Try our new research platform with insights from 80,000+ expert users
Network Security Engineer at Galaxy Backbone Ltd
Real User
Good support, integrates well with SMA, and does what it is designed to do
Pros and Cons
  • "It is doing its work. It is doing what it was actually designed to do. It has ensured we don't have business email compromises, and it has also ensured that our brand Galaxy is unique all year round."
  • "The area of license renewal should be improved. We normally renew our license every year. There is a feature called smart licensing, and I switched from the legacy mode to the smart licensing mode because of what I thought smart licensing does. I thought it would make licensing renewal seamless and very swift, but ever since I've switched to smart licensing, each time I want to renew my license, it is a whole lot of headache. The process is not smooth, and I had to keep calling Cisco TAC to see how the issue can be resolved. At one point, I wanted to revert back to the legacy mode, but I can't revert. Once you switch from the legacy mode to the smart licensing mode, you can't revert. They should improve on the visibility of the smart licensing mode so that it can indeed be smart and easier to use for the license renewal every year. That is one challenge."

What is our primary use case?

It is our email gateway. We have the Exchange Servers, but the Exchange Servers don't relay directly with the internet. We have ESA in-between, and every incoming and outgoing email must pass through ESA before it gets to the internet.

We are using Email Security Appliance C690, and we have three of them in a cluster. They are on-premise. We have decided not to go to the cloud. It is primarily because most of our clients are government agencies and the government, and they have this suspicion about the cloud. So, right now, we are still on-premise. 

Currently, we are on version 13.8. There is a newer version, but we are yet to migrate to that version.

How has it helped my organization?

We use ESA with Security Management Appliance (SMA). We have SMA M690. The integration of ESA and SMA makes the whole work easier. SMA is the central content appliance, and we have three ESAs. The SMA is able to collaborate with the clustered ESAs for log management and other things. It gives some stability in terms of what is happening. ESA keeps a lot of logs, so SMA is able to move through ESA and get those logs out. This integration has really helped us to drive our operation in the email platform.

It does a lot in terms of preventing phishing and business email compromise with DP and Advanced Phishing Protection. DMARC gives visibility for preventing spoofing and social engineering attacks. ESA has been able to help and protect us from those attacks. It is doing a lot of work. Gartner has always rated Cisco's ESA appliance as one of the major players.

It is doing a lot to prevent spam, malware, and ransomware. Everything is also tied to how you have configured it. Some of the spam emails don't get to the customers. We can quarantine a spam email, which gives us the visibility to look at it and see if it is actually spam or not. It is doing its work. It is. There are no false positives. It is working perfectly.

Email service is one of the services that we offer at Galaxy. ESA has improved our business. Our customers want to maintain their business with us for email security. We have over 500 domains on our email platform. It has improved our profitability in everything.

What is most valuable?

They have a lot of features such as Advanced Malware Protection, Email Protection, Advanced Phishing Protection, Antispam, Antivirus, and Outbreak Filters. They are very important.

It is doing its work. It is doing what it was actually designed to do. It has ensured we don't have business email compromises, and it has also ensured that our brand Galaxy is unique all year round. 

What needs improvement?

The area of license renewal should be improved. We normally renew our license every year. There is a feature called smart licensing, and I switched from the legacy mode to the smart licensing mode because of what I thought smart licensing does. I thought it would make licensing renewal seamless and very swift, but ever since I've switched to smart licensing, each time I want to renew my license, it is a whole lot of headache. The process is not smooth, and I had to keep calling Cisco TAC to see how the issue can be resolved. At one point, I wanted to revert back to the legacy mode, but I can't revert. Once you switch from the legacy mode to the smart licensing mode, you can't revert. They should improve on the visibility of the smart licensing mode so that it can indeed be smart and easier to use for the license renewal every year. That is one challenge.

Another challenge is that there is no way for me to know my level of utilization. For example, if I have a subscription of 2,000, there should be a way for me to know my level of utilization. Currently, I don't know my level of utilization. So, if my license is renewed on 20,000 subscribers and I'm using less than 20,000, I wouldn't know. It doesn't improve my ROI. If I'm using less than the subscription I've applied for, there should be a way the system should tell me, rather than me going to find out manually. When I go to the smart licensing profile, I should be able to see my utilization. I should be able to see that I've subscribed for 20,000 but I'm only using 12,000. This means that if I'm going to renew, I should reduce my licensing mode from 20,000 to maybe 15,000. This kind of information should be given to the customers, but right now, we don't have that.

Buyer's Guide
Cisco Secure Email
November 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.

For how long have I used the solution?

I've been using this solution since 2017. My organization has been using it before that. It has always been in use as our email security gateway.

