Cisco Secure Email Reviews

It is easy to use. It is not widely used, but it is not tough to understand. Usually, it takes five to six months to become an expert in that particular product because there is not much in it.

The Cisco database is more bug-prone and less accurate than the databases of other email security solutions. Whenever we get a phishing email, Microsoft email server, TruePoint, or Barracuda, they have a much better database. Because Cisco is using Talos, which is not a good database, they do not have much information in the database. So that is really lagging very much behind.

So that is not much recommended by the customers. Every time, customers get frustrated by using them.

There's room for improvement in the DevOps database. It has many spam emails. Usually, we have to report to the Telos team for samples, whether it's spam or a legitimate email. If that is done, then the customer environment won't get compromised easily because more than 80% of cyber-attacks are through emails. So email is like sanitizer it was used in hospitals before COVID, but after, it's provided widely to users.

I used this solution for a year. 

I would rate the stability a six out of ten. We had multiple issues with the stability. Usually, the customer complains that there's an email coming from an outside sender, and it enters our environment, and our email gets multiple emails from a single sender. There might be suspicious emails or multiple things that we usually get from customers.

I would rate the scalability a seven out of ten. Cisco has to improve its database because email security is something like DNS servers. So we have to improve the database and put more information initially in it. 

The initial setup is easy. It starts with the VLS for Open IT. Initially, the host access table is there in the front end. Based on that, we can filter out traffic with IPs from the scale of -10 to +10 if it applies. If you want to whitelist an IP, you need to check the IVRX code. If that code is okay, then we provide a list based on the organization. 

It's a bit easy to handle Cisco Secure Email; it's not that difficult. For the logs, which are in PDF format, it's not hard to read them. We don't need Wireshark much to analyze the logs.

Usually, it's GUI-friendly, and also, the Relics are there on the GUI. We can create some relics, or it's automated from the backend by the development team. We just put in our initial setup requirements, and based on that, we create a red x rule. Then we can implement it into the message filter, and we can handle whatever we want, whether it's blocking emails coming from spam or anything else.

Overall, I would rate the solution a seven out of ten. Once you have hands-on experience with it over a period of time, you will get hands-on experience, and you will be able to understand it. It's easy to use, not that much complicated.

Protection against external email threats is our primary use case.

Less spam means more productivity; less time is wasted, helping both users and the security team.

Anti-Spam and Advanced Malware Protection are the most valuable features. They provide protection from most email threats and we also have the option to block Zero-day attacks.

The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations.

In terms additional features, I would like to see customization of reports and dashboards. 

There should be separately module for Phishing and Fraudulent emails

More than 4 years

IronPort is indeed a very stable solution, including both software and hardware.

Scalability is very good. We have not faced any hiccups over the years with a 15 percent increase per year in the number of users. We currently have 3,000-plus users in our organization.  It is one of the main security controls we have and is used extensively. We don't have any plans at the moment to increase usage, but that might change.

We connect through a local/regional partner. Cisco is not good in dealing proactively or even reactively, so we end up relying on partners.

I cannot answer in detail about the initial setup because it was done before my tenure began. In general, it is a complex configuration.

Regarding an implementation strategy, it is best to define basic policies that deal with malware and spam-blocking which apply to the whole organization and then configure specific policies for individual and departmental needs.

Deployment shouldn't take more than a couple of hours for a team of two engineers.

We have seen ROI in the processing time. It processes efficiently and fast. It is almost transparent in its operation. We only need to worry about our email infrastructure. Security and performance-wise, it does not add any overhead or latency.

I am familiar with McAfee and Symantec to some extent. But we have not used those solutions in our production environment. I can't say much about specific differences between the solutions, but Cisco is more stable and we have not faced any issues with its detection capabilities that would make us look at other solutions.

My advice would be to have a very good partner because Cisco will not be proactive in helping and educating you. They will do proactively health check on their device but they don't offer education/training free to the customers like other vendors do. 

It has a complex UI and configuration menu but the product works well, both in terms of security and performance.

