Try our new research platform with insights from 80,000+ expert users
PaulGiles - PeerSpot reviewer
Principal Consultant at a computer software company with 1,001-5,000 employees
Video Review
Consultant
Top 20
Provides good visibility into the traffic, valuable reporting, and secure remote access
Pros and Cons
  • "The tech engineers are very knowledgeable."
  • "Licensing is quite complicated for a number of customers, including ourselves."

What is our primary use case?

We have a number of different types of customers and organizations who need to secure their environment. These range from healthcare professionals to financial organizations to very small organizations. They have a number of security requirements, whether it's just to secure the actual environment where they're working and also to provide additional services, such as VPNs and remote access for their remote workers.

Most of the customers that I work with tend to be on-prem, and a lot of them go with the centralized management system, FMC, purely because it has larger memory and larger hard disk space, and it can hold reports for a much longer period of time. Also, as their network infrastructure scales, FMC can manage more and more of their devices, and they're not having to manage individual devices. It's all centralized for them. 

How has it helped my organization?

A lot of our customers use another Cisco product already, so they have confidence in Cisco products. The firewalls they are currently deploying and using have evolved from their older ASA products. They are now moving to the new Firepower Threat Defense, which incorporates many more features and allows them to get the latest ALOFT download and feeds for any security vulnerabilities and they're able to react very quickly to any vulnerabilities that have been highlighted.

Initially, when the firewalls were first marketed and came onto the market, the visibility wasn't very good. But as the software evolved over time, that visibility has increased a lot more, and that is giving customers a lot more competence in the traffic and the traffic flows that they're seeing through the actual devices, so they can better understand the types of applications that they have on their network.

The good thing about the actual firewall itself is that it can integrate with other Cisco products, such as Cisco ISE so that it allows full end-to-end visibility of connectivity. It gives very good visibility. It's that integration with other products, not just what that individual firewall can do itself.

Talos is obviously fundamental to the actual firewall, reporting on vulnerabilities that are happening day to day. And the regular downloads, obviously, give customers confidence that their products are as secure as they can actually be.

What is most valuable?

There are a number of valuable features because we have that sort of single product that can do a number of different things, but remote access for users is very important, and visibility of the types of traffic that are passing through the actual appliances is very good, and the reporting of the devices is very good. 

What needs improvement?

It's not just the firewalls themselves, but one thing I think, where certainly firewalls and other products could actually improve, is in the licensing. Licensing is quite complicated for a number of customers, including ourselves. The licensing appears to be changing on a regular basis depending on the product and the software versions, so we are constantly having to keep up to speed with the different licensing types.

Buyer's Guide
Cisco Secure Email
November 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Cisco Secure Email for over ten years.

What do I think about the stability of the solution?

When most software evolves, the software becomes more stable and feature-rich. As we're seeing with the latest version from seven onwards, it's a lot more resilient and a lot more robust. The actual GUI interface is also a lot slicker now, whereas before it was a little bit clunky. We've definitely seen improvements with the latest version of Secure Firewall.

What do I think about the scalability of the solution?

We typically work with customers to price space. We don't typically work with customers in the service provider realm where they would typically have very large scaling of firewalls. They would do clustering and things like that. We know that these features are available, but that's not a particular area that we would actually work in. But, obviously, there's a breadth of Firepower products and platforms, and we can actually scale or arrange the correct firewall for the particular needs of that customer.

How are customer service and support?

As with most Cisco products, we typically find Cisco and their support very good. In the unlikely case, we have to raise a tech issue, they're very responsive, and they generally always provide a quick resolution to any encountered problems.

The tech engineers are very knowledgeable. The tech engineers who pick up cases know the product very well. And they always dive deep into the problem and provide regular updates to us or to the customer. If there are any other problems that are noticed after we've had an issue, the case can be reopened and investigated further.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We and our customers use a variety of different firewall manufacturers, not just Cisco. And as with all vendors, some have better properties or better features than others. Cisco Firewalls for Firepower had to use the centralized management system, FMC, but where some customers prefer just an On-Box GUI to configure the device, Cisco was playing catch up with other vendors who were operating in that same area. But what we found is that with later versions of Firepower and also FDM which is the On-Box management, those features have now come leaps and bounds. They are now on par with the centralized FMC to the FDM, allowing customers an easier way to deploy these products not only on-premise but also in the cloud.

What other advice do I have?