What do I think about the stability of the solution?

It is very stable. They have AsyncOS, which is the OS that runs on the appliance. They've released different versions. There is a general version, a limited version, etc. They keep coming with more services just to improve the platform. 

We never experienced downtime. We have ESAs, and they are in a cluster. If one ESA fails, there is no downtime. The remaining two can handles email communication and relay. We have high availability and redundancy. So, we don't experience any downtime.

We do ESA health checks with OEM during which they connect with us virtually. They connect to the device and then check if all security features are still well configured and if there is any other way to improve. Doing this quarterly has really helped to make sure that the appliances are up to date.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and support?

They are very good. I would rate them a nine out of 10. If possible, I would rate them a 10, but I just want to be a little bit reserved. 

They've really been very knowledgeable and very patient, and they've always ensured that for any issue, any ticket, or any case that is opened with them, they are prompt. They are quick to ensure that they resolve an issue as soon as possible.

Which solution did I use previously and why did I switch?

It has always been ESA from the onset.

How was the initial setup?

I wasn't part of the team from the beginning to the end. I came when they were almost done. It was complex but also very interesting. It took two weeks or so if I'm not mistaken.

For the setup, you need to look at the low-level design and the architecture, and then you look at the network interfaces, listeners, routes, default routes, etc. If there is a way they can come up with step-by-step information about configuring it, that would really be nice. The guide right now is too cumbersome and bulky. If there is more straight-to-the-point and procedural information, it would be better. 

What about the implementation team?

Cisco service engineers were the ones in charge. 

What was our ROI?

We have seen an ROI.

What's my experience with pricing, setup cost, and licensing?

At times, we feel the pricing is a bit too high, but then, there is also room for discounts. We enjoy a lot of discounts, and that is why we are still with them. There are no costs in addition to the standard licensing fees.

Which other solutions did I evaluate?

We have evaluated other solutions, such as FortiMail from Fortinet, but we stuck with Cisco ESA. ESA's pricing and licensing were what led to us trying to see how we can bring it all together.

What other advice do I have?

It is stable and credible. I would always tell someone else to try it out. Of course, before you try it out, you can look at what Gartner is saying. Gartner has always placed the Cisco Email Security Appliance up there along with Mimecast and other top players. 

It is well-secured. Security is everyone's concern, so I will always tell people to go for it. It is very secure. Its pricing has been a little bit high, but you can always ask for a discount from your account managers, country manager, or whoever is in charge in your region.

I would rate this solution an eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Admin / Manager at a retailer with 501-1,000 employees
Real User
Low rate of false positives, good support, and it integrates well with other Cisco security products
Pros and Cons
  • "The malicious URL scanning, as well as the anti-malware features, have been really useful for us in our environment."
  • "The UI is definitely one area of improvement because it doesn't match other interfaces and the navigation can be a little clunky."

What is our primary use case?

All of our inbound and outbound emails flow through the CES environment and we leverage it for spam filtering, phishing filtering, malicious URL detection, attachment scanning, and data leak protection. It basically covers all of the security layers for email.

How has it helped my organization?

It's cut down quite a bit on the amount of false-positive spam that we get. The spam engine that's utilized by CES, we found to be pretty effective. It's rare that things end up in a quarantine when they aren't supposed to be there, which is very beneficial. I believe that was one of the reasons that we moved from the previous hosted solution that we were utilizing to CES.

What is most valuable?

The malicious URL scanning, as well as the anti-malware features, have been really useful for us in our environment. Specifically, the URL scanning has helped to knock down quite a few phishing attempts that come into the organization. The broader blanket automated attempts get knocked down pretty quickly since those URLs typically get flagged early on, and then the appliance just picks up on those URLs and knocks them down. It is the same with malicious attachments. The malware scanning that's done via AMP, which is deployed elsewhere in the organization as well, just grabs all of that before it hits the inboxes.

We have our email security feeding into the SecureX solution and it's nice to have all of our security platform statistics in one place. We leverage quite a bit of the Cisco security stack and having all of that feed into the SecureX dashboard is great. The dashboard continues to evolve, but it is at least nice to be able to see everything at once.

Integrating this product with SecureX was pretty quick and easy. Both of the solutions are cloud-hosted and the SMA, which is the reporting module that feeds the data into SecureX, was done via the API. The documentation on the SecureX portal walks you through exactly how to add the various integrations.

We leverage the AMP functionality that exists in CES, and it also ties into threat response, which is the threat-hunting platform that Cisco has. The benefits of these integrations were pretty important in the decision to stay within the Cisco product family. The threat hunting and threat response are really nice because we're able to see if something malicious makes it into the environment. Once that happens, we are able to trace that back and find out if that was done via an email, and then grab the information for that specific message. This will tell us if there have been any other indications of compromise on any other hosts. When it comes to being able to do that, having it all in a uniform environment is pretty important.