Our main deployment is for a shipping company. We're protecting their local Exchange Server and their online Exchange email.

It means less malicious email, fewer interruptions, and less risk. It actually circumvents malicious emails; rather than getting to the users, the users don't see them. End of story. There's a risk without it. The user might get the email and might click on the link. Once that happens, they are toast, as is the network.

The number of malicious emails it blocks differs from one company to another. It depends on the volume of email they get. I would say on average, depending on how many users there are, it could block 1,000 emails a day.

The most valuable features are protection against ransomware and spam. Those are the main two features. It also adds an additional layer to your networks. Cybersecurity isn't a comprehensive solution. You have to keep on adding layers without disrupting the flow of the business. The Cisco Secure Email Gateway does that, where it adds another layer without slowing down the business or the performance of the network.

The user interface needs some improvement to become more user-friendly. The graphics could be better. It's designed more for a technical user rather than a business user.

The solution has flexibility. I think they are working on improving it as we speak. They're responsive to the feedback we give.

One to three years.

It's very stable. We haven't had any issues or downtime.

It's very scalable, especially the cloud version. You can get up to about 100,000 users on the appliance but the cloud version is more flexible. When you do scale it up you don't see slower performance.

In the largest environment in which we've implemented it, there are 200-plus users. It's utilized by 100 percent of the users. It's not at 100 percent capacity.

Their technical support is very good. We haven't had any issues. Their response is very prompt and they are very knowledgeable.

The initial setup is straightforward. There are two flavors. There's the cloud-based and the appliance. With the cloud-based solution you just point your email server to the IP address in the cloud. With the appliance, you just install it into your rack and connect it to the Exchange Server. The cloud deployment takes about ten to 15 minutes, and the appliance, because you have to install it, takes about 60 minutes.

It requires just one person for deployment. It doesn't require anybody for maintenance. You just set it and go.

The return here is more security and fewer interruptions. It's more stability and productivity versus less productivity, although I'm not sure how you can quantify it.

It's a time-saver. If you get interrupted by ransomware or a hack, it could be costly. Every breach, just the cybersecurity breach, on average costs at least $65,000 to fix, let alone the interruption in work and retrieving data, according to industry sources. You could say that you're minimizing your costs by $65,000.

Licensing costs depend on how many users there are. It could range between $5 and $7 per month, per user. There are no costs other than the standard licensing fees.

There is no totally comprehensive solution in cybersecurity. I find Cisco Email Security to be comprehensive, but it's not 100 percent. There is no silver-bullet solution when it comes to cybersecurity. You better keep on adding protection layers to your network. Don't think you're not going to be a target. As a small or medium business, you will be targeted. It's so easy to get through a firewall nowadays. One layer of cybersecurity is not going to do it. You need to add two, three, four layers. 

It's just like going to the airport. The first thing you see is the check-in desk. They check who you are, that you have valid credentials, where you're going and why. Then you go through the scanners. Then you go through another layer of security. Once you get through, you're also being watched to make sure that you don't become "malicious." There are a lot of layers.

I would rate the solution at nine out of ten. What comes to mind when giving it that rating is ease of use. Just set it and go. A better UI would make it a ten.

i'm usining it as frontal gateway for controlling and securing the mails flows to my on-premises exchange servers

This product has made my messaging platform more secure. it contain and extended security feature ,policy rules for filtering , and multiple engine for scaning add to that encription , security is very important for critical business with data inhouse.

after doing a third party pentesting, they found the security at a high level regarding the messaging security part testing,and the only recommendation they gave and need improvement is adding the sendboxing, for those attack ranked at zero day attack, which can't be detected.

knowing i'm using premium licensing, i checked the Advanced Malware Protection (AMP), which is on-demand feature, i found that, this feature act like a sendboxing

With each product release since 2012, they have continuously fixed our issues or complaints. In the beginning, it needed a lot of work. Now, we are happy with it.

More than five years.

It is currently stable. I will upgrading next year, but the current version has been working great for six year.