I would give Cisco Secure Firewall an eight out of ten. We're expecting that with later versions of software, again, more features will become available.

We have approximately 2000 employees and we sell a variety of Cisco solutions and products. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
ChrisWanyoike - PeerSpot reviewer
Network Infrastructure Specialist at Central-Bank-Kenya
Real User
Top 5Leaderboard
A cloud security solution for endpoint and greymail protection

What is our primary use case?

We use the solution for endpoint protection, including email protection, such as antivirus, anti-phishing, content filtering, outbreak filtering, and greymail protection.

What is most valuable?

An important feature is retrospective analysis, which allows the solution to retrieve emails sent even a week ago, even if they have already been delivered. This is done by analyzing emails for malicious content after they have been sent.

What needs improvement?

Cisco Secure Email focuses on cloud-based threat intelligence and endpoint security. The current version improves on the on-premises version by integrating Threat Grid and Advanced Malware Protection, which helps users quickly identify malicious emails.

What do I think about the stability of the solution?

The product is stable. We never had issues. If everything is configured right, it's something you can easily forget about.

What do I think about the scalability of the solution?

The solution is scalable.

1300 users are using this solution.

How are customer service and support?

We used it once when the appliance was acting up and then realized that an upgrade was needed. We follow up on the requirements upgrades and patching. It doesn't require much patching.

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

Cisco Secure Email can be integrated in-house, but we are too busy. Therefore, we have decided to use an integrator.

What was our ROI?

Even though Cisco Secure Email is not cheap, it offers a good return on investment. Cisco needs to ensure that its products are functional and have a long support timeline.

What's my experience with pricing, setup cost, and licensing?

The solution is not cheap.

What other advice do I have?

Cisco Secure Email is a fast data service. Because of this, most of its features are already pre-configured. All clients need to do is customize and tailor the service to their specific use cases.

I would recommend anyone using the on-premise ports move to the cloud.

Overall, I rate the solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cisco Secure Email
November 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,649 professionals have used our research since 2012.
Yonas Abebe - PeerSpot reviewer
junior Network Engineer at Symbol Technologies PLC
MSP
Top 10
Designed to secure email activities and interactions within such systems
Pros and Cons
  • "Cisco Secure Email is part of Cisco's extensive efforts and investments in technology, especially in the realm of cyber security. The product is one among many security solutions offered by Cisco."
  • "While Cisco offers excellent solutions and innovations, the pricing may not be suitable for everyone. The cost of the software is relatively high. In the current market, there are numerous competitive alternatives that focus on security, enterprise networks, and various other aspects. Cisco, being a comprehensive provider, extends its expertise across data, servers, storage, and security, making them a preferred choice for many enterprises. However, when it comes specifically to security solutions, there are other vendors that specialize solely in this domain, offering competitive options."

What is our primary use case?

We use Cisco Secure Email for email security, aiming to safeguard email communications. It plays a crucial role in protecting the integrity of email integrations, particularly as many companies now opt for Microsoft email services. It's designed to secure email activities and interactions within such systems.

What is most valuable?

Cisco Secure Email is part of Cisco's extensive efforts and investments in technology, especially in the realm of cyber security. The product is one among many security solutions offered by Cisco. 

What needs improvement?

While Cisco offers excellent solutions and innovations, the pricing may not be suitable for everyone. The cost of the software is relatively high. In the current market, there are numerous competitive alternatives that focus on security, enterprise networks, and various other aspects. Cisco, being a comprehensive provider, extends its expertise across data, servers, storage, and security, making them a preferred choice for many enterprises. However, when it comes specifically to security solutions, there are other vendors that specialize solely in this domain, offering competitive options.

For how long have I used the solution?

I've personally been working with Cisco Secure Email for the past three to four years. However, in a professional capacity, I've been dedicated to the field of security for about one year and eighteen months.

What do I think about the scalability of the solution?

I will rate it 8 out of 10.

How are customer service and support?

They were helpful.

How would you rate customer service and support?

Positive

How was the initial setup?

Migrating to cloud systems could be challenging. 

What about the implementation team?

We handle end-to-end implementation and also provide support services.

What's my experience with pricing, setup cost, and licensing?

It is expensive. I would rate it 2 out of 10, where 1 is the most expensive and 10 is the cheapest. 

What other advice do I have?