What needs improvement?

The UI is definitely one area of improvement because it doesn't match other interfaces and the navigation can be a little clunky. Generally speaking, it is just dated, and I know that they're working on enhancing it for later versions.

They should continue to develop their integration with Office 365 or Hosted Exchange since a lot of organizations, ours included, are moving primary Exchange services to the Microsoft Cloud. Being able to integrate tighter with that environment is important.

For how long have I used the solution?

I have been using Cisco Secure Email since joining the company.

What do I think about the stability of the solution?

We haven't had any issues at all with the stability of the platform.

What do I think about the scalability of the solution?

With it being cloud-hosted, it can scale as wide as you need to.

We have roughly 1,000 employees and all of our inbound and outbound emails go through this system. This means that there are several tens of thousands of messages a day flowing through it. We haven't had any sort of performance issues at all with our environment.

How are customer service and technical support?

Cisco's technical support is very good. We've just recently had a couple of tech cases that we needed help with. We were researching why some of our partner's messages weren't getting through intact. Because this is a hosted solution and they have quite a bit of visibility, it has always been great.

We've never had any issues with support on this platform.

Which solution did I use previously and why did I switch?

In previous organizations, we've leveraged Postini, which was a cloud-based solution that was acquired by Google. I've also worked in environments that have leveraged Microsoft's Office 365 email spam filtering, and they've been good, but generally, usability is sometimes a problem. It goes back to the UI and then the accuracy.

The amount of spam that is stopped has not always been great. As such, I feel that CES has a pretty good balance in that regard.

What about the implementation team?

As this solution is hosted on Cisco's cloud, we don't manage the underlying infrastructure.

We probably have about eight individuals who work with it. Some of them are within our support organization, there are messaging or Exchange admins, and there are network engineers.

What was our ROI?

Return of investment is something that is difficult to measure because you're essentially trying to prove a negative. It is difficult to say what it has prevented or what has been stopped from happening. That said, I think the overall satisfaction, at least from the user perspective, is good.

When you consider the spam and anti-phishing components, in addition to the IT benefit of the anti-malware and antivirus, I think we definitely get an appropriate return. Nobody questions the expenditure on the solution as being ineffective.

What's my experience with pricing, setup cost, and licensing?

With respect to transferring policies and licenses, Smart Licensing has really improved the overall licensing model for Cisco. We've been really happy with Smart Licensing.

There are additional fees for adding features. For example, things like AMP are additional licenses. Because it's all done via the Smart Licensing portal, when new licenses are acquired they're dropped in our bucket, so to speak, and then the solution just grabs those licenses. There is no back and forth required. The license ends up in the bucket and then the solution syncs with Smart Licensing and we're good to go.

What other advice do I have?

For the future, we are looking at moving to newer versions that allow for additional advanced phishing protection. That's something that we're targeting. Also, we're trying to figure out how to streamline our mail flow with the majority of our inbound and outbound email that is now flowing through Office 365. Essentially, we're figuring out how we can tighten up that integration and lessen our dependence on on-premises Exchange for our mail flow.

With respect to versioning, it is controlled by Cisco. I believe that version 13.5 is when they introduced the advanced phishing protection. We're notified when new versions are released and we can ask for earlier versions, but we get adopted once those versions become generally available.

My advice for anybody who is implementing this product is to leverage the Cisco Validated Design (CVD) documents that exist. They're super helpful. Cisco has done a lot of work with Microsoft in figuring out integrations and documenting those. There is quite a bit of really good documentation, both within Microsoft and Cisco on building those integrations and configuring them.

We have also leveraged Cisco's adoption services around renewal times to make sure that we're using the platform to the fullest extent. They offer health checks for their hosted solutions, so on a yearly basis, you can sit down with an engineer and walk through and make sure you're on a good version of the code. You can make sure that you've again implemented from a high level, those feature sets correctly, and that you're leveraging things properly. Cisco does a lot of things to make sure that it's an easy renewal conversation to have, specifically with leadership.

The biggest lesson that I have learned from working with this product is to make sure that you're engaged with your Cisco teams to guarantee that you're getting the most benefit out of the platform. Again, you should be taking advantage of the health check services and adoption services because they're really unique.

In summary, this is a good solution but I think there's always room for improvement. I don't think that anything is perfect and they've definitely got some work to do on tightening up the UI and the configuration presentation. From a functionality perspective, the platform is great. 

