Cisco Secure Email Reviews

Our primary use case for Cisco Secure Email is placing it at the edge and then passing it off to another service, like, for example, Postfix. We have security policies that allow certain clients to email.

The user interface massively improved our organization. The device itself works perfectly fine and it's not too complicated to write policies.

What I find the most valuable about Cisco Secure Email is that the logs are not that difficult to see even if you're not used to them. The logs are reasonably readable and diagnosing the problem is not too hard with them.

Cisco Secure Email could rename features in the menus. They could also show a flow of how things go and where the policies sit in conjunction with the actual application.

I have been using Cisco Secure Email for about seven years.

I would say that we hardly had any issues with the stability of this solution.

Tech support can be a bit of a hit-and-miss. Depends on what type of engineer you get when you contact them. Whenever we had an issue, we would either go to the account manager or another engineer.

Positive

My opinion on the licensing of this solution is that it is a mess that needs sorting out. I am not particularly bothered by pricing as I administer it and make recommendations for people to buy or not to buy.

We would use multiple vendors to secure our infrastructure from end to end so that we can detect and remediate threats. We would take everything through email. Email Security Appliance has antivirus and IDS and IPS on anyway. We've got policies in place that only we can receive from certain domains and certain emails within those domains from the customers that they were a part of. We would then pass that on to another service like Postfix. They would then sort out anything that needs to do attachment-wise or anything similar. Eventually, it would go through the Palo Alto firewall as well for the traffic, so anything malicious is picked up across all sets of vendors in that solution.

This solution did not save time for our IT staff, not particularly. It was something we had to deal with and as a network engineer, I had to deal with that aspect of it.

This solution did not save our organization's time because it was a new product that we were selling, so we had more work.

This tool did not help us consolidate our tools because it was a new solution.

We chose Cisco Secure Email because, as the phrase goes, you can't get fired for buying Cisco. We are used to the Cisco product stack as we used the Cisco suite in previous companies.

We use the solution for endpoint protection, including email protection, such as antivirus, anti-phishing, content filtering, outbreak filtering, and greymail protection.

An important feature is retrospective analysis, which allows the solution to retrieve emails sent even a week ago, even if they have already been delivered. This is done by analyzing emails for malicious content after they have been sent.

Cisco Secure Email focuses on cloud-based threat intelligence and endpoint security. The current version improves on the on-premises version by integrating Threat Grid and Advanced Malware Protection, which helps users quickly identify malicious emails.

The product is stable. We never had issues. If everything is configured right, it's something you can easily forget about.

The solution is scalable.

1300 users are using this solution.

We used it once when the appliance was acting up and then realized that an upgrade was needed. We follow up on the requirements upgrades and patching. It doesn't require much patching.

The initial setup is straightforward.

Cisco Secure Email can be integrated in-house, but we are too busy. Therefore, we have decided to use an integrator.

Even though Cisco Secure Email is not cheap, it offers a good return on investment. Cisco needs to ensure that its products are functional and have a long support timeline.

The solution is not cheap.

Cisco Secure Email is a fast data service. Because of this, most of its features are already pre-configured. All clients need to do is customize and tailor the service to their specific use cases.

I would recommend anyone using the on-premise ports move to the cloud.

Overall, I rate the solution a ten out of ten.

We started using Cisco Secure Email because we had a lot of junk emails, phishing, and things like that. We wanted to secure the email sites for the end users.

It has had an impact on the awareness of the employees. Previously, a lot of employees were complaining about junk emails, phishing, etc. After using Cisco Secure Email, spam, and other things have been reduced drastically. I'm not sure how it filters them out, but it just learns based on the email subject and other factors. It just filters them and sends them to the junk box. There is an add-on, and if you think that an email is suspicious, you just add it to the add-on or move it to the junk box.

It saves time. Previously, we had to filter the emails and see which ones are junk and if it has been reported or not. There was a daily checking of the mailboxes to see what was going on and what had been blocked, but with Cisco Secure Email, all of that is just in one tab. You see all the emails that have been blocked and the reason they have been blocked. It saves a lot of time for us. It does the job that we need it to do. 

It's flexible. There are a lot of rules and policies that can be easily applied for certain employees or certain mailboxes.

If you are not a technical guy, it is hard to maneuver, but as soon as you work on it, it gets better and better. If there was a better way to know how to do things or how to find things, it would be good.

