Cisco Secure Email Reviews

We use the solution for endpoint protection, including email protection, such as antivirus, anti-phishing, content filtering, outbreak filtering, and greymail protection.

An important feature is retrospective analysis, which allows the solution to retrieve emails sent even a week ago, even if they have already been delivered. This is done by analyzing emails for malicious content after they have been sent.

Cisco Secure Email focuses on cloud-based threat intelligence and endpoint security. The current version improves on the on-premises version by integrating Threat Grid and Advanced Malware Protection, which helps users quickly identify malicious emails.

The product is stable. We never had issues. If everything is configured right, it's something you can easily forget about.

The solution is scalable.

1300 users are using this solution.

We used it once when the appliance was acting up and then realized that an upgrade was needed. We follow up on the requirements upgrades and patching. It doesn't require much patching.

The initial setup is straightforward.

Cisco Secure Email can be integrated in-house, but we are too busy. Therefore, we have decided to use an integrator.

Even though Cisco Secure Email is not cheap, it offers a good return on investment. Cisco needs to ensure that its products are functional and have a long support timeline.

The solution is not cheap.

Cisco Secure Email is a fast data service. Because of this, most of its features are already pre-configured. All clients need to do is customize and tailor the service to their specific use cases.

I would recommend anyone using the on-premise ports move to the cloud.

Overall, I rate the solution a ten out of ten.

We use Cisco Secure Email for email security, aiming to safeguard email communications. It plays a crucial role in protecting the integrity of email integrations, particularly as many companies now opt for Microsoft email services. It's designed to secure email activities and interactions within such systems.

Cisco Secure Email is part of Cisco's extensive efforts and investments in technology, especially in the realm of cyber security. The product is one among many security solutions offered by Cisco. 

While Cisco offers excellent solutions and innovations, the pricing may not be suitable for everyone. The cost of the software is relatively high. In the current market, there are numerous competitive alternatives that focus on security, enterprise networks, and various other aspects. Cisco, being a comprehensive provider, extends its expertise across data, servers, storage, and security, making them a preferred choice for many enterprises. However, when it comes specifically to security solutions, there are other vendors that specialize solely in this domain, offering competitive options.

I've personally been working with Cisco Secure Email for the past three to four years. However, in a professional capacity, I've been dedicated to the field of security for about one year and eighteen months.

I will rate it 8 out of 10.

They were helpful.

Positive

Migrating to cloud systems could be challenging. 

We handle end-to-end implementation and also provide support services.

It is expensive. I would rate it 2 out of 10, where 1 is the most expensive and 10 is the cheapest. 

I consider Cisco Secure Email to be a top-notch product and would rate it as a ten out of ten.

My company operates as a service provider, and we use Cisco Secure Email so that we can secure the endpoints, systems, and emails in our data center.

The most valuable feature of the solution is the ease of use. It is easy to set up and manage the tool.

There are some concerns in the way the architecture is set up, making it an area where improvements are required. When you set up the tool, the way you put your SMTP routes should be possible through an easier process.

I have been using Cisco Secure Email for ten years. I am a customer of the tool.

The product is stable. The only challenge is the IPs get easily blacklisted. The IP addresses of IronPort devices easily get blacklisted. Cisco should make items to contact the companies whose IP addresses get blocked. During the configuration of the tool, there should be some provision in the product to indicate which IP addresses are from IronPort devices and not from the server.

It is a scalable solution.

My company uses three Cisco Secure Email solutions in parallel. In my company, we have set the product for different segments or networks, but all three sync well with each other and work fine.

For administration purposes, there are five people who use the product. As end users, there are over 2,000 to 3,000 people who use the product.

I am happy with the responses and the solutions provided by the solution's technical support.

The product's initial setup phase was easy.

The product's price falls on the higher side when compared to the other products on the market.

Whether the product would be worth the money for a business is something that depends on what a company is trying to do with the solution. If you are looking at the profitability angle, the new can get cheaply priced solutions in the market. I work in a government organization where profit alone is not our goal, and we need a product that offers security.

I recommend the product to those who plan to use it.

The DLP feature in the product is not a functionality that we have configured yet, but we do have access to its settings.

A beginner can learn to use Cisco Secure Email through a straightforward process.

Cisco Secure Email has integrated with our company's existing email gateway in a very straightforward manner through a configuration process involving IronPorts, and then URLs on IronPorts are set up.

