Cisco Secure Email Reviews

It provides good IT assistance. 

It is not user-friendly, and it is quite complicated. So, it should be more user-friendly. The GUI is difficult to understand. 

We have been using this solution for four years. We don't use the latest version of the hardware. 

It is a stable solution. Stability-wise, it is good.

It is not scalable. For scalability, Cisco products are not good. That is the problem. And for deployment, it's a three-tier architecture system.

We have around 200+ users.

Cisco's tech support is good. But they respond very late. The support in itself is good, so there is room for improvement. 

The setup is quite complicated. It took us one week to deploy. 

The deployment was done by the consultant company.

As per market availability, this solution is more expensive than other vendors.

My company is looking for a new email filtering server or system. So, I was just making the comparison with Cisco and FortiMail, and that's what we're actually looking for a new or updated system. So this is the reason I was doing this R&D.

Overall, I would rate the solution a seven out of ten. 

We migrated from Cisco ESA to Cisco CES, we went from the on-premise solution to the cloud solution.

Our primary use case is for email security. Every email is scanned by an antivirus engine and every attachment is also sandboxed before it gets back to the real person. This is an additional Cisco CES module.

On top of this module, we have also subscribed for the Cisco Cloud Secure Email Encryption Service (CRES).

Our other use cases are all about the functionality of the Cisco Email. We are using it as a relaying system for incoming and outcoming mail. External exposed webservices are using the Cisco CES in order to send mails out as our domains.

Another feature we use is the possibility to combine the Cisco CRES together with Cisco CES. All our documents are labelled and are obliged to be sent either through TLS (encrypted channel) or either through Cisco CRES (encrypted mail) for GDPR-compliancy. If the destination domain doesn't support TLS, it is sent by Cisco CRES, otherwise we use TLS. This conditional check isn't (yet) available at Microsoft.

We already used this system on-premise. So there is no real difference except for the encryption plugin that is used. That's beneficial value. You also don't need to invest in physical hardware, location, and physical connections, and an on-premise data center.

The added value of it is that every migration to a new version is initiated by the Cisco personnel, so that is a bunch of work that you don't have to do on the Cisco ESA system on-premise. As it becomes a SAAS-platform, you don't need to invest anything in your own data center or in your upgrade path. 

There was no downtime involved in the migration from Cisco's on-premise to the Cloud Secure Email. It was important to have this business continuity going on and not to lose any emails. We have implemented everything first in a test environment. We had the test Cisco CES in the cloud together with the test exchange system and so forth. Such a smooth transition was possible because we could test everything in a test environment.

If you have the knowledge of the Cisco on-premise solution, it was more like a copy-paste of the settings on the Cisco cloud solution. So the learning curve is rather low if you have the knowledge already of the Cisco system on-premise.

The pricing is more or less the same, but you have to take into consideration all the work that the people have to do. If they need to patch the new system, if they need to do the patching cycle on the ESA itself, and so forth, that's where the money goes.

It's not out-of-pocket money that you gain, but you gain time from people to focus on other systems.

The most valuable features of the Cisco ESA have to do with the intelligence they provide us. They respond quickly to any phishing attacks and threats on the system. 

I also like the pay module, sandbox, and attachments.

The vendor's free migration services ensure that your on premise licenses are transferred when you migrate. It's just a matter of money at that moment. It's good to know that they take into account your old key and give you the new keys on the new machine.

We have Microsoft and we have the E5 licenses, they have more EDR responses on certain emails. That's something that Cisco ESA on the cloud doesn't have. They don't do anything about MITRE attacks. They only detect if there is a malicious email or a threat and they remove it.

If there is an email that has passed through, there is no way to have a global system delete that email from every mailbox. You have to look up the malicious files yourself.

With Microsoft, you can look it up, you can hunt for that in their compliance dashboard. You can hunt that email and then delete that email in one step. That's something that Cisco doesn't have.

I have been using Cisco Secure Email for more than ten years. 

The solution has proven that it's very stable. I only recall three real problems with the system. And I've been working at the same company for 15 to 16 years. It is very stable.

The scalability is fine. 

We have around 1500 users. 

There are two system engineers that support it right now.

Emails grow in numbers. So sometimes we need to alter our system to hold that amount of emails or to grab all those emails and transfer them. 

I don't think we have opened a call at Cisco itself. For the encryption plugin, we opened several support tickets for the implementation. Their support was helpful. It was more technical advice.

