finance work?

    Ian

Children
  • 0 in reply to rfcat_vk

    Hi,

     

    1/. where is the email server? : Using Google Gsuite for email purpose

    2/. do you use an AD? Yes 

    3/. how many devices? 100 Systems

     

    Since the IT admin is not going to read each mail but he must have the access to that mail if he found any suspicious.

     

    Please let me know any other info is needed.

    Can you please provide me what needs to be configured first and thereafter  

     

     

    Thank You

  • 0 in reply to Srk

    Hi,

    very quickly.

    You will need eta enable a business firewall rule to scan smtp/s and I assume Imaps/s for incoming messages.

    You will need to install the XG CA on every device.

    Depending on your requirements whether you need each user to authentic to the XG before accessing the internet?

    How many mobile devices are to be used and how do you plan to manage their mail access?

    Ian

  • 0 in reply to rfcat_vk

    Ok , Is it there mandatory to install XG CA on every system? Can we create business policy to scan only those mails which are sent out of the LAN network.

     

    No, each user is not authenticating to XG each time they access the internet just traffic shaping and Web policy are enforced.

    70 standalone PC's which are allowed to access the company's mail, No mobile device is allowed to access the Company's Email outside the Factory.   

  • 0 in reply to Srk

    Hi,

    all mail will have to leave your network to be delivered, even local ones.

    If you want the mail scanned then you will need a CA on each device.

    Also if you are implementing HTTPS scanning as part of your web policy you will need a CA installed on every device.

    How do you plan to stop a mobile device from accessing the company mail account when the users are out of the factory eg the general manager or the CEO?

    I did forget how are you planning on keeping a copy of each email and then decrypt so it can be read. How do you plan on determining if an email needs to be read?

    Personally I think you will need a internal mail server to achieve your aims, but there are wiser people that read these threads than I that might be able to offer a better solution.

    Ian

  • 0 in reply to rfcat_vk

    No problem , i will recommend the client for some changes in network let what he say.


    Thank for your time and the valuable information you gave me.