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Cisco Secure Email
November 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,636 professionals have used our research since 2012.
Hannes Johnsson - PeerSpot reviewer
Network Architect at a transportation company with 501-1,000 employees
Video Review
Real User
Top 10
Good support, perfect stability, and many out-of-the-box filters
Pros and Cons
  • "There are a lot of filters for scam emails and things like that work out of the box. You can also use the antivirus features. I like its features."
  • "Cisco Secure Email can be improved from the administrator's point of view. Usually, you have to work with different areas, and they can try to make it easy for the administrator to use different functions."

What is our primary use case?

We have it for email security. We use it for some security features to set up emails.

How has it helped my organization?

Cisco Secure Email has helped free up our IT staff for other projects because the product is so stable, and you don't have to spend so much time with the administration of the product. You free up time because you don't need to set up so many functions. Some of the functions are out of the box, and they just work.

What is most valuable?

There are a lot of filters for scam emails and things like that work out of the box. You can also use the antivirus features. I like its features.

What needs improvement?

Cisco Secure Email can be improved from the administrator's point of view. Usually, you have to work with different areas, and they can try to make it easy for the administrator to use different functions.

What do I think about the stability of the solution?

Its stability is perfect. It's very good.

What do I think about the scalability of the solution?

We did grow out of the product, so we changed the product to a bigger box. It was the same installation and the same setup, so it was fine. We just replaced them with a larger box.

In terms of our environment setup, we have it set up in two data centers just for redundancy. We have about 1,200 people using it in the organization.

How are customer service and support?

I've been in contact with Cisco Support a few times regarding questions, and I've had a very good experience with their support. They have been able to answer my questions directly, and they replied fast, so it's very good. Regarding Cisco Secure Email, I'd rate their support a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

When I first started at the company, the product was already there. That was my first experience with the product, but I liked the product, and I thought it was very stable and working well.

How was the initial setup?

I've been involved in the lifecycle management of it and upgrading it, so I have experience with that. It has worked well with no impact on production or something like that.

The upgrade process is quite straightforward. You just have to ensure that you have everything prepared for the upgrade.

What about the implementation team?

It was Cygate in Sweden from whom we bought the product. They were resellers for Cisco, but we installed it ourselves.

What's my experience with pricing, setup cost, and licensing?

I don't have the insights into it, but compared to different products, it seems to have a medium level of pricing.

What other advice do I have?

To those evaluating Cisco Secure Email, I'd advise thinking about what do you need and what is most important for your company in terms of stability and the administration area.

Based on my experience, I'd rate Cisco Secure Email a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Email Adminstrator at Merchants Capital Resources, Inc.
Real User
Filters out links and spam, stopping junking from getting through
Pros and Cons
  • "There is a huge return compared to if we didn't have a gateway appliance, as far as blocking malicious emails."
  • "I use the search all the time. Sometimes, it is hard to search for things and things are hard to find. People come to me all the time, saying, "This email didn't get through." Then, I go searching and don't find it on the first search. You have to think about alternative searches. I don't know if there is an easier way that they could help to find things. I don't know how they could simplify it, because now everybody else is using the cloud and everything is coming from Office 365, or whatever. It is just not the same environment from years ago where everybody had their own server and you could search easier."

What is our primary use case?

We are using it for our email gateway security for all our inbound and outbound email. We use a lot of the URL filtering and spam filtering as well as the dictionaries, e.g., if they try to spoof employee names.

How has it helped my organization?

We didn't have an email gateway initially. As spam was ramping up, the junk was getting through. So, we needed a gateway. We then worked with a local company who sold us this product and some training as well as how to get it up and running, configuring it. Over the years, they have been constantly changing it.

What is most valuable?

We use a lot of their search features to search for emails that have come through. Our end users come through it. They say, "This didn't email didn't arrive," or "How did this email get through?" So, I am constantly searching through message tracing and using that all the time.

What needs improvement?

I use the search all the time. Sometimes, it is hard to search for things and things are hard to find. People come to me all the time, saying, "This email didn't get through." Then, I go searching and don't find it on the first search. You have to think about alternative searches. I don't know if there is an easier way that they could help to find things. I don't know how they could simplify it, because now everybody else is using the cloud and everything is coming from Office 365, or whatever. It is just not the same environment from years ago where everybody had their own server and you could search easier.

When you run a trace and you are in the cloud, it's harder. You run a trace and it generates trace results. I haven't figured out how to get those off of the cloud. I don't know if there is a path to open up a ticket on that.

For how long have I used the solution?

Before it was purchased by Cisco, we had already been using IronPort since 2005 or earlier.

What do I think about the stability of the solution?

It is very stable. We have never had any problems.