We have two people (system administrators) performing maintenance for the system and security part for the company.

Everything is fine with the scalability.

We have 400 users on this product, with two site, 2 physical appliance in one site and one physical appliance in the second site the three working as a cluster, and next year, we plan to increase our usage and move to the newer physical appliance version. because those we're using , are arriving to them end of life soon.

The technical support is good.

Right now, I am paying for it, but I don't use it because the solution is stable.

I have previously used McAfee, Kaspersky, TrendMicro, barracuda, websense.

The initial setup was complex because I have two sites with physical clusters. and i made it alone during the working hour without interruption.

The length of deployment will depend on the complexity of your infrastructure and your knowledge.

This product is the complete solution and the real deal.

I am using the on-premise version.

We are an internet service provider with a few hundred customers. All our customers need a reliable solution for email security and this solution from Cisco helps us to implement the customers' needs and to offer the security the customers want.

We are using all the appliances on premises. They are virtual appliances only. We are not using the cloud because we own our data center.

With Talos threat intelligence we are protected. I cannot guarantee, 100 percent, that the protection will always be there because something new can appear on the market, something that Talos doesn't know, but we are confident that Talos assures us of all the security we need. We are happy to be using it.

We have customers who was looking at our product catalog, what we offer, and they said, "I don't need the email security appliance because at my company things are secure without that." The prices are quite expensive for the security appliance and the customer wanted to manage his business without it. After some weeks, we get a feedback from the same customer that the malware is already in his company and now all the data are compromised." After that, the customer chose to buy this email security appliance because his security was as important as anything else. We have more examples like that, that have happened in the last year. You are never secure without some solution from Cisco.

When it comes to preventing downtime, the Cisco Security Email appliance protects our customers so that they don't lose their information and can continue working. I am sure that many of our customers have been attacked with ransomware and with malware and this solution protects them.

• We are using Advanced Malware Protection since a few years and It works very well. 
• Our customers are safe now using the AMP sandboxing solution. 
• The appliance has more security such as SPF, DKIM, DMARC, and encryption. 

There are a lot of security features that we can implement.

All the appliances are connected with Cisco Talos and they check, in real time, with Cisco Talos. AMP is using Cisco Talos, and we have other products from Cisco, such as web security and AMP for Endpoints, that are using Cisco Talos too. Talos is a very important tool that speaks with all Cisco products.

We have been struggling in the last month with Cisco encryption and with the S/MIME encryption. I don't know if it is an issue on our side or if these features of the solution are not working very well. The documentation is good but I'm not sure if the functionality in these areas of the solution is implemented very well. We are evaluating the situation.

I've been using Cisco Secure Email for between eight and 10 years.

The stability of the solution has made a very good impression. In the last two or three versions, I haven't found bugs or anything that could affect the stability.

The scalability has been fine so far. We are very happy to use the cluster functionality in the ESA. 

The same type of clustering in the ESA has not been implemented for Cisco web security and we have been waiting for years for that functionality for the web security. But in the Secure Email it's working very well and we are happy with it.

Sometimes the customer support for Germany is good and sometimes it's very bad. We have over 200 technicians and we have been working with Cisco products for 15 to 20 years. We have a lot of knowledge. If someone in customer support knows less than us, it is difficult to get them to understand what we are looking for or what our needs are. Sometimes we need to escalate, to ask for another technician who can help us. There are times when it takes days or weeks until we receive good customer support from Cisco or from this company that supports Cisco. And when there is an issue for our customer, a few days or a few weeks could result in a disaster.

I have deployed some 100 email security appliances, so from my side the deployment is very intuitive and simple. We don't have difficulty deploying it in our data center.

We create our own template in our virtual environment, and from this template we are deploying further security measures. To deploy it virtually takes about 30 minutes and after that the customization for our customer could take from half an hour to a few hours, depending on how complex it is.

We have five to 10 people involved in deployment of the solution. The people who work with it are technicians, the system administrators, administrators, and people in IT SecOps.