We have been using Cisco Secure Email for two and a half to three years.

It's stable. We haven't had any issues with it.

After moving from Exchange to Office 365, we thought that we needed to upgrade the license or do a couple of changes, but it was already a part of the plan from the product itself. So, it was easily scalable.

We didn't have to contact them. Our partner did all the jobs that were needed. It was part of the AMC, and since they set it up, it needed just a couple of tweaks when we shifted from Exchange to Office 365. All the support has always been through the partner. Our experience with them has been good. 

Based on my knowledge, its implementation was fast, and there were no issues when it was implemented.

We did a couple of PoC, and it was leading at that time in the market. We compared it to Barracuda and a couple of others. Its ability had set it apart from others. The partner was good, and the PoC was on point. It did what needed to be done. 

I would rate Cisco Secure Email an eight out of ten.

We are using it as our email firewall. It's our first line of email defense.

Overall, the ease of migration to Cisco's cloud email security from the on-prem solution was a positive experience. We are very happy with the change. It makes security easy. The cloud solution is doing a great job. We are stopping more emails, and in a better way, than we did in the past. It's also not stopping as many good emails, but I think this is because Talos has gotten better, rather than something to do with the cloud technology. But the numbers over the past year are significantly better compared to the past.

We like 

• AMP
• Threat Grid
• Sandboxing

The spam protection is also very good and the solution is very configurable. It has enabled us to configure some specific filters to stop emails that general configurations didn't stop. 

It's a powerful solution. It can analyze a lot of emails simultaneously, with no problems in terms of capacity or system load. It seems that machines on the cloud are more powerful than the ones that we had, in the legacy solution, on-premises.

They can do it better with web links, with the URLs. They have a technology called Outbreak but it doesn't work as well as we would like. It does have a new feature called Cloud URL Analysis, but we can see enough information about detection, information that helps us to properly configure the technology.

We have been using the cloud solution for one year, but before that we were using it on-premises for three years.

It's very stable. We haven't had any issues with the stability. It hasn't gone down, and it has managed the flow of our email volume really well.

The technical support is excellent. They are proactive. They are monitoring things and helping us every step of the way. The technical support is at an excellent level.

The migration to the cloud email security was complex because we have a lot of customization. We needed to reevaluate some of the policies that we were applying via the email security. But technically we had more difficulty previously because we didn't have the premium support. We had to read a lot of documentation and experiment. Now, with the premier support, it's easier.

We re-created everything in the cloud solution. We re-evaluated everything when we migrated. There were some things we didn't migrate, while some new things were created.

It took us nearly one year for all the integrations and the migration to be complete, from the initial evaluation of the new product to the end of the migration to CSE, when it assumed all the email traffic for our organization. We didn't have any particular problems with downtime during the migration. That time includes analyzing, configuring, and improving things in production.

Our team that works directly with Secure Email consists of five people who are configuring the tool.

We used consulting from Cisco the whole time during our migration. With the premium support we now have one person who knows our configuration, our needs, and who can help us more than in the past when we didn't have that level of support.

ROI is difficult to determine. We think we have seen ROI, but we need to have an incident to evaluate whether the investment has really paid off. But no incidents means it's a good investment.

We haven't saved money by moving from on-prem to the cloud email security because we acquired the premium support. But we are happy with it, as they help us not only with issues that have happened, but also with configuration and with learning the technology. This is a very important factor, which we value.

Cisco Secure Email and the support are priced well. It's not cheap, but there are other solutions that offer less and cost so much. For example, Microsoft is more expensive than Cisco.

We know there are some solutions that have a higher level of protection for email, but we're very happy with the price of this one and with the way it is working.

We have Microsoft email security too, but not as the first line of defense. Microsoft's email security has its advantages but it is less secure, less configurable, and less powerful than Cisco's solution.

It's a great solution for big enterprises that need a higher level of security than is offered by Microsoft solutions. Other solutions are targeted at smaller enterprises, that are without a security administrator and without people monitoring and supervising the technology. But for a big enterprise, Cisco Secure Email is a great option.

We have integrated the solution with SecureX and Threat Grid, and we already had Talos, of course. The Sandboxing is needed, it's a basic functionality for us. As for the rest of the integrations, they are less important. We integrate with some external feeds, but Talos is good enough for the technology not to need additional feeds.