The way we are using it now, it does require maintenance. I decided to take a zero trust for URL links coming in emails or unknown links. Then, if there is a link that somebody wants to get through, then I have to add that to the list to allow it. So, there are some dictionaries and things to maintain the way we are running it now that we didn't have in the past. For many years, we got it running, then forgot about it. It just ran and ran. Now, I think it is just a different environment due to the level of phishing emails, etc. 

The way that we are running it now, there is more to maintain, like the dictionaries and the list of employees, so somebody doesn't spoof an employee's name. It takes maybe an hour or so a week to update the dictionaries and things like that. 

Right now, I'm the only one maintaining it.

What do I think about the scalability of the solution?

The scalability is good. It seems like it still has capacity in the cloud. It is hard to tell in the cloud. However, the ones that we had on-prem were running real close to their limit for whatever reason: memory swapping and CPU utilization. So, we had to do something there. Right now, it seems like there is capacity/room to grow.

The solution protects 450 users. We plan to gradually increase users.

How are customer service and technical support?

They have always been good when helping with problems. They are responsive and always come up with an answer.

Which solution did I use previously and why did I switch?

We migrated from Cisco ESA to Cisco Cloud Email Security. 

The appliances were getting close to the end of life. They were using a lot of CPU, so it was time to do something with them. IT management seems to be going more to the cloud now, so it made sense to go to the Cisco Cloud solution. The machines that we had on-prem were really slow. For whatever reason, they were getting real slow. When we went to the cloud, we got away from that problem.

How was the initial setup?

For the initial deployment, we might have spent a week getting it up and running. Then, we went for a day or two to training.

There wasn't really any downtime involved during the migration from our on-prem to Cisco Cloud Email Security, which was important to us. We didn't want to interrupt email flow. So, we prepared it, then there was a cutover. 

The migration from the vendor’s on-prem to Cloud Email Security wasn't too difficult.

What about the implementation team?

A few times, we needed Cisco's expertise in the migration process to solve some problems for free. Because it is in the cloud, you can't get to the command line interface to access and download/upload files. So, I had to rely on Cisco for that.

What was our ROI?

There is a huge return compared to if we didn't have a gateway appliance, as far as blocking malicious emails.

What's my experience with pricing, setup cost, and licensing?

The licensing was all transferred. A fair amount of the configuration had to be done by hand. We didn't transfer the people safe list and block lists. There were a number of things that we didn't transfer because they were in the cloud. It was a matter of going through and reconfiguring.

Which other solutions did I evaluate?

The familiar user interface was important in our decision to migrate from Cisco’s on-prem to Cloud Email Security. We have a lot of other projects going on. Being able to migrate to something that we were already familiar with versus migrating to Proofpoint or something else was a major decision factor. I didn't have to invest that much time, resources, and learning in a whole new product.

If you compare it over Proofpoint, it was a big savings. It was very competitive. It saved us from buying new appliances. Though, I don't know that would have been a big expense, because I didn't do a cost analysis of staying on-prem and replacing the appliances. We were more comparing the solution to Proofpoint, and the cost was considerably less than Proofpoint. It was already in place and working for us on-prem. So, I didn't want to move to Proofpoint because there would have been much more to learn.

Some of the things that we were doing in Cisco, we can't do it the same way in Proofpoint, from as much as I have looked at it. I know there is a difference. They have different solutions. They have some solutions that aren't configurable at all, such as, the lower price ones. They have another one where you are just like a tenant and everybody gets the same thing, then for it to be customizable, it is a lot more expensive. In orders of magnitude, it is more expensive than Cisco, which didn't make sense. With all the little tweaks and customizations that we're doing, I couldn't see how to do that based on the time I spent looking at Proofpoint. It might be doable, but I didn't figure out how to do it. So, I think Cisco is a little more configurable than Proofpoint for tweaking. I could be wrong, but that is my impression.

What other advice do I have?

There wasn't much of a learning curve involved in migrating from Cisco’s on-prem to Cloud Email Security because they are very similar. There were just a few things that were different.

It is a good product. Be prepared to invest time in learning it, like anything. You need to have somebody who is a key administrator, like any enterprise-level product that you would bring in. Even if you will have Salesforce or whatever, you need to have an administrator who knows how to keep it running.

Email threats just keep getting worse and worse, so you need to keep on your toes.

I would rate this solution as a nine (out of 10).

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2590572 - PeerSpot reviewer
Solution Architect, Presales Engineer at a computer software company with 51-200 employees
Reseller
Top 10
Seamless integration enhances security and has good support
Pros and Cons
  • "Cisco's Secure Email integrates with Cisco Firewalls, utilizing the AMP as their anti-malware engine, which allows for information sharing between devices."
  • "The primary areas for improvement are the pricing and the complexity of deployment."

What is our primary use case?