I would rate their support an eight out of ten. They are very responsive and they quickly come up with the right answer, which is important. I never give nine and 10. So sometimes they are, sometimes they come quick with responses, but within all the years, sometimes it takes a while until they find a good response. Like that book is something that took a while to find out.

The initial setup was simple and easy. You open one screen of your on-premise Cisco ESA configuration and you copy-paste it to the other screen of your Cisco ESA system in the cloud. So the transition was very easy.

It took around one month to implement. 

The strategy was to get rid of the physical servers and move to the cloud.

We worked with Cameo to do the integration.

Pricing is okay. There are no additional charges. 

We looked at some competitors, like Proofpoint but in comparison, we chose Cisco ESA because we kept the same technology. We knew that the migration path would be less effort than the migration part if we went to another solution or Barracuda.  

Proofpoint was very good at creating general DLP policies, in that you could create policies and you apply them on different platforms, like Teams.

Cisco is a state-of-the-art product. I think Microsoft is catching up really quickly when you take the E5 license builder with it. I think Microsoft can take over the competition from Cisco but it could take a while.

It's a very mature product.

I would rate it a nine out of ten. 

Cisco Secure Email's most valuable is email certification.

The product's GUI for the dashboard needs improvement.

We have been using Cisco Secure Email for one year.

I rate the product's stability a ten out of ten.

One administration executive in our organization uses Cisco Secure Email. I rate its scalability a ten out of ten.

The initial setup has medium complexity. I rate the process a five out of ten. We follow the Cisco guidelines for deployment. It requires two executives to conduct the process.

It is an expensive product. I rate its pricing an eight or nine.

I recommend Cisco Secure Email and rate it a ten out of ten.

The big use case is filtering inbound messages for spam and malicious messages. Obviously, it's a huge issue for everyone to keep as much of that stuff out as possible.

Users are getting a lot fewer malicious and nuisance messages. When we moved to the cloud product, we added in a service for graymail unsubscribe which we didn't have before. That makes it very easy for people to safely unsubscribe from mailing lists, especially the sort that they have been added to without knowing what the company is. That has reduced the amount of time users waste going through that process and the amount of time IT has to spend responding to questions about what they can do about things like that. In general, it's enabled us to spend less time addressing user issues regarding junk mail. It has also been better about not blocking legitimate messages, which again comes down to saving time for both users and IT.

The migration from the on-prem email security to its cloud email security saved us money, versus where we would have been if we had kept the on-prem with them. Versus the Microsoft service, it was basically a wash. But compared to Cisco's on-prem service, the cost is the same, but you don't have to pay for the hardware and you don't have to maintain the system, as far as upgrades and hardware failures are concerned. It is cheaper to operate on their cloud service than it is to operate with their on-prem service. The hardware savings are from whatever level of hardware we ended up not having to buy. If we had stayed on-prem with it, we would have needed to buy two new appliances that year, appliances which would have cost $10,000 or $12,000. I don't have a good figure on how much manpower we spent maintaining upgrades with the on-prem. It wasn't huge, but we probably save an hour a month, on average, on maintenance.

For maintenance, it depends on what's going on, but there may be a few hours a month for reviewing, reporting, and for addressing any user issues. User issues mainly revolve around things like, "Okay, the user hasn't gotten an email from so-and-so. Check and see whether or not they've got it." But as far as actually maintaining it, to ensure it keeps functioning, it's pretty minimal; maybe an hour a month. The people who handle the maintenance are from our infrastructure group, which is a combination of systems and network functions.

A few of the big features are ones that we found that we missed terribly when we moved over to Microsoft. One of them is simply the logging that they have in the reporting. For example, if I wanted to get logs about emails since last week, from a certain address, with native Office 365 I would have to submit the search requests and I would get an email a few hours later with the results. With Cisco, it's not only a lot more detailed information, but it's nearly instantaneous. So if you have to do any sort of research into an issue, whether it's security or something is missing, it makes that much less labor intensive.

The filtering is definitely better at catching both spam and malicious messages, and there's a lot of extremely granular ability for setting up rules. You can do it the way you want to. The Microsoft solution tends to be pretty limited in how it allows some of that to be done. It forces you into doing it a certain way, even if it's not good for your business process.

The interface is dated. It has looked pretty much the same for 15 years or so. It would be helpful to be able to do everything from one spot. The centralized quarantine and reporting are completely separate from policy administration.