When migrating from on-prem to the cloud email security, the interfaces are basically the same. The new interface was developed only for the cloud solution, but the classic interface, when it comes to the configuration of the machine, is basically the same for both the on-premises and cloud solutions.

Overall, it's a very configurable technology. We think it has all the weapons we need to fight against threats.

We are using it for our email gateway security for all our inbound and outbound email. We use a lot of the URL filtering and spam filtering as well as the dictionaries, e.g., if they try to spoof employee names.

We didn't have an email gateway initially. As spam was ramping up, the junk was getting through. So, we needed a gateway. We then worked with a local company who sold us this product and some training as well as how to get it up and running, configuring it. Over the years, they have been constantly changing it.

We use a lot of their search features to search for emails that have come through. Our end users come through it. They say, "This didn't email didn't arrive," or "How did this email get through?" So, I am constantly searching through message tracing and using that all the time.

I use the search all the time. Sometimes, it is hard to search for things and things are hard to find. People come to me all the time, saying, "This email didn't get through." Then, I go searching and don't find it on the first search. You have to think about alternative searches. I don't know if there is an easier way that they could help to find things. I don't know how they could simplify it, because now everybody else is using the cloud and everything is coming from Office 365, or whatever. It is just not the same environment from years ago where everybody had their own server and you could search easier.

When you run a trace and you are in the cloud, it's harder. You run a trace and it generates trace results. I haven't figured out how to get those off of the cloud. I don't know if there is a path to open up a ticket on that.

Before it was purchased by Cisco, we had already been using IronPort since 2005 or earlier.

It is very stable. We have never had any problems.

The way we are using it now, it does require maintenance. I decided to take a zero trust for URL links coming in emails or unknown links. Then, if there is a link that somebody wants to get through, then I have to add that to the list to allow it. So, there are some dictionaries and things to maintain the way we are running it now that we didn't have in the past. For many years, we got it running, then forgot about it. It just ran and ran. Now, I think it is just a different environment due to the level of phishing emails, etc. 

The way that we are running it now, there is more to maintain, like the dictionaries and the list of employees, so somebody doesn't spoof an employee's name. It takes maybe an hour or so a week to update the dictionaries and things like that. 

Right now, I'm the only one maintaining it.

The scalability is good. It seems like it still has capacity in the cloud. It is hard to tell in the cloud. However, the ones that we had on-prem were running real close to their limit for whatever reason: memory swapping and CPU utilization. So, we had to do something there. Right now, it seems like there is capacity/room to grow.

The solution protects 450 users. We plan to gradually increase users.

They have always been good when helping with problems. They are responsive and always come up with an answer.

We migrated from Cisco ESA to Cisco Cloud Email Security. 

The appliances were getting close to the end of life. They were using a lot of CPU, so it was time to do something with them. IT management seems to be going more to the cloud now, so it made sense to go to the Cisco Cloud solution. The machines that we had on-prem were really slow. For whatever reason, they were getting real slow. When we went to the cloud, we got away from that problem.

For the initial deployment, we might have spent a week getting it up and running. Then, we went for a day or two to training.

There wasn't really any downtime involved during the migration from our on-prem to Cisco Cloud Email Security, which was important to us. We didn't want to interrupt email flow. So, we prepared it, then there was a cutover. 

The migration from the vendor’s on-prem to Cloud Email Security wasn't too difficult.

A few times, we needed Cisco's expertise in the migration process to solve some problems for free. Because it is in the cloud, you can't get to the command line interface to access and download/upload files. So, I had to rely on Cisco for that.

There is a huge return compared to if we didn't have a gateway appliance, as far as blocking malicious emails.

The licensing was all transferred. A fair amount of the configuration had to be done by hand. We didn't transfer the people safe list and block lists. There were a number of things that we didn't transfer because they were in the cloud. It was a matter of going through and reconfiguring.

The familiar user interface was important in our decision to migrate from Cisco’s on-prem to Cloud Email Security. We have a lot of other projects going on. Being able to migrate to something that we were already familiar with versus migrating to Proofpoint or something else was a major decision factor. I didn't have to invest that much time, resources, and learning in a whole new product.