The primary use case for Cisco Secure Email is for email security. It is used in scenarios similar to Fortinet, focusing on email security and integrating with Cisco Firewalls.

How has it helped my organization?

The integration with Cisco Firewalls has worked fine, allowing the two devices to share information about incidents. When deployed in an environment where most products are from Cisco, it facilitates easier integration.

What is most valuable?

Cisco's Secure Email integrates with Cisco Firewalls, utilizing the AMP as their anti-malware engine, which allows for information sharing between devices. 

Additionally, Cisco Secure Mail works well with data security integration, particularly in environments where all or most products are from Cisco.

What needs improvement?

The primary areas for improvement are the pricing and the complexity of deployment. 

The pricing is considered expensive, and the deployment process is complex, involving many steps and usually requiring more than one technician.

For how long have I used the solution?

You can say the same period also as one year for Fortinet.

What do I think about the stability of the solution?

The latency is better compared to Fortinet. Based on my experience, it is a faster solution, particularly in scenarios involving firewall or malware protection.

What do I think about the scalability of the solution?

Scalability is fine with Cisco Secure Email, as it does not place any limitations.

How are customer service and support?

I would rate Cisco's customer support between eight and nine out of ten. Cisco's support is much better than Fortinet.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is a bit complex due to multiple steps required for deployment.

What was our ROI?

The return on investment is not very good due to the expensive nature of the product.

What's my experience with pricing, setup cost, and licensing?

The licensing is expensive and a bit complex with the new approach Cisco has taken. It is considered more complicated than other vendors.

What other advice do I have?

I'd rate the solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
Regional ICT Security Officer EMEA at a engineering company with 10,001+ employees
Real User
Customized filtering has been very effective and useful for us
Pros and Cons
  • "Initially, the most valuable feature for us was the SenderBase Reputation, because that reduced the number of emails that were even considered by the system by a huge number..."
  • "We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. We may consider going to virtual systems."

What is our primary use case?

We use it to secure our email system, to cut down on all the bad emails that we would otherwise receive. 

The reason for implementing the product was the huge increase in spam and junk mail which occurred when we were adopting these devices. There have been some changes in the way that email is delivered since then, and one or two of the major spam sources have been taken down or prosecuted or jailed. Today, we have less blanket-spam, but we have more targeted phishing emails or spear phishing.

The combination of emails with links that encourage users to give away their user login information can cause problems. When someone's account is compromised it can result in access to our global address list and access to emails that the compromised user may have sent. Therefore, they have details of the format and the style emails that our company uses. We have communication threads that they can take advantage of because they can inject their fake emails into an existing communication thread and try to fool a supplier or client into giving more information or, worst-case, giving money to the wrong person.

How has it helped my organization?

When we first had Cisco hardware, we were having significant problems in that we were getting something like 10,000 emails per device per hour. We have four devices, so if we calculate that up it was like 1,000,000 emails a day, and most of those, about 99 percent, were junk mail or spam.

We had a major problem with email, and introducing Cisco Secure Email Gateway systems was a set change for us. It reduced the number of unwanted emails by a huge factor. That has continued to be the case, from when we first got the devices, until today.

Previously, we had other email security appliances, and they were overwhelmed by the volume of email that we are receiving as a company. The introduction of the Cisco Secure Email Gateway systems had two effects for us: 

  1. They significantly reduced the number of emails that were even considered for delivery or for being accepted into our company for internal routing.
  2. It gave us another line of defense. We use the Cisco Secure Email Gateway systems as our first line of defense which we then follow up by another manufacturer's email security appliance, which gives us a second level. Subsequent to that, we've adopted another layer of email security. So we now run three layers.

What is most valuable?

Initially, the most valuable feature for us was the SenderBase Reputation, because that reduced the number of emails that were even considered by the system by a huge number, before we ended up processing them to get through the spam, the marketing, and the virus-attached emails. 

Since then, customized filtering has been very effective and useful for us.

In addition, Cisco has developed the product with its Talos product. They've developed the Cisco Secure Email Gateway systems so that instead of just specifically stopping known spam sources and using that to stop virus-infected emails, the Talos solution which they're now providing has a lot of attraction because it helps to prevent phishing emails.

Things such as Sender Domain Reputation, which is a relatively new feature, are attractive because when there's a pop-up domain, which might be a look-alike of your own company domain, or it might be a look-alike for some other company like Microsoft, it gets a bad reputation, and the Cisco Secure Email Gateway systems will reduce the possibility of these emails delivering to the recipient's desktop.

What needs improvement?

We have occasionally had hardware problems because we are using an appliance-based solution, but that might change.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

The system is very stable. We have had very little downtime and the system is, in general, reliable. 