We used it consistently from 2007 to the beginning of 2020, and when we went off of it, it was about three months before we started back up with the cloud option.

We haven't had any stability issues with it. It seems to be good.

I haven't seen any scalability issues. I'm not quite sure how scaling would be handled if we had a truly immense increase, but I haven't seen any challenges with it. We're on the small side so we may not be a good example.

We don't really intend to change our usage much. We use it for all of our inbound and outbound email.

I haven't talked with their technical support much in the last few years. The only issue I've had was a support case for getting command-line access set up. That was fine, but there was virtually no contact about it.

We have had two runs with Cisco Secure Email. We initially ran it on-prem and that started in 2007. It was the same year, or a little bit before, Cisco bought the old IronPort product. And last year, we initially ended up dropping the on-prem, when we were moving into Office 365. Although we were happy with it, the thought was, "Okay, if we move everything to Office 365, Microsoft can handle that. We have their full-blown mail filtering products." We thought it would probably save us some workload, not having an extra product to deal with.

The intent was that we were going to consolidate to a single product when we moved to the cloud for email, and we found out that it didn't work as well as we had expected. We didn't do a direct conversion from the on-prem to the cloud solution. There were a couple of months between it during which we tried the Microsoft option.

We then found out that they were not nearly as good as one would expect from a market leader in corporate email. I then contacted Cisco about what it would cost to do it in the cloud with their products. I was rather surprised to find out that they don't charge anything more to host it, than they do to have you run it on your own equipment. We ended up jumping back into it with their hosted solution, without really planning to. When the cost came back and was as attractive as it was, we decided, "Okay, this Microsoft filtering is not working out. Let's go back to Cisco." We went back to it and it's been working really well, better than it did when it was on-prem, because we don't have to maintain as much of it.

We had been using encryption on Cisco before, but we did end up leaving that with Microsoft, just because it integrates with their Outlook browser better. I'm at something of a toss-up on which one I prefer. Because the Microsoft solution integrates directly with the Outlook client, it is a bit easier for users to manage. But the encryption on it seems to work fairly decently, although it has the same problem that all of them do. There are tons of standards for that. Everyone has their own. It would be great if there was some sort of multi-vendor standard for that but, without it, we moved it over to the Microsoft solution and that seemed that to be a little easier for users.

Because we had those few months in between, we didn't qualify for a license transfer. We had let the initial service lapse and then we brought on the cloud service.

It ended up being a really easy setup for the Cisco cloud product. I was pleasantly surprised how much was already ready for you out-of-the-box.

I found the setup to be straightforward, as someone who was familiar with the management environments. If I had not had the experience with it, there would have been areas that could use more documentation to explain what different sections of the product do. But I had been using it for a long time, so that was not an issue. But I could see that is an area they could put more into. We also had a technical contact available to us for when getting started, to whom we could reach out. But it would be good to add in some more entry-level documentation.

As far as the policy setup goes, our equipment was end-of-life and we weren't at a version that we could migrate from. So we decided to do greenfield for the setup and we're actually happy we did because Cisco's default setup on its cloud product, when they brought up a new blank instance for us, had a really good framework for rules, et cetera. We copied in exception lists and the like from our existing setup and we were up and running in an afternoon.

When we went in, we initially did it as a trial, because they offered a 30- or 60-day trial. We did that to see if this was what we wanted to do. We ended up poking around in the environment a little bit first, because the whole thing was an unbudgeted change for us. When we moved over to Microsoft we found we were having all these issues. We put some resources into trying to resolve them but we saw there were deficiencies in Office 365, when it comes to the filtering of email. We started the trial with Cisco to see if going back to them and their cloud would solve things. We liked what we saw and decided to move everything over. The grass really was greener on that side.

The downtime involved in the migration from Cisco's on-prem solution to the cloud email security was minimal, about 15 minutes. The downtime aspect wasn't especially important since we did it after hours. It's emails, so it's not like anybody was going to notice that it was down for that amount of time.

The learning curve involved in migrating from the on-prem to the cloud email security was pretty easy. The environment really is very similar to manage in the cloud. If you look at the management consoles that you're used to seeing on-prem, and you look at the ones in the cloud, about 99 percent is the same. There are some things that are unavailable because Cisco is handling the software upgrades, but almost all of it that you had on-prem is the same. There are a few extra steps to getting into the command line, they're a little bit weird, but all the policies are identical to the on-prem method. There's not much learning curve involved in switching.