If you compare it over Proofpoint, it was a big savings. It was very competitive. It saved us from buying new appliances. Though, I don't know that would have been a big expense, because I didn't do a cost analysis of staying on-prem and replacing the appliances. We were more comparing the solution to Proofpoint, and the cost was considerably less than Proofpoint. It was already in place and working for us on-prem. So, I didn't want to move to Proofpoint because there would have been much more to learn.

Some of the things that we were doing in Cisco, we can't do it the same way in Proofpoint, from as much as I have looked at it. I know there is a difference. They have different solutions. They have some solutions that aren't configurable at all, such as, the lower price ones. They have another one where you are just like a tenant and everybody gets the same thing, then for it to be customizable, it is a lot more expensive. In orders of magnitude, it is more expensive than Cisco, which didn't make sense. With all the little tweaks and customizations that we're doing, I couldn't see how to do that based on the time I spent looking at Proofpoint. It might be doable, but I didn't figure out how to do it. So, I think Cisco is a little more configurable than Proofpoint for tweaking. I could be wrong, but that is my impression.

There wasn't much of a learning curve involved in migrating from Cisco’s on-prem to Cloud Email Security because they are very similar. There were just a few things that were different.

It is a good product. Be prepared to invest time in learning it, like anything. You need to have somebody who is a key administrator, like any enterprise-level product that you would bring in. Even if you will have Salesforce or whatever, you need to have an administrator who knows how to keep it running.

Email threats just keep getting worse and worse, so you need to keep on your toes.

I would rate this solution as a nine (out of 10).

We have it for email security. We use it for some security features to set up emails.

Cisco Secure Email has helped free up our IT staff for other projects because the product is so stable, and you don't have to spend so much time with the administration of the product. You free up time because you don't need to set up so many functions. Some of the functions are out of the box, and they just work.

There are a lot of filters for scam emails and things like that work out of the box. You can also use the antivirus features. I like its features.

Cisco Secure Email can be improved from the administrator's point of view. Usually, you have to work with different areas, and they can try to make it easy for the administrator to use different functions.

Its stability is perfect. It's very good.

We did grow out of the product, so we changed the product to a bigger box. It was the same installation and the same setup, so it was fine. We just replaced them with a larger box.

In terms of our environment setup, we have it set up in two data centers just for redundancy. We have about 1,200 people using it in the organization.

I've been in contact with Cisco Support a few times regarding questions, and I've had a very good experience with their support. They have been able to answer my questions directly, and they replied fast, so it's very good. Regarding Cisco Secure Email, I'd rate their support a nine out of ten.

Positive

When I first started at the company, the product was already there. That was my first experience with the product, but I liked the product, and I thought it was very stable and working well.

I've been involved in the lifecycle management of it and upgrading it, so I have experience with that. It has worked well with no impact on production or something like that.

The upgrade process is quite straightforward. You just have to ensure that you have everything prepared for the upgrade.

It was Cygate in Sweden from whom we bought the product. They were resellers for Cisco, but we installed it ourselves.

I don't have the insights into it, but compared to different products, it seems to have a medium level of pricing.

To those evaluating Cisco Secure Email, I'd advise thinking about what do you need and what is most important for your company in terms of stability and the administration area.

Based on my experience, I'd rate Cisco Secure Email a nine out of ten.

We migrated from Cisco ESA to Cisco CES, we went from the on-premise solution to the cloud solution.

Our primary use case is for email security. Every email is scanned by an antivirus engine and every attachment is also sandboxed before it gets back to the real person. This is an additional Cisco CES module.

On top of this module, we have also subscribed for the Cisco Cloud Secure Email Encryption Service (CRES).

Our other use cases are all about the functionality of the Cisco Email. We are using it as a relaying system for incoming and outcoming mail. External exposed webservices are using the Cisco CES in order to send mails out as our domains.

Another feature we use is the possibility to combine the Cisco CRES together with Cisco CES. All our documents are labelled and are obliged to be sent either through TLS (encrypted channel) or either through Cisco CRES (encrypted mail) for GDPR-compliancy. If the destination domain doesn't support TLS, it is sent by Cisco CRES, otherwise we use TLS. This conditional check isn't (yet) available at Microsoft.

We already used this system on-premise. So there is no real difference except for the encryption plugin that is used. That's beneficial value. You also don't need to invest in physical hardware, location, and physical connections, and an on-premise data center.