We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. We may consider going to virtual systems. In general, we have had a good experience with this product. The hardware, given occasional failures, has been very reliable. There is an upgrade process for keeping the system running with the most current, recommended version of AsyncOS. We have had very few problems where an upgrade has gone wrong. We've been very pleased with the solution.

What do I think about the scalability of the solution?

The scalability is good because when you have appliances such as we have, if you have the infrastructure and the available resources, you can install additional virtual appliances. From the point of view of scalability, if there were a problem with performance, it is possible to add other systems or devices, even though they are virtual, and they all fall under the same control interface. They are all a part of the same cluster so they are all relatively easy to manage.

We currently have 11,000 employees and a large number of those users hold email accounts and email addresses.

We have a 24-hour operation because our company is located in 62 countries, so we have to respond relatively quickly because email is important. We have a department that deals with IT security and likely, at a minimum, we would have six people who have the capability to work on these systems. But in reality, because the systems are very stable, we have three or four people who regularly work on them. All the people who maintain the system are currently in the same department as me and all of them are considered IT security officers. They deal with other systems as well as the email.

How are customer service and technical support?

Cisco's technical support is, perhaps, taking a different approach to the way that IronPort managed systems. Cisco tends to try and answer questions or problems by email more, initially, rather than talking to someone on the telephone. Sometimes that's not quite as good as IronPort was. 

But, in general, Cisco is good in that when we have a question they will respond quickly. But equally, because we've had these systems for several years, there is a good pool of experience in our security team so that we don't regularly have to ask questions of Cisco support.

Which solution did I use previously and why did I switch?

We switched to using IronPort because it gives us a second line of defense from spam, phishing, and all the other problem emails. One of the reasons was that there was a major spike in the number of spam and junk emails that people were sending from when we first got these systems. 

The other system that we had was suffering from performance problems because it was being overwhelmed by the volume of emails that were being delivered to Fugro. The other product was still a good product, but it didn't have the performance to handle the volume of email. With the IronPort system being used as a first line of defense, it probably would have done everything that our previous system did, and we could have just removed it from our email processing.

However, we wanted to retain the old system because it had some nice features to do with additional email filtering. Having IronPort as a first line of defense was really good, and then, it was possible to do special filtering and other email reaping on this other system. The other system could then perform at a good level because it was not being overwhelmed by the huge volume of spam, junk, etc.

How was the initial setup?

The initial setup was very straight forward. Having said that, we had a lot of experience in email systems before we set up these devices. But to get the most out of the functionality of the devices it took us some time to implement custom email filters. These were detecting targeted phishing email, although they weren't called that back in the days when we first got this type of hardware.

This was in the days before it was common to have virtualized systems. The systems we had at the time were probably the type that might have been considered by a small ISP. At the time it might have been Cisco Secure Email Gateway 310 or 320 systems. It was a long time ago. We have had those systems on contract since then. We've regularly upgraded the systems when the contract has been renewed.

We've had the systems configured in a cluster where the cluster spans more than one email gateway. Email gateways are located in different countries, so although we have different places where the email can be delivered to Fugro and from where Fugro sends email, the systems are all managed from the same interface and console, even though the systems are in different countries.

What about the implementation team?

Because we had the systems before Cisco bought IronPort, we used some assistance from the then-IronPort company for the initial set up. But our own personnel were involved in training courses, so most of the configuration was done by Fugro people.

The IronPort consultants were very good. Because the company was keen for business, they were keen to assist us. At the time, we were, perhaps, one of the more unusual cases because of the quantity of junk, spam, and other types of emails that were being sent to Fugro recipients. IronPort, at that time, was very responsive, very helpful, easy to deal with and, usually, very knowledgeable about the product.

What was our ROI?

It would be fair to say we have seen return on investment using this solution, but I'm not the person who spends the money or places the orders so I do not have detailed information on it.

Which other solutions did I evaluate?

We did evaluate other options, but it was a long time ago so I'm not sure I can remember which other options we considered.

What other advice do I have?

Having a good understanding of the product helps in the implementation process, so do some upfront training before you adopt the product. Be closely involved with Cisco support or the Cisco implementation team which will help to make sure that configuration is well adjusted and suited to your company.

I've used the product for more than ten years. Prior to that, it was IronPort. Cisco bought IronPort. We were using the IronPort products before Cisco bought them. We're currently using AsyncOS version 12.