We tested only two other solutions, the Trend Micro product and the Check Point product, so I can't compare Cisco with all the solutions out there, but it's all the solution we need. For phishing and malware it's doing a good job.

We didn't like the instability with Trend Micro. Check Point was complicated to use; it was a very complex system. The Cisco system is intuitive, simple to use and simple to understand. I am a technician in our company, so I don't know which solution is cheap or which is expensive. But for the functionality we stay with Cisco because Cisco is our partner and this email appliance can connect with other Cisco products. They work together and that gives us confidence in using Cisco Secure Email.

When it comes to preventing phishing and business-email compromise, in the last year the efficacy has been improved. For four or five years this solution didn't work as well, but last year and this year we have seen that with every new version, the efficacy is there, and the solution is working better and better. Our customers are happy to use it. It has made a great impression in this area.

Similarly, regarding spam, malware, and ransomware, in the last few years the solution was not so good but there was not so much malware. However, these days, the email solution from Cisco does a real good job of preventing malware.

About half of our customers use Office 365. A lot of customers, if they are migrating to Office 365 from an on-premises Exchange server, choose to increase their security with Cisco. The combination of Cisco Secure Email and Office 365 is working very well. Since this migration to Office 365 started, over the last two to three years, we have had no complaints from our customers.

We have trusted Cisco's email security for eight or nine years and we are going to use it in the future. We recommended it to our customers. We are happy with how it works, with the stability, features, and functions.

Cisco Secure Email is our primary gateway. We are a service provider in India. Cisco scans every email that gets into our system.

We faced a targeted attack. Most of our customers were targeted, but no one got the email. It was quarantined by Cisco. That is why we are still using Cisco.

The solution has no competition. ATP has been the most valuable in improving our email security posture. It has helped our customers too. The click-time URL protection is also valuable.

When we use multiple Cisco devices, we cannot manage the servers with a single UI. We must log in to each server for the management. We cannot manage multiple devices from a single UI. The solution has some inhibitions. They need to be finetuned.

I have been using the solution for 15 years. I am using the latest version.

I rate the tool’s stability an eight out of ten.

We are supporting around two million mailboxes. I rate the tool’s scalability a seven out of ten. It is a multi-server architecture, and I have to manage them separately.

We hardly get in touch with the support team. Whenever we got in touch with the team, the support was good.

Positive

We are using both cloud and on-prem versions. The deployment took less than two hours. We keep a backup of the configuration ready. Once we implement the server, we just put in the configuration and start.

We do the deployment ourselves. We also do maintenance and troubleshooting. We have around 20 L3 engineers on our technical team.

The pricing is good. We do not have any issues. I rate the pricing a five to six out of ten. There are no hidden costs. We know about the additional costs associated with the tool.

We do not integrate the product with other tools. I will recommend the product to others. Overall, I rate the solution an eight out of ten.

We have around 500 to 600 users and we use it for services like Anti-Spam, Advanced Malware Protection (AMP), and scanning. We are also using also multiple content filters, and it's working pretty well for us. In combination with Cisco Secure Email Gateway, we are using Trend Micro.

Before we had Cisco Secure Email Gateway, so we had more spam emails. In fact, we had some other solutions in place, but there was more spam going to the Exchange Server when we compare between we didn't have Cisco Secure Email Gateway deployed and when we deployed it. We cannot say it's 100 percent, but we're covered for 90 to 95 percent of spam. No spam is going to the user right now.

We are using almost all the features because they are necessary to protect emails. The most valuable feature is the different content filters we are using, such as DKIM. 

The Anti-Spam feature is also valuable for us because, most of the time, we notice that what is coming in is spam, and the Anti-Spam filter works very well. That's one of the features we like most.

We would like to see more options for the customization of content filters.

Three to five years.

The stability of the solution is very good. They always come out with very stable versions of firmware and it has never caused any issues.

Cisco Email Security is working well for us, but we currently have no plans to increase usage.

Technical support is very fast to respond. They are well-trained and experienced.