Though it is easy to set up the product, the cost of the solution is not favorable for everybody.

I rate the tool a seven out of ten.

We use Cisco email security against threats such as phishing and malware and block weaponized URLs. Cisco provides a cloud solution, along with the appliance, and a hybrid solution is also there. We deploy the solution as per the customer's requirements.

The solution is very robust because it talks to Cisco Talos. Talos is the number one threat detection engine, the most trustworthy and used globally. That's one strong reason we back our products. Not only do we use it on our premises, but this is the product's main USP when we sell it.

Cross-platform is one major pain point. Many of our clients use an open-source Linux system. These components cannot provide for any Ubuntu or any Linux open-source system, and that's where we get stuck most of the time. Previously, we were doing a POC for Cisco Umbrella, and we got stuck at the point where the customer had almost 200 to 300 of his endpoints, almost 80% of his workforce, working on Linux. This was both on the server and roaming user sides, and Cisco has no solution for Ubuntu. We have raised this suggestion many times when interacting with Cisco during seminars and webinars we've attended. However, we only got feedback from them that they will introduce that feature very soon with their Cisco AnyConnect agent. But it's still only available for Windows and Mac.

I've used this solution for one year.

The product is stable. There have been no complaints from the customers. Fine-tuning is important, which will come whenever you go live, especially for larger domains where customers have 1,000 or 2,000 email IDs and multiple domains. That is the only challenge where we have to fine-tune the policies. But the product is stable.

Cisco Email Security's scalability is good. We have had a couple of cases where the user increased the licenses. There is no challenge to scalability. For the past year, there have been four to five customers to whom we have sold the product.

Cisco's technical support is excellent. Whenever we contact tech support, the hierarchy starts with our regional ACs. If they cannot resolve our issue, we contact TAC, and TAC is a ten-on-ten. They're well versed with their technology. They know the capabilities of their product and how it works. The one thing we expect when we contact an OEM technical person is clarity on the subject and the issue. There should not be a gray area. When we reach out to them with any issue and when the customer is also on the call and has already purchased the product or is about to purchase the product, the most important thing is for there not to be a gray area in figuring out whether the product will work or not. That's more important than providing a prompt solution. Cisco's tech support always clarifies whether a feature will work before proceeding with the solution. If it is possible, they always provide the solution. If it is impossible, they provide the proper documentation explaining why it is impossible.

Positive

The initial setup is straightforward. That's one of the main USPs, the deployment of these products. It takes hardly 20 minutes to deploy Umbrella over a network. And with email security, it's less than a one-hour job. After deploying, the fine-tuning part comes. That comes under the policies, so I don't count that under deployment. The next step will take another one or two hours, but not more than that.

When deploying the solution, we first go on a call with the customer, understand their pain points, and understand their existing network. We have to analyze the scope of work before deploying. Depending upon the existing setup the customer has, we make our steps. "Is there any prerequisite required? Are there any virtual appliances needed in the network to be deployed?" Accordingly, we will plan our activities. In a two or three-hour call for the first session, we have to define what we have to cover, and in the second session, we have to define the success criteria. The deployment is not a template. It changes from customer to customer.

Cisco's price point is good. When we talk about Cisco to our customers, they already have the mindset that Cisco has a particular price point. It beats other competitors when it comes to the quality of the product.

I rate Cisco Secure Mail a nine out of ten. Cisco is improving. We had a session where we asked them to improve their GUI. They have improved it and the end-user experience because it was too mechanical a dashboard earlier, where it was difficult to find mail logs. We recommend the solution.

We use Umbrella for our DNS layer security, blocking all the DNS layer threats. For endpoint security, we are using Cisco Amp. Whenever there is a requirement, we hunt for greenfield opportunities where no Cisco solution is present. We can then create a window where we can reach in. We deploy one product and then explain the single vendor advantages to customers. That mostly goes with the Cisco Umbrella, which goes hand in hand with Meraki. Once the user gets his ecosystem on Cisco, giving a single vendor solution is possible.

Similarly, XDR is there. XDR is one of the key products we're pitching these days. It's a simple single glass pane where we can orchestrate all the customer's products from a single dashboard. That's a major concern we hear these days from security personnel and IT teams. They have several products from several OEMs, and whenever it comes to orchestration or finding a glitch, they have to access all the products independently on different tabs or screens.

As far as policies and security with the components are concerned, Cisco is the perfect product.

The tool has a DLP solution which we can implement. Its database is updated regularly. 