I consider Cisco Secure Email to be a top-notch product and would rate it as a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Mohankannan Ramadoss - PeerSpot reviewer
Regional Manager at Digitaltrack
Real User
Top 5Leaderboard
An easy-to-use product with good security features
Pros and Cons
  • "It is a user-friendly product."
  • "There could be additional DLP functionality for it."

What is our primary use case?

We use Cisco Secure Email for email security.

What is most valuable?

The product stands out compared to other vendors in simplicity and ease of use. It is competitive and should be considered a user-friendly option. Its integration capability is good as well.

What needs improvement?

It would be beneficial to have additional DLP functionality, particularly in the email DLP aspect. It could be included in the next release of the product.

For how long have I used the solution?

I've been using Cisco Secure Email for ten years. Currently, I'm using the latest version.

What do I think about the stability of the solution?

The stability of the product is a ten on ten.

What do I think about the scalability of the solution?

Scalability-wise, I rate the product a nine out of ten.

How are customer service and support?

I've had a good experience with Cisco's customer service and support team. They respond immediately.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have worked with Barracuda Email Security and Trend Micro Email Security.

How was the initial setup?

We have deployed Cisco Secure Email both on-premises and in the cloud. One can use it as a private cloud solution or a virtual appliance in a cloud environment. The implementation and configuration process, including the dashboard, was user-friendly and straightforward. Along with it, the on-premises deployment was easy. It took less than an hour to complete.

What's my experience with pricing, setup cost, and licensing?

It is a reasonably priced solution. I rate its pricing as a seven out of ten.

What other advice do I have?

Cisco Secure Email is easy-to-use. I highly recommend it and rate it an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
YusufAhmed - PeerSpot reviewer
Information Security Specialist at IHV-Nigeria
Real User
Top 5
Can be easily installed but needs improvements in the pricing model
Pros and Cons
  • "The product's initial setup phase was easy."
  • "There are some concerns in the way the architecture is set up, making it an area where improvements are required."

What is our primary use case?

My company operates as a service provider, and we use Cisco Secure Email so that we can secure the endpoints, systems, and emails in our data center.

What is most valuable?

The most valuable feature of the solution is the ease of use. It is easy to set up and manage the tool.

What needs improvement?

There are some concerns in the way the architecture is set up, making it an area where improvements are required. When you set up the tool, the way you put your SMTP routes should be possible through an easier process.

For how long have I used the solution?

I have been using Cisco Secure Email for ten years. I am a customer of the tool.

What do I think about the stability of the solution?

The product is stable. The only challenge is the IPs get easily blacklisted. The IP addresses of IronPort devices easily get blacklisted. Cisco should make items to contact the companies whose IP addresses get blocked. During the configuration of the tool, there should be some provision in the product to indicate which IP addresses are from IronPort devices and not from the server.

What do I think about the scalability of the solution?

It is a scalable solution.

My company uses three Cisco Secure Email solutions in parallel. In my company, we have set the product for different segments or networks, but all three sync well with each other and work fine.

For administration purposes, there are five people who use the product. As end users, there are over 2,000 to 3,000 people who use the product.

How are customer service and support?

I am happy with the responses and the solutions provided by the solution's technical support.

How was the initial setup?

The product's initial setup phase was easy.

What's my experience with pricing, setup cost, and licensing?

The product's price falls on the higher side when compared to the other products on the market.

Whether the product would be worth the money for a business is something that depends on what a company is trying to do with the solution. If you are looking at the profitability angle, the new can get cheaply priced solutions in the market. I work in a government organization where profit alone is not our goal, and we need a product that offers security.

What other advice do I have?

I recommend the product to those who plan to use it.

The DLP feature in the product is not a functionality that we have configured yet, but we do have access to its settings.

A beginner can learn to use Cisco Secure Email through a straightforward process.

Cisco Secure Email has integrated with our company's existing email gateway in a very straightforward manner through a configuration process involving IronPorts, and then URLs on IronPorts are set up.

Though it is easy to set up the product, the cost of the solution is not favorable for everybody.

I rate the tool a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Technical Presales Consultant : Cisco Security at Inflow Technologies
Reseller
Top 20
Integrates very well with established threat detection engines and a comprehensive suite of products

What is our primary use case?

We use Cisco email security against threats such as phishing and malware and block weaponized URLs. Cisco provides a cloud solution, along with the appliance, and a hybrid solution is also there. We deploy the solution as per the customer's requirements.

What is most valuable?

The solution is very robust because it talks to Cisco Talos. Talos is the number one threat detection engine, the most trustworthy and used globally. That's one strong reason we back our products. Not only do we use it on our premises, but this is the product's main USP when we sell it.