Overall, the migration was massively easier than I expected it to be. We did it on a Sunday afternoon and it only took about three hours.

We were in touch with the technical contact from Cisco for some basic stuff, for getting started.

We were just evaluating between Cisco and Microsoft's advanced threat protection.

We decided not to evaluate anyone else when we saw that Cisco was going to be less expensive than we thought it was going to be. My expectation going in was that the cloud service would cost more than the licensing for on-prem would, because they're hosting it. But that wasn't actually the case. It ended up costing about the same as what the on-prem cost, except that we didn't have to buy hardware anymore, which obviously saves some money.

It's definitely worth looking at Cisco's cloud email security offering. It's surprisingly simple to get going with, and it really is easier to use than the on-prem because of everything they have built into it. It is surprisingly cost-effective.

It's integrated with their AMP product, although that's sold as a part of it. We haven't integrated it with other Cisco stuff at the moment. We've got third-party stuff that we have it integrated with. 

We are using two security appliances. One is a web security appliance, IronPort, as well as the Cisco Secure Email Gateway. They are used for web surfing.

We need to differentiate among users with specific boundaries. Some users have full access and some users only have limited access. That is what we are using it for.

It integrates with Active Directory and we can limit specific users to using specific applications. 

I would like to see a cloud service implemented for IronPort with specific domains which companies register to blacklist. Emails or anything coming from those domains should be automatically blocked or automatically scanned. Cisco should implement a cloud service for IronPort. It should scan automatically, without our needing to say, "Scan this," or "Scan that." It should be done from their side.

Also, the hardware is not up to the mark. Two to three times a year we have complete downtime. There must be an issue with the hardware itself. The software is very good. It works really well, but when it comes to the hardware it's not good enough because of the downtime. That hasn't happened with any Cisco device until now.

Three to five years.

The scalability is really good for multiple users. There is no issue with the scale. We have 300 to 400 users.

Technical support is really good. As far as I know, whenever we need it, they help us very well. Within half an hour or an hour of our call, we get technical support to WebEx us, depending on the situation or the issue. That's pretty quick.

The initial setup was straightforward. There was nothing complicated. It doesn't take more than two engineers. When it comes to the software, if there is good coordination between a Cisco guy and an email-server guy, the two of them would be enough to implement it.

It was really easy to implement. Even a newcomer joining the company could easily implement it. There is nothing complicated in the device. It can be easily implemented without headaches.

We took a three-year license. In addition to the standard licensing, there is a cost for SMARTnet as well. That is necessary because the hardware device is not stable at all. So if anything goes wrong we have two appliances to use. With SMARTnet, Cisco will send a new device within a week.

We are looking for a solution. We are in communication with other vendors to integrate with Email Security or to provide us a new solution.

The Cisco Secure Email Gateway, in my opinion, is a really good device. In terms of configuration of the software, it's just click, click, and you are done. If you have redundancy then you are in safe hands. It's a very good solution for email security.

We could be changing the appliance. I have heard from someone that Cisco has released some appliances for email security. I believe we need to try this. We may change our existing device and move to a new Cisco technology. We would keep the software. We usually upgrade it based on the newest versions.

Until now, I haven't seen any breach or any attack on the Cisco Secure Email Gateway.

Overall, I would rate this solution at nine out of ten. I could give it a ten if the hardware was better.

I use the solution for spam filtering.

The solution works well. Cisco claims to have the biggest threat intelligence database in the world. We trust them because they are enterprise-level products. If we are protected, then it is working well. I am satisfied with the overall performance of the solution.

The management features of the product are not up to date. It does not match the features provided by the new vendors in the market. The solution does not offer features to protect workloads on the cloud.

My organization has been using the solution for the last 20 years.

Support is not good. The support team provides a slow response. I rate the support team a six or seven out of ten.

Neutral

We pay at least 25% more for Cisco Secure Email than Trend Micro. Cisco’s support is better than that of Trend Micro.

The solution is expensive. Every additional workload or feature has an additional cost. The product should provide a single bundle for protecting both on-premises and cloud solutions. We do not have to pay for support.

We do not have the resources to review the product technically. It is very difficult to analyze these weaknesses. As an end user, we need something to defend us and block threats. If any product works with 95% efficiency, we can say that it works well. Email protection is very critical. No one should take risks.