The tool's pricing can be improved. 

I have been using the solution for seventeen years. 

Cisco Secure Email is stable. 

We have more than 1500 users for the product. 

The tool's support is good. 

Cisco Secure Email's installation was straightforward. We discussed with the integrator, designed the implementation and tested the product. 

An integrator helped us with the product's installation. 

Cisco Secure Email is not expensive, and licensing costs are yearly. 

I rate Cisco Secure Email a nine out of ten. 

I work at S21sec, which is a partner of Cisco in Portugal. We do integration of different Cisco solutions for our customers. Nowadays, we mostly do integration of Cisco cloud solutions for customers.

Cisco Secure Email is the solution that we deploy for customers in Portugal mostly as a backup of an existing solution such as Office 365 because it guarantees that the customer never falls out of options if the main product has some problem. If they rely on having an email solution that cannot fail, that's an excellent option for them to have in place. It's the oldest solution that we deploy for customers in Portugal. It has a very nice history and very good quality. It's perceived by our customers as an email solution that functions all the time.

One benefit is the resilience of the solution when implemented in conjunction with other solutions, and the other one is the new features that Cisco is adding to the solution itself, such as awareness of advanced phishing threats. The environment that Cisco is building around this primary product in its catalog is helpful.

We offer almost all of the Cisco Security solutions, but recently, we've been working more with cloud solutions. It's easier for customers to adopt them. We also continue to deploy some of the firewall solutions with the physical devices and also email protection solutions either with the VM solutions or with the physical appliances. We've been seeing evermore integration of the products based on the browsing console, which is very nice for customers because they only need to have a browser to access all the different consoles of different products. They can be consolidated with SecureX. It's an advantage for the customer to be able to handle all the different consoles for different integrations that the customer has in one place.

Cisco Talos is a very nice complementary solution to the email protection suite. It gives you the threat intel regarding the latest news and infections that can be problematic for the customers. They become aware of what's happening and any latest vulnerabilities they may have on-prem.

The advanced phishing protection and the integration with the awareness tool that Cisco has embedded into the solution to bring awareness to the customers about the dangers of phishing attacks and other things that come from email are the most valuable features.

Cisco has already improved this solution with some add-ons to the basic product. Cisco is already providing a very good environment with the IronPort solution, but there could be some more integration with other products. For instance, an integration with the EDR solution could be there to raise an alert.

We've been a partner of Cisco for more than 10 years, and we've mostly done integration of solutions. 

We usually give the first line of support to the customer, and then only, we go to the Cisco support. We have a very strong Cisco security team in Portugal, so whenever we need any support, we use those resources. I don't remember a time when I had to open a ticket because the local team has been very good.

Positive

Cisco Secure Email hasn't helped clients consolidate any applications. In Portugal, there's no business for that because what you usually do is implement several solutions that are regarded as the better solutions in terms of the market. In some cases, it could be Cisco, and in other cases, it could be another player. At S21sec, we try to give a better solution to customers and adapt and customize it to the specific needs of our customers.

The main difference between Cisco Secure Email and other solutions is the reliability and the capability to offline the email if there are some problems on the customer side. We can also overcome problems that may arise in terms of the local telecommunication operators that handle the communication. If there's a failure there, we can overcome those problems with the relays from the Cisco solution.

The deployment model varies a little bit. In Portugal, some sectors still rely on on-prem solutions, but we are trying to build awareness that the new solutions relying on the cloud are better for the customers because they don't have to worry about getting new patches and new security updates and patching the infrastructure. They only need to rely on having a service that is provided by Cisco for having the best security. They don't have to worry about the maintenance of the platform itself. The cloud provider that our clients use varies. We work a lot with the banks and financial organizations in Portugal. They are historical customers that don't want to go for public cloud solutions. They still rely on on-prem solutions. They have evolved to having virtualized solutions instead of appliance solutions, but they still rely on having mostly private cloud solutions. They use local providers. We are seeing a shift to global providers but not with all of them.

It's a very modular solution. We have some customers who have deployments all over the world. We clusterize the solutions in each of those locations, and then they connect them with the global management solution. We can manage all the operations of the different clusters spread around the world from one site. It's a very good solution in terms of redundancy even in different geographies.

It's a very easy solution. You can go for a very customizable environment, but usually, for the day-to-day needs of most customers, it's very easy to deploy. You can just customize the options to make it more secure for a customer's environment.