We were using Trend Micro and we are still using it now that we have Cisco Secure Email Gateway. Cisco's solution is more efficient and provides more options. For us, it also creates one more layer of security.

The initial setup was pretty straightforward. The basic mail policies were very easy to set up, but tuning the email flow and blocking certain things according to particular requirements takes time.

The initial deployment took about a week. Our implementation strategy was not to stop the mail flow while implementing adequate security features, including Anti-Spam, AMP, and AV.

Deployment and maintenance requires one engineer, maximum.

We used an integrator. I was not involved directly.

Licensing is done yearly, but I am not involved with purchasing side of things.

Cisco Secure Email Gateway was our first choice.

This is a great product with wonderful support. You won't have any issues.

The primary use case was for email security and load balancing between Exchange mail servers.

From a security standpoint, IronPort really helped with the mail filtering and load balancing between the Exchange servers they had. IronPort enabled us to blockade domains that send these emails. IronPort gave us fantastic service.

By the time I administered it, I was able to block some 25 or more domains.

The filtering is something I found very valuable. 

Also, the users were able to do a check by themselves on quarantined emails. They could check if a valid email had been stopped, if it matched up with the SPF certification. The kind of environment we ran was a kind of complex environment. For us to be in compliance with PCI DSS and ISO 27001, the users needed to implement this and we needed to know how often we got unsolicited emails and how to mitigate users being victims of spear-phishing or phishing attacks.

One of the things that Cisco could improve on with IronPort is the support. Cisco doesn't really have enough engineers who have full, hands-on knowledge of IronPort. Knowledge of it is not something you can find easily compared to other security appliances. They could also share more technical resources on how to do conversions.

I did a video tutorial while I was training on CISSP and on CCIE security. There was a series that had the Cisco Secure Email Gateway in it and also the WSA. I was able to follow most of the configuration and explanation from the instructor.

Also, if Cisco Secure Email Gateway and WSA could be brought together, it would make a better appliance, one wholesome appliance.

One to three years.

From my perspective, it's pretty stable. We didn't have any issues.

It's scalable. In the enterprise in which I had to deploy it, there were between 500 and 1,000 users, so the scalability is quite okay. We had two Cisco Secure Email Gateway boxes and there was load balancing using Cisco ACE. The scalability is okay.

There weren't any plans to increase usage, as far as I can remember. It was used very well and they're still using it. I do interact with the current engineer now, and I don't think there has been a serious issue of late. The only issue he told me about is some outside mail is being trapped by the current site.

I did contact support once or twice before I left and that was during the license regeneration. We had an issue which was more like a wrong configuration. There were some steps that needed to be taken to correct it. Support was awesome, although it took a while.

Because I had a video walkthrough that I made use of, I found the configuration pretty easy, not so difficult. Also, the prior knowledge of my then-line manager gave me an edge, helping me with using and administrating it.

The deployment I did last was done within five to ten days.

IronPort has been in production before I got the job. They had issues because the configuration was not suited to the business. What I had to do was a clean configuration, reload it, and start the configuration all over again.

I and my line-manager were the ones who were involved. I did a larger chunk of the job. I was the only one maintaining it until I handed it over to the network engineer who took over from me. Maintenance takes one person or two.

It reduced the costs resulting from phishing attacks on the organization. That was one of the major reasons for deploying Cisco IronPort.

There were no other costs in addition to the standard licensing fees.

So far, so good. IronPort was fantastic. It's an awesome solution, but I don't think it's something for a small-sized organization due to the licensing cost. I think it's a great solution for email security.

I would rate Cisco Secure Email Gateway at eight out of ten because of the awesome functionality and features. The only downside with it is the knowledge about it. When I was trying to enable cloud encryption services on it, allowing you to encrypt emails to send confidential emails to a third-party, the resources on that were not that grounded and the technology was somewhat difficult to configure. The way the technology works for email encryption services is not ideal because once you send an email to someone, he has to click on a link and be redirected to a web portal, rather than having everything done on his email platform.