What needs improvement?

Cross-platform is one major pain point. Many of our clients use an open-source Linux system. These components cannot provide for any Ubuntu or any Linux open-source system, and that's where we get stuck most of the time. Previously, we were doing a POC for Cisco Umbrella, and we got stuck at the point where the customer had almost 200 to 300 of his endpoints, almost 80% of his workforce, working on Linux. This was both on the server and roaming user sides, and Cisco has no solution for Ubuntu. We have raised this suggestion many times when interacting with Cisco during seminars and webinars we've attended. However, we only got feedback from them that they will introduce that feature very soon with their Cisco AnyConnect agent. But it's still only available for Windows and Mac.

For how long have I used the solution?

I've used this solution for one year.

What do I think about the stability of the solution?

The product is stable. There have been no complaints from the customers. Fine-tuning is important, which will come whenever you go live, especially for larger domains where customers have 1,000 or 2,000 email IDs and multiple domains. That is the only challenge where we have to fine-tune the policies. But the product is stable.

What do I think about the scalability of the solution?

Cisco Email Security's scalability is good. We have had a couple of cases where the user increased the licenses. There is no challenge to scalability. For the past year, there have been four to five customers to whom we have sold the product.

How are customer service and support?

Cisco's technical support is excellent. Whenever we contact tech support, the hierarchy starts with our regional ACs. If they cannot resolve our issue, we contact TAC, and TAC is a ten-on-ten. They're well versed with their technology. They know the capabilities of their product and how it works. The one thing we expect when we contact an OEM technical person is clarity on the subject and the issue. There should not be a gray area. When we reach out to them with any issue and when the customer is also on the call and has already purchased the product or is about to purchase the product, the most important thing is for there not to be a gray area in figuring out whether the product will work or not. That's more important than providing a prompt solution. Cisco's tech support always clarifies whether a feature will work before proceeding with the solution. If it is possible, they always provide the solution. If it is impossible, they provide the proper documentation explaining why it is impossible.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is straightforward. That's one of the main USPs, the deployment of these products. It takes hardly 20 minutes to deploy Umbrella over a network. And with email security, it's less than a one-hour job. After deploying, the fine-tuning part comes. That comes under the policies, so I don't count that under deployment. The next step will take another one or two hours, but not more than that.

When deploying the solution, we first go on a call with the customer, understand their pain points, and understand their existing network. We have to analyze the scope of work before deploying. Depending upon the existing setup the customer has, we make our steps. "Is there any prerequisite required? Are there any virtual appliances needed in the network to be deployed?" Accordingly, we will plan our activities. In a two or three-hour call for the first session, we have to define what we have to cover, and in the second session, we have to define the success criteria. The deployment is not a template. It changes from customer to customer.

What's my experience with pricing, setup cost, and licensing?

Cisco's price point is good. When we talk about Cisco to our customers, they already have the mindset that Cisco has a particular price point. It beats other competitors when it comes to the quality of the product.

What other advice do I have?

I rate Cisco Secure Mail a nine out of ten. Cisco is improving. We had a session where we asked them to improve their GUI. They have improved it and the end-user experience because it was too mechanical a dashboard earlier, where it was difficult to find mail logs. We recommend the solution.

We use Umbrella for our DNS layer security, blocking all the DNS layer threats. For endpoint security, we are using Cisco Amp. Whenever there is a requirement, we hunt for greenfield opportunities where no Cisco solution is present. We can then create a window where we can reach in. We deploy one product and then explain the single vendor advantages to customers. That mostly goes with the Cisco Umbrella, which goes hand in hand with Meraki. Once the user gets his ecosystem on Cisco, giving a single vendor solution is possible.

Similarly, XDR is there. XDR is one of the key products we're pitching these days. It's a simple single glass pane where we can orchestrate all the customer's products from a single dashboard. That's a major concern we hear these days from security personnel and IT teams. They have several products from several OEMs, and whenever it comes to orchestration or finding a glitch, they have to access all the products independently on different tabs or screens.

As far as policies and security with the components are concerned, Cisco is the perfect product.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
JoseSilva - PeerSpot reviewer
Manager of Partner Solutions at S21sec
Video Review
Integrator
Top 10
Provides reliable protection, brings awareness, and has adaptable pricing
Pros and Cons
  • "The advanced phishing protection and the integration with the awareness tool that Cisco has embedded into the solution to bring awareness to the customers about the dangers of phishing attacks and other things that come from email are the most valuable features."
  • "Cisco is already providing a very good environment with the IronPort solution, but there could be some more integration with other products. For instance, an integration with the EDR solution could be there to raise an alert."

