Encryption

Hermes SEG leverages the capabilities of Ciphermail in order to perform encryption/decryption of email messages. Ciphermail comes already installed and configured with the Hermes SEG appliance. Hermes SEG and Ciphermail have their very own Web GUI based approaches on managing encryption. We feel that our Web GUI is simpler and easier to manage, however if you prefer to utilize Ciphermail's Web GUI, it can be easily accessed at the following URL:

https://<IP_ADDRESS>/ciphermail/

where <IP_ADDRESS> is the IP address of your Hermes SEG appliance.

The Ciphermail Web GUI credetnails should had been changed if you followed the Getting Started guide. If not, ensure you change them right away.

Hermes SEG utilizes three methods for encrypting email:

S/MIME - S/MIME is a method for encrypting emails along with associated attachments as well as a method of digitally signing emails. Encrypting emails keeps them safe from unwanted access while digitally signing emails ensures that the sender of the email is legitimate thus reducing the effectiveness of phishing attacks. S/MIME is based on asymmetric cryptography, meaning that two separate keys are used. A private key which is used for decrypting the email and a public key which is used for encrypting and digitally signing the email.

PGP Encryption - PGP encryption encrypts and signs messages using asymetric key pairs which are uniquely created for each user. Public keys can be exchanged with others users via many means including public key servers. In this regard, PGP encryption is very similar to S/MIME encryption.

PDF Encryption - PDF Encryption converts the email along with any attachments to a PDF which in turn is encrypted with a password. This method is the easiest to implement because no special email clients that must support S/MIME have to be used. PDF readers are almost universally installed on user PCs.

Hermes SEG makes a distinction between two types of recipients:

Internal Recipients - These are internal recipients that have been created in Hermes SEG under Gateway --> Internal Recipients.

External Recipients - These are recipients that are not internal to Hermes SEG, in other words any recipient that the system does handle email for.

Introduction

Getting Started

Upgrade and Migrate Hermes SEG 18.04 to 20.04

Requirements and Recommendations

OVA/Hyper-V Appliance URL and Default Credentials

Hermes SEG E-mail Flow

Encryption

AD Integration

Admin Authentication

Admin Console Firewall

Network Settings

Console Settings

Mail Queue

System Logs

System Backup

System Certificates

System Restore

System Settings

System Status

System Update

System Users

Email Archive

System Reboot & Shutdown

SMTP TLS Settings

Relay Host

Relay Domains

Relay IPs & Networks

Internal Recipients

Virtual Recipients

Perimeter Checks

RBL Configuration

Network Block/Allow

Sender to Recipient Block/Allow List

Global Sender Block/Allow List

SPF Settings

DKIM Settings

Antivirus Settings

Antivirus Signature Feeds

Antivirus Signature Bypass

Antispam Settings

Custom Antispam Filter Tests

Initialize Pyzor

Initialize Vipul's Razor

Clear Bayes Database

Custom File Extensions

Custom File Expressions

Message Rules

File Rules

SVF Policies

Message History

Internal Certificate Authority

PGP Key Servers

Encryption Settings

Internal Recipients Encryption

External Recipients Encryption

Encryption