We've used this product for so long, and we've been very happy with it, that we do not have a direct comparison against other products that are available today. That said, and accepting the fact that email security systems are not cheap, this product is still a front-runner and, combined with the new things that Cisco is doing, it has a lot of scope and capability. I would suggest this product would be about a nine, if ten is the best.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1052493 - PeerSpot reviewer
Senior Email Engineer at a legal firm with 1,001-5,000 employees
Real User
The most valuable feature is the policies or rules that you can put on it
Pros and Cons
  • "At one point, there was a zero-day attack. The Cisco appliance detected it and stopped it, helping us out. We avoided the attack and potential damage."
  • "I would like them to add some clustering or high availability features."

What is our primary use case?

It is just another level of protection that we use, as far as email is concerned. We use it for different policies or as another scanning engine, e.g., on the desktop or for data coming through another email gateway.

How has it helped my organization?

At one point, there was a zero-day attack. The Cisco appliance detected it and stopped it, helping us out. We avoided the attack and potential damage.

What is most valuable?

The most valuable feature is the policies or rules that you can put on it. This definitely helps with routing specific things to different destinations within our organization, or even potentially blocking when something is coming in and out, to where you can't do this on an email server or on our other email gateway. It's just not possible.

What needs improvement?

On their roapmap, they are looking to integrate with different cloud features, like Office 365.

I would like them to add some clustering or high availability features.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable. I haven't had any issues with memory or CPU. I haven't had any unstable performances from any of the appliances. Initially, we had physical appliances, then we went and upgraded to virtual appliances at some point. However, even the physical appliances were pretty stable.

I did run into one issue at one time where I had to shut something off. It was a bug, but being down for an hour or two is just two costly for our firm.

Deployment and maintenance is handled by two people (email engineers).

What do I think about the scalability of the solution?

Scalability is good. We have four appliances total clustered, two in one data center and two in the other. The ability to increase is definitely doable, and it's helpful if you need to do that.

We are a legal firm with close to 2000 employees.

How are customer service and technical support?

Technical support is definitely good. The turnaround time to speak to someone is very good, as well.

Which solution did I use previously and why did I switch?

We had another appliance (Axway MailGate) and switched because it was outdated. Also, their support model wasn't that great. They were difficult to get a hold of after six or seven in the evening.

How was the initial setup?

The initial product setup was easy. However, it was a bit more complex on our side because of some of the rules that we had set up on a previous appliance, which was not Cisco. Trying to match some of those to Cisco was a little complex. We had some consultants help us out with that. Overall, it wasn't too bad.

The deployment took three to five days.

What about the implementation team?

We worked with a partner consulting firm, Presidio, who very useful and helpful.

We did a proof of concept first off, then did a hard cut over on the weekend.

What was our ROI?

For what you get for the product, the support, and the overall stability, it is definitely a good return on investment.

What's my experience with pricing, setup cost, and licensing?

We do annual licensing for Cisco Secure Email Gateway and SMA together, and possibly SmartNet support. Packaged together, the cost is just under $38,000.

Which other solutions did I evaluate?

We looked at two or three different vendors. One of the solutions that we looked at was a virtual Linux-based appliance. We did evaluate that and a proof of concept around it. However, it wasn't as robust as Cisco, as far as features and high availability.

What other advice do I have?

Give it a chance. If you can do a proof of concept somehow to rate it against other competitors which are out there, look into it because it is a good product.

I haven't upgraded to version 12 yet.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Umair Siddiqi - PeerSpot reviewer
Network Security Specialist at a government with 1,001-5,000 employees
Real User
Top 20
Budget-friendly and provides good email encryption feature
Pros and Cons
  • "Cisco Secure Email is a budget-friendly solution."
  • "I am not satisfied with the solution's reporting and logging."

What is most valuable?

Cisco Secure Email is a budget-friendly solution.

What needs improvement?

I am not satisfied with the solution's reporting and logging.

For how long have I used the solution?

I have been using Cisco Secure Email for the last five years.

Which solution did I use previously and why did I switch?

I like Proofpoint's reporting, management, and interface. It has a single dashboard, very simple configuration and integration, and a very user-friendly GUI.

How was the initial setup?

The solution's initial setup is not difficult. However, it has the management's separate interface and email security's separate interface, which we need to manage.

What other advice do I have?

It was not difficult to integrate Cisco Secure Email with other products in our infrastructure, but it has many complicated options. Sometimes, we need to go to the command line to check the debugging. The solution's DLP (data loss prevention) feature is partially for compliance. DLP needs a full-fledged solution with the agent implementation. Until the agent is not there, you cannot implement DLP.

The solution's email encryption feature works fine. Cisco Secure Email is not a single platform. The engineer has to be a little technical to understand the command line, which is different from the firewall. There are different types of command lines. You have to check the mail log using different command lines.

Overall, I rate the solution eight and a half out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Cisco Secure Email Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Cisco Secure Email Report and get advice and tips from experienced pros sharing their opinions.