What is our primary use case?

I work at S21sec, which is a partner of Cisco in Portugal. We do integration of different Cisco solutions for our customers. Nowadays, we mostly do integration of Cisco cloud solutions for customers.

Cisco Secure Email is the solution that we deploy for customers in Portugal mostly as a backup of an existing solution such as Office 365 because it guarantees that the customer never falls out of options if the main product has some problem. If they rely on having an email solution that cannot fail, that's an excellent option for them to have in place. It's the oldest solution that we deploy for customers in Portugal. It has a very nice history and very good quality. It's perceived by our customers as an email solution that functions all the time.

How has it helped my organization?

One benefit is the resilience of the solution when implemented in conjunction with other solutions, and the other one is the new features that Cisco is adding to the solution itself, such as awareness of advanced phishing threats. The environment that Cisco is building around this primary product in its catalog is helpful.

We offer almost all of the Cisco Security solutions, but recently, we've been working more with cloud solutions. It's easier for customers to adopt them. We also continue to deploy some of the firewall solutions with the physical devices and also email protection solutions either with the VM solutions or with the physical appliances. We've been seeing evermore integration of the products based on the browsing console, which is very nice for customers because they only need to have a browser to access all the different consoles of different products. They can be consolidated with SecureX. It's an advantage for the customer to be able to handle all the different consoles for different integrations that the customer has in one place.

Cisco Talos is a very nice complementary solution to the email protection suite. It gives you the threat intel regarding the latest news and infections that can be problematic for the customers. They become aware of what's happening and any latest vulnerabilities they may have on-prem.

What is most valuable?

The advanced phishing protection and the integration with the awareness tool that Cisco has embedded into the solution to bring awareness to the customers about the dangers of phishing attacks and other things that come from email are the most valuable features.

What needs improvement?

Cisco has already improved this solution with some add-ons to the basic product. Cisco is already providing a very good environment with the IronPort solution, but there could be some more integration with other products. For instance, an integration with the EDR solution could be there to raise an alert.

For how long have I used the solution?

We've been a partner of Cisco for more than 10 years, and we've mostly done integration of solutions. 

How are customer service and support?

We usually give the first line of support to the customer, and then only, we go to the Cisco support. We have a very strong Cisco security team in Portugal, so whenever we need any support, we use those resources. I don't remember a time when I had to open a ticket because the local team has been very good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Cisco Secure Email hasn't helped clients consolidate any applications. In Portugal, there's no business for that because what you usually do is implement several solutions that are regarded as the better solutions in terms of the market. In some cases, it could be Cisco, and in other cases, it could be another player. At S21sec, we try to give a better solution to customers and adapt and customize it to the specific needs of our customers.

The main difference between Cisco Secure Email and other solutions is the reliability and the capability to offline the email if there are some problems on the customer side. We can also overcome problems that may arise in terms of the local telecommunication operators that handle the communication. If there's a failure there, we can overcome those problems with the relays from the Cisco solution.

How was the initial setup?

The deployment model varies a little bit. In Portugal, some sectors still rely on on-prem solutions, but we are trying to build awareness that the new solutions relying on the cloud are better for the customers because they don't have to worry about getting new patches and new security updates and patching the infrastructure. They only need to rely on having a service that is provided by Cisco for having the best security. They don't have to worry about the maintenance of the platform itself. The cloud provider that our clients use varies. We work a lot with the banks and financial organizations in Portugal. They are historical customers that don't want to go for public cloud solutions. They still rely on on-prem solutions. They have evolved to having virtualized solutions instead of appliance solutions, but they still rely on having mostly private cloud solutions. They use local providers. We are seeing a shift to global providers but not with all of them.

It's a very modular solution. We have some customers who have deployments all over the world. We clusterize the solutions in each of those locations, and then they connect them with the global management solution. We can manage all the operations of the different clusters spread around the world from one site. It's a very good solution in terms of redundancy even in different geographies.

It's a very easy solution. You can go for a very customizable environment, but usually, for the day-to-day needs of most customers, it's very easy to deploy. You can just customize the options to make it more secure for a customer's environment.