It's adapted to the market. It's similar to other vendors. We at least don't have many problems regarding that because Cisco is adaptable on that side. When we present the solutions to the customers, we tend to achieve the goals that the customer has in terms of the budget for such implementations.

We offer the best solution for what customers intend to do and the type of problems that their business may have. When a solution is adaptable and customizable to the customer environment, customers tend to go ahead with it. Even if it requires more investment, we find a way of getting it to the budget and getting a good return on investment.

To those evaluating this solution, I'd recommend trying the product. Cloud solutions are very easy to use, and you can do a PoC. In a matter of hours or a day, you can deploy the solution and use it fully.

We are Cisco partners. Cisco has a very nice solution and a very good security team in Portugal, but obviously, they can't cater to all the customers. An integrator does that part. With the relationship that we have with the customers, we can apply and customize the solutions that Cisco has in its portfolio according to the environment and specific needs of each customer.

Our partnership with Cisco is pretty close to a 10 out of 10 because we are getting different kinds of solutions. We at S21sec handle just security. We don't do storage, and we don't do servers. We are very focused on security, and the partnership that we have with Cisco is ever-growing because nowadays, for instance, OT solutions are also a very huge concern for us, and what we have seen with Cisco solutions that are being brought to the market is that they also started to handle the new security issues that we find in other sectors. They are not only into IT. They are also going into the OT and the IoT world. They are able to customize and bring new solutions, even some developed insights, by buying other companies and adapting them to the Cisco reality. They are able to devise a product that handles the needs of different kinds of customers in different areas of the business, not just the IT world but also the industrial world.

I would rate Cisco Secure Email a nine out of ten. It's growing up to be much more than just an email protection tool. It's going for the awareness of the customers, and that's a good complementary solution that addresses other problems that come from using email nowadays.

It is like a gateway for email. They receive all your email traffic. They send over your email traffic, and it is the first incoming point and the last outgoing point. They deliver the traffic to the destination. Whatever it is, you want to be informed of what is happening. Depending on the site's deployment, if you have a single device, then you have all the information on the device. And if you have several devices, you have all the information on every single device for each device. However, for consolidation, you need another device called Security Management Appliance (SMA).

It has no real interaction with other stuff. It does not interact with a gateway beyond the networking level. You have a router and that router provides IP addresses for a switch, etc. You don't have to integrate Cisco Secure Email with something specific since it is standalone and only requires basic essential networking. You can integrate it with a firewall, like ASA, but that firewall has to allow traffic. To do that, you would open port 25.

It is available to be deployed as on-premises, on the cloud, and hybrid cloud.

The solution is valuable if you are looking for a security email gateway that provides you with the most services possible. It has anything that you may be looking for in an email deployment, except for the endpoint which should be supported by something else, like Exchange. It doesn't have mailboxes because it is a gateway.

There are some methods to authenticate email, i.e., putting a stamp or seal of trust on an email, where one method is DKIM and another is SPF.

• For SPF in the DNS, where you have records that list the different devices or IP addresses that can send email from a specific domain, a security device can consult that DNS and check if the mail coming from that domain is coming from an authorized source.
• DKIM is a cryptographic signature of an email. It is usually what you announce is the public key of that system's PKI and verify the signature in the headers. You have a checksum of all the contents so it is possible to define or identify whether the message has been tampered with in route.

They are mutually exclusive in a way, so DMARC consolidates both. It provides alignment with the IP address, domain name, etc., and has to match at least one, being properly aligned. It has become something very important for compliance.

When you are receiving, you use all this information to decide whether an email is legitimate. Or, if you also need to deploy your DKIM, DMARC, and SPF infrastructure, that lets the rest of the world know where you are sending email from and how you are authenticating your email.

It can honor all SPF, DKIM, and DMARC rule sets and apply rules based on the results of these tests as well as sign the DKIM. Therefore, your email can comply with whatever you are announcing on your DNS for the rest of the world to know that you know about the signed domains. It has perfect, robust integration on that. 

The most valuable feature is reputation filtering. In the beginning, it was based on just the IP source. but it has now evolved to domain reputation. It allows you to classify different IP sources and different sender groups, where you can reject to throttle to whitelist from any IP sources, domains, etc. Based on the reputation gathering, the reputation is powered by Talos security. It is a super powerful feature. That alone gets rid of more than 50% of the crap from the traffic flow, before even hitting the anti-spam or antivirus.

