Cisco Email Security Appliance

Cisco Registered Envelope Service Data Sheet

  • Viewing Options

  • PDF (425.7 KB)
  • Feedback

The Cisco® Registered Envelope Service is a highly advanced cloud-based encryption-key service. Whether you need to meet compliance requirements, safeguard communications, or protect intellectual property, this flexible and scalable service supports your messaging requirements without your having to invest in additional infrastructure.

Product Overview

Cisco email and web security products are high-performance, easy-to-use, and technically innovative solutions designed to protect organizations of all sizes. Purpose-built for security and deployed at the gateway to protect the world’s most important networks, these products establish a powerful perimeter defense.

Our line of appliances is smarter and faster in part because they take advantage of Cisco Security Intelligence Operations and global threat correlation. With this advanced technology, organizations can improve their security and protect users from the latest Internet threats.


Although regular emails are not a secure information-exchange medium, encryption and key management are often seen as too complex to be used in everyday communications. The Registered Envelope Service takes away the complexity behind encryption and makes it easy to send and receive highly secure messages.

Secure Delivery Methods

The service offers a wide range of options for message delivery and can support any email encryption requirement.

Cisco email encryption is a highly secure, envelope-based “push” technology that combines universal reach, ease of use, and low total cost of ownership (TCO). Encrypted messages can be received by any email user - independent of the email client, operating system, or device - without the need to install any software or requiring the sender to pre-exchange encryption credentials with recipients.

Business-Class Email

In addition to safeguarding email content, the encryption technology enhances visibility and control over email.

Guaranteed read receipts allow users to know exactly when a message was viewed by each recipient.

Message expiration and recall prevents mistakenly sent messages from being opened and automatically secures old messages. The message may be recalled at any time.

Authentication and key delivery typically occurs by identifying user credentials. When a recipient has been authenticated, the key for that message is released and the recipient gets access to the message.

Enrollment management is provided for first-time recipients as they are guided through a single screen to create an account on the key server. This account may be used to receive any future messages.

Security Assertion Markup Language (SAML) 2.0 gateway integration, an advanced feature for organizations that have implemented an identity gateway, allows them to take advantage of their existing investment in the service. Recipients of an encrypted envelope can use their corporate credentials to authenticate with the service and decrypt the message automatically. This integration removes the need for first-time recipients to create a new account on the service and makes it very easy to access protected messages using a corporate username and password.

Universal device support makes it possible for highly secure messages to be read by any recipient regardless of the device used to open the message. Dedicated plug-in applications offer an enhanced user experience for Microsoft Outlook and on Apple iOS and Google Android smartphones.

Message management includes message recall and expiration as well as read-receipt. These features can be accessed through the service’s web interface or directly from the email client by installing dedicated plug-ins.

Hosted Key Server

The Registered Envelope Service manages recipient registration, authentication, and per-message encryption keys. Figure 1 shows how the Email Security Appliance and Registered Envelope Service interact. The service encrypts and decrypts messages according to policies defined on the C-Series appliances.

Figure 1.      Encrypted Business-Class Email Path


Helps Ensure Compliance

Sensitive messages are handled in compliance with regulatory legislation, such as the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), Gramm-Leach-Bliley Act (GLBA), Personal Information Protection and Electronic Documents Act (PIPEDA), and European Union Data Directive.

Uses a Federated Identity Gateway

Compatibility with SAML 2.0 gateways removes the need for new-recipient registration and makes it possible for recipients to use their corporate identity to decrypt messages.

Provides Business-Class Email

The powerful features support a new class of email, with exceptional visibility and control.

Fosters Customer and Partner Trust

Encryption raises the level of service to customers and partners, exemplifying Cisco’s commitment to keep business transactions and communications confidential.

Protects Intellectual Property

This solution safeguards sensitive business information and intellectual property contained in email outside the firewall, both in transit on the Internet and in storage on destination email servers.

Improves Customer Service

Organizations and their customers can communicate with an exceptional degree of security using the channels that customers prefer.

The Registered Envelope Service provides a turnkey, enterprise-class email encryption solution without the need to deploy new hardware. Multiple highly secure delivery methods offer the flexibility to meet diverse business needs, while integrated management and authentication simplifies deployment. Figure 2 shows how easy it is for users to send and receive an encrypted email message.

Figure 2.      Turnkey Email Encryption


The service encrypts and decrypts messages according to policies defined on the C-Series Email Security Appliances.


As demonstrated by many success stories, the Cisco Registered Envelope Service is the only cloud-based encryption key server flexible enough to meet the evolving secure-communications requirements of businesses today. Universal reach, flexible delivery methods, enterprise-class scalability, and business-class email features support an expanded use of the Internet as an efficient, reliable, and low-cost channel of highly secure communication.

For More Information

More information can be found in the following documents:

Data Sheet: Supporting Multiple Brands on the Cisco Registered Envelope Service

At-a-Glance: Cisco Registered Envelope Service

Webpage: Cisco Email Encryption