What's my experience with pricing, setup cost, and licensing?

It's adapted to the market. It's similar to other vendors. We at least don't have many problems regarding that because Cisco is adaptable on that side. When we present the solutions to the customers, we tend to achieve the goals that the customer has in terms of the budget for such implementations.

We offer the best solution for what customers intend to do and the type of problems that their business may have. When a solution is adaptable and customizable to the customer environment, customers tend to go ahead with it. Even if it requires more investment, we find a way of getting it to the budget and getting a good return on investment.

What other advice do I have?

To those evaluating this solution, I'd recommend trying the product. Cloud solutions are very easy to use, and you can do a PoC. In a matter of hours or a day, you can deploy the solution and use it fully.

We are Cisco partners. Cisco has a very nice solution and a very good security team in Portugal, but obviously, they can't cater to all the customers. An integrator does that part. With the relationship that we have with the customers, we can apply and customize the solutions that Cisco has in its portfolio according to the environment and specific needs of each customer.

Our partnership with Cisco is pretty close to a 10 out of 10 because we are getting different kinds of solutions. We at S21sec handle just security. We don't do storage, and we don't do servers. We are very focused on security, and the partnership that we have with Cisco is ever-growing because nowadays, for instance, OT solutions are also a very huge concern for us, and what we have seen with Cisco solutions that are being brought to the market is that they also started to handle the new security issues that we find in other sectors. They are not only into IT. They are also going into the OT and the IoT world. They are able to customize and bring new solutions, even some developed insights, by buying other companies and adapting them to the Cisco reality. They are able to devise a product that handles the needs of different kinds of customers in different areas of the business, not just the IT world but also the industrial world.

I would rate Cisco Secure Email a nine out of ten. It's growing up to be much more than just an email protection tool. It's going for the awareness of the customers, and that's a good complementary solution that addresses other problems that come from using email nowadays.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Enrique Diaz Jolly - PeerSpot reviewer
Owner at Jolly Security Inc
Real User
Top 10
You can know exactly and accurately where an email came from and for which specific device
Pros and Cons
  • "It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure."
  • "The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear."

What is our primary use case?

It is like a gateway for email. They receive all your email traffic. They send over your email traffic, and it is the first incoming point and the last outgoing point. They deliver the traffic to the destination. Whatever it is, you want to be informed of what is happening. Depending on the site's deployment, if you have a single device, then you have all the information on the device. And if you have several devices, you have all the information on every single device for each device. However, for consolidation, you need another device called Security Management Appliance (SMA).

It has no real interaction with other stuff. It does not interact with a gateway beyond the networking level. You have a router and that router provides IP addresses for a switch, etc. You don't have to integrate Cisco Secure Email with something specific since it is standalone and only requires basic essential networking. You can integrate it with a firewall, like ASA, but that firewall has to allow traffic. To do that, you would open port 25.

It is available to be deployed as on-premises, on the cloud, and hybrid cloud.

How has it helped my organization?

The solution is valuable if you are looking for a security email gateway that provides you with the most services possible. It has anything that you may be looking for in an email deployment, except for the endpoint which should be supported by something else, like Exchange. It doesn't have mailboxes because it is a gateway.

There are some methods to authenticate email, i.e., putting a stamp or seal of trust on an email, where one method is DKIM and another is SPF.

  • For SPF in the DNS, where you have records that list the different devices or IP addresses that can send email from a specific domain, a security device can consult that DNS and check if the mail coming from that domain is coming from an authorized source.
  • DKIM is a cryptographic signature of an email. It is usually what you announce is the public key of that system's PKI and verify the signature in the headers. You have a checksum of all the contents so it is possible to define or identify whether the message has been tampered with in route.

They are mutually exclusive in a way, so DMARC consolidates both. It provides alignment with the IP address, domain name, etc., and has to match at least one, being properly aligned. It has become something very important for compliance.

When you are receiving, you use all this information to decide whether an email is legitimate. Or, if you also need to deploy your DKIM, DMARC, and SPF infrastructure, that lets the rest of the world know where you are sending email from and how you are authenticating your email.

It can honor all SPF, DKIM, and DMARC rule sets and apply rules based on the results of these tests as well as sign the DKIM. Therefore, your email can comply with whatever you are announcing on your DNS for the rest of the world to know that you know about the signed domains. It has perfect, robust integration on that. 

What is most valuable?