If you have some knowledge about email, it is a pretty simple solution that has many controls on different levels, from the gateway part to accepting messages from certain sources to stringent filtering. It is state of the art with anti-spam, antivirus, and different threat prevention features. 

SecureX is powered by Talos, Sourcefire, etc. Today, it is the largest, richest threat intelligence on the market. SecureX is quite standalone in regards to integration since you put it into the network, whether it is on your own cloud or a third-party cloud.

If you go to the filtering level, you can have very accurate features or filters since it is programmatic. At a certain point, you can define sets of rules, such as where the email is coming from, whether it has this content, or to apply this policy. For example, if it has the same considerations, but the content is different, apply this another policy. It is super flexible and very customizable to your needs. It is not difficult to use.

It provides information, reporting, logging, and tracking. It has powerful tracking, so you can know exactly and accurately where an email came from, for which specific device, etc. It shows the emails which were:

• Dropped
• Rejected
• Quarantined
• Accepted by which policies.

It also shows the rule sets applied for that email and considers

• The source
• The Offender
• Anything else that you may consider in an email.

It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure. 

You can consolidate on SMA if you want to spam or threats quarantined for multiple devices. It is not advisable for a single device, because if it fails, you are left without any email.

I would like to see a few changes to the UX. 

There is space for improvement with data loss prevention, particularly with third-parties integration. Data loss prevention is quite important, though most customers have some third-party or other elements in their network doing data loss prevention, specifically for email. However, if it could be possible to integrate with other solutions, not only on the email flow, but on analysis for a connector or something like that, then that would be ideal.

The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear.

I have been using it since 2004.

It does not add anything to the potential downtime for a corporation, unless everything fails. If all your email exchanges fail, then you don't have email, but this solution does not affect the performance of your whole network. 

At the minimum, you need two devices. If you have two devices and one fails, then the other one can handle the work, though you might have some email delays.

You should keep track of what is going on. It does need some daily administration, fixes, and policy changes.

In general, their technical support is really good. There are a few who are still learning, e.g., not providing enough help, but there is always the option to escalate.

It was the IronPort before Cisco acquired it in 2007. It is the same appliance and software. This solution has been upgraded by several versions, but it is basically the same, they just changed the name. 

I have done the architecture for a company in China.

It is a super big router that costs a few hundred thousand dollars.

These days, the first tiers of this market have good enough anti-spam, antivirus, etc. These have become routine. There are some other not-so-good solutions, like Barracuda and Fortinet, but it depends on how much you are willing to pay as this solution is not cheap.

The best other solution is Proofpoint. They have been long-time competitors who have also been evolving. The big difference is it is more fancy because it has more bells and whistles. The solution is good as well. However, they are super expensive, not cheap.

If you want a multi-tiered deployment, you could perhaps have Secure Email on the cloud and Proofpoint on-premises. Then, you have the two best solutions in the market working together. I have customers who have done this and are satisfied. Very few solutions can compete with Secure Email and Proofpoint outside of the price. If your budget is a problem, then you have a problem.

Along with Proofpoint, this is the best solution in terms of preventing spam, malware, and ransomware.

Check Point has fancy graphics and an interface where you can do a lot. The Cisco Secure gateway has both, though not as fancy as Check Point, but a big majority of the tasks can be done on the graphical interface level.

It is not so difficult to us, but neither is it easy, particularly if you don't have some knowledge about email.

Whatever you are looking for with an email security appliance or device, you mostly have it, though nobody is perfect.

The solution’s ability to prevent phishing and business-email compromise is fairly good. DKIM, DMARC, and SPF integration are the best way to prevent phishing, spoofing, etc. However, they still have room to work in this area.

Our customers use the solution as an email security tool.

The product blocks spam emails.

The scalability must be improved. The product is a bit traditional. There are many vendors in the market. A customer might not always choose Cisco.

I have been reselling the solution since 2010.

I rate the tool’s stability an eight out of ten.

I rate the tool’s scalability a seven out of ten. Our customers are medium and enterprise-level businesses.

I rate the ease of setup a seven or eight out of ten. The deployments takes one to two weeks.

I rate the product a seven out of ten on a scale where one is cheap and ten is expensive.

Sometimes, customers choose Forcepoint or Barracuda. Usually, if the customers have a Cisco setup, they choose Cisco Secure Email.

Cisco is an integrated solution. Overall, I rate the product an eight out of ten.