Cloud protection apps are very critical to the business. They should be easy to configure and easy to manage. These days, there are hundreds of products available. It's very difficult to find a good solution. Just because a tool is popular, it does not mean that it will always be the best solution. The backend technique is very important. Machine learning, artificial intelligence, and threat intelligence are very important.

If we have more knowledge, we can have more protection. If we don't have the knowledge, we can't. The solution does not offer a complete bundle for on-premise and cloud protection. If we need more features, they charge us more. They do not offer all features together.

Overall, I rate the tool a seven out of ten.

It is an anti-spam solution, and we primarily use it for email anti-spam. It removes the spam emails, and we have our own manual filters to remove unnecessary or unwanted emails. So, it is working just fine.

We have been using the solution for more than three years. We started on version 9 and are currently on version 11.1.

In regards to what we filter out, we don't have a lot of information. We have a small team who handles most of the software, including the email filtering and email security. 

The solution drops bad email, like the spam or emails with viruses. We are not currently doing further analysis to indicate what was really targeted, or determining if something else with generated, malicious or spam. The filtering is okay, and we don't have complaints from our customers or users, so we aren't doing any further steps.

The email processing and event logging are very detailed and valuable. They are also helpful when we troubleshoot email issues and perform email analysis, even though the logs are not structured properly.

We like the in-built features, like the email filtering based on the IP and domain. Cisco has its own blacklisted domains and IPs, which is very good. This filters around 70 percent of emails from spam, and we are seeing fewer false positives with this.

The notifications about why the emails were blocked is a good feature.

Having Cisco Email Security as a standalone solution is not good enough. It needs to be combined with another solution. For example, it will not stop all phishing and malware. We tried having only Cisco Email Security (IronPort) and faced multiple issues due to the sandboxing. The sandboxing for this solution is not up to mark and needs improvement. It does not detect much at the moment, just the set criteria that it already has designated.

The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working.

While the tool does a good job of blocking malicious emails, it does have limitations. For example, it sometimes cannot identity file extensions and sends through files that we don't want, like OneNote. We can filter by file name extension, but it is too easy to change the file name extension by adding numerical characters, etc.

Three to five years.

We expect 95 to 98 stability (perfection) in the product. 

We have one person doing maintenance, which is me. I handle this product along with three other security products. 

We are currently utilizing all the features in the product.

We have 1100 users.

The support is great. They are very fast with their responses and are very knowledgeable. Its support is available 24 hours. These things are very good.

We did not use a solution prior to this one.

We were looking to automate most of the stuff related to email filtering, so the solution bought from IronPort (now a part of Cisco) was to reduce our workload.

The initial setup was straightforward, but very lengthy, because it powers up most of the options from the email filtering solutions. While it is good, it will take some time to implement all the features, compared to other solutions. 

It is very simple to set up, but we decided to set it up with exceptional cases. Cisco is more flexible compared to other solution, but it could still improve, especially in the area of ruling logic and enhanced communications. With some other email security products, we can have very complex conditions which we can filter out. This is still not available with Cisco Email Security.

It takes a minimum of a month to build the setup. However, for a good set-up, it will require one year to put in place all the options in place. We had to understand how the emails flowed. 

An implementation partner, SecureLink, helped with the setup. They did a good job and were knowledgeable in the product. But, as an implementation partner, they do not take responsibility for any failures of the product.

Cisco helps with the day-to-day. 

We set up the filtering options ourselves.

We have seen ROI. Only 70 percent of phishing and bad emails are getting through. There are very few solutions that boast this percentage of filtering. This level of filtering helps our company.

It is not that costly. We pay for the solution through a contractor and pay an annual fee.

We are currently using two different email security products, which is how we are able to identify the pros and cons of Cisco Email Security. We use a similar product called FireEye. It can detect based on sandboxing. Anything bad that it sees, it will detect. It is not based on file extension or file types. Recently, we have been able to block with it using some type of file extensions or hash.

I would recommend to use Cisco Email Security first as your email filtering solution, but do not rely on it as your only solution. 

I like the product because it is very easy to work with or we can make it complex if we want.

The solution is an email gateway.

The security features are valuable. I am satisfied with the product.

The user interface is a bit complex. It is not very easy to learn the product. It is not very intuitive.

I have been using the solution for more than three years.

The tool is stable.

The tool is scalable. We have eight to ten administrators. All our emails go through the solution.

There is a bit of a communication gap in support. The support persons must improve their responses.

Positive

The solution is cloud-based. The initial setup is straightforward.

Overall, I rate the solution an eight out of ten.