The most valuable feature is reputation filtering. In the beginning, it was based on just the IP source. but it has now evolved to domain reputation. It allows you to classify different IP sources and different sender groups, where you can reject to throttle to whitelist from any IP sources, domains, etc. Based on the reputation gathering, the reputation is powered by Talos security. It is a super powerful feature. That alone gets rid of more than 50% of the crap from the traffic flow, before even hitting the anti-spam or antivirus.

If you have some knowledge about email, it is a pretty simple solution that has many controls on different levels, from the gateway part to accepting messages from certain sources to stringent filtering. It is state of the art with anti-spam, antivirus, and different threat prevention features. 

SecureX is powered by Talos, Sourcefire, etc. Today, it is the largest, richest threat intelligence on the market. SecureX is quite standalone in regards to integration since you put it into the network, whether it is on your own cloud or a third-party cloud.

If you go to the filtering level, you can have very accurate features or filters since it is programmatic. At a certain point, you can define sets of rules, such as where the email is coming from, whether it has this content, or to apply this policy. For example, if it has the same considerations, but the content is different, apply this another policy. It is super flexible and very customizable to your needs. It is not difficult to use.

It provides information, reporting, logging, and tracking. It has powerful tracking, so you can know exactly and accurately where an email came from, for which specific device, etc. It shows the emails which were:

  • Dropped
  • Rejected
  • Quarantined
  • Accepted by which policies.

It also shows the rule sets applied for that email and considers

  • The source
  • The Offender
  • Anything else that you may consider in an email.

It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure. 

What needs improvement?

You can consolidate on SMA if you want to spam or threats quarantined for multiple devices. It is not advisable for a single device, because if it fails, you are left without any email.

I would like to see a few changes to the UX. 

There is space for improvement with data loss prevention, particularly with third-parties integration. Data loss prevention is quite important, though most customers have some third-party or other elements in their network doing data loss prevention, specifically for email. However, if it could be possible to integrate with other solutions, not only on the email flow, but on analysis for a connector or something like that, then that would be ideal.

The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear.

For how long have I used the solution?

I have been using it since 2004.

What do I think about the stability of the solution?

It does not add anything to the potential downtime for a corporation, unless everything fails. If all your email exchanges fail, then you don't have email, but this solution does not affect the performance of your whole network. 

At the minimum, you need two devices. If you have two devices and one fails, then the other one can handle the work, though you might have some email delays.

You should keep track of what is going on. It does need some daily administration, fixes, and policy changes.

How are customer service and support?

In general, their technical support is really good. There are a few who are still learning, e.g., not providing enough help, but there is always the option to escalate.

Which solution did I use previously and why did I switch?

It was the IronPort before Cisco acquired it in 2007. It is the same appliance and software. This solution has been upgraded by several versions, but it is basically the same, they just changed the name. 

What about the implementation team?

I have done the architecture for a company in China.

What's my experience with pricing, setup cost, and licensing?

It is a super big router that costs a few hundred thousand dollars.

Which other solutions did I evaluate?

These days, the first tiers of this market have good enough anti-spam, antivirus, etc. These have become routine. There are some other not-so-good solutions, like Barracuda and Fortinet, but it depends on how much you are willing to pay as this solution is not cheap.

The best other solution is Proofpoint. They have been long-time competitors who have also been evolving. The big difference is it is more fancy because it has more bells and whistles. The solution is good as well. However, they are super expensive, not cheap.

If you want a multi-tiered deployment, you could perhaps have Secure Email on the cloud and Proofpoint on-premises. Then, you have the two best solutions in the market working together. I have customers who have done this and are satisfied. Very few solutions can compete with Secure Email and Proofpoint outside of the price. If your budget is a problem, then you have a problem.

Along with Proofpoint, this is the best solution in terms of preventing spam, malware, and ransomware.

Check Point has fancy graphics and an interface where you can do a lot. The Cisco Secure gateway has both, though not as fancy as Check Point, but a big majority of the tasks can be done on the graphical interface level.

What other advice do I have?

It is not so difficult to us, but neither is it easy, particularly if you don't have some knowledge about email.

Whatever you are looking for with an email security appliance or device, you mostly have it, though nobody is perfect.

The solution’s ability to prevent phishing and business-email compromise is fairly good. DKIM, DMARC, and SPF integration are the best way to prevent phishing, spoofing, etc. However, they still have room to work in this area.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Email Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Cisco Secure Email Report and get advice and tips from experienced pros sharing their opinions.