The added value of it is that every migration to a new version is initiated by the Cisco personnel, so that is a bunch of work that you don't have to do on the Cisco ESA system on-premise. As it becomes a SAAS-platform, you don't need to invest anything in your own data center or in your upgrade path. 

There was no downtime involved in the migration from Cisco's on-premise to the Cloud Secure Email. It was important to have this business continuity going on and not to lose any emails. We have implemented everything first in a test environment. We had the test Cisco CES in the cloud together with the test exchange system and so forth. Such a smooth transition was possible because we could test everything in a test environment.

If you have the knowledge of the Cisco on-premise solution, it was more like a copy-paste of the settings on the Cisco cloud solution. So the learning curve is rather low if you have the knowledge already of the Cisco system on-premise.

The pricing is more or less the same, but you have to take into consideration all the work that the people have to do. If they need to patch the new system, if they need to do the patching cycle on the ESA itself, and so forth, that's where the money goes.

It's not out-of-pocket money that you gain, but you gain time from people to focus on other systems.

The most valuable features of the Cisco ESA have to do with the intelligence they provide us. They respond quickly to any phishing attacks and threats on the system. 

I also like the pay module, sandbox, and attachments.

The vendor's free migration services ensure that your on premise licenses are transferred when you migrate. It's just a matter of money at that moment. It's good to know that they take into account your old key and give you the new keys on the new machine.

We have Microsoft and we have the E5 licenses, they have more EDR responses on certain emails. That's something that Cisco ESA on the cloud doesn't have. They don't do anything about MITRE attacks. They only detect if there is a malicious email or a threat and they remove it.

If there is an email that has passed through, there is no way to have a global system delete that email from every mailbox. You have to look up the malicious files yourself.

With Microsoft, you can look it up, you can hunt for that in their compliance dashboard. You can hunt that email and then delete that email in one step. That's something that Cisco doesn't have.

I have been using Cisco Secure Email for more than ten years. 

The solution has proven that it's very stable. I only recall three real problems with the system. And I've been working at the same company for 15 to 16 years. It is very stable.

The scalability is fine. 

We have around 1500 users. 

There are two system engineers that support it right now.

Emails grow in numbers. So sometimes we need to alter our system to hold that amount of emails or to grab all those emails and transfer them. 

I don't think we have opened a call at Cisco itself. For the encryption plugin, we opened several support tickets for the implementation. Their support was helpful. It was more technical advice.

I would rate their support an eight out of ten. They are very responsive and they quickly come up with the right answer, which is important. I never give nine and 10. So sometimes they are, sometimes they come quick with responses, but within all the years, sometimes it takes a while until they find a good response. Like that book is something that took a while to find out.

The initial setup was simple and easy. You open one screen of your on-premise Cisco ESA configuration and you copy-paste it to the other screen of your Cisco ESA system in the cloud. So the transition was very easy.

It took around one month to implement. 

The strategy was to get rid of the physical servers and move to the cloud.

We worked with Cameo to do the integration.

Pricing is okay. There are no additional charges. 

We looked at some competitors, like Proofpoint but in comparison, we chose Cisco ESA because we kept the same technology. We knew that the migration path would be less effort than the migration part if we went to another solution or Barracuda.  

Proofpoint was very good at creating general DLP policies, in that you could create policies and you apply them on different platforms, like Teams.

Cisco is a state-of-the-art product. I think Microsoft is catching up really quickly when you take the E5 license builder with it. I think Microsoft can take over the competition from Cisco but it could take a while.

It's a very mature product.

I would rate it a nine out of ten. 

Our customers use the solution as an email security tool.

The product blocks spam emails.

The scalability must be improved. The product is a bit traditional. There are many vendors in the market. A customer might not always choose Cisco.

I have been reselling the solution since 2010.

I rate the tool’s stability an eight out of ten.

I rate the tool’s scalability a seven out of ten. Our customers are medium and enterprise-level businesses.

I rate the ease of setup a seven or eight out of ten. The deployments takes one to two weeks.

I rate the product a seven out of ten on a scale where one is cheap and ten is expensive.

Sometimes, customers choose Forcepoint or Barracuda. Usually, if the customers have a Cisco setup, they choose Cisco Secure Email.

Cisco is an integrated solution. Overall, I rate the product an eight out of ten.