Cisco Secure Email Threat Defense Reviews

The main use case for Cisco Secure Email Threat Defense is as a gateway for email traffic into and out of the organization. It serves as the primary conduit for emails, providing content filtering, compliance-based email filtering, and DLP features. Users can manage their own email, especially for interactions with clients and vendors, reducing reliance on help desk support.

Cisco Secure Email Threat Defense's best features include user management of graymail, enhancing security awareness by allowing users to manage cold calls, sales-based items, and ensuring email compliance. Additionally, the flexibility of the solution is apparent, even though some backend controls such as spoof, DMARC, or DKIM could be more user-friendly. Integration with threat intelligence feeds significantly enhances the ability to analyze and improve security measures beyond basic email protection.

The behavioral analysis capabilities help identify new or evolving threats, with offshoot analysis carried out by third-party vendors to ensure comprehensive security oversight.

Despite not using analytics and reporting features extensively, the ability to offload email analysis to a vendor-managed CES platform adds value to existing security frameworks.

Modernization is an area that could be improved for Cisco Secure Email Threat Defense, as some features have lagged behind newer competitors, potentially offering more advanced analysis capabilities. The initial setup is not straightforward and requires expertise and time to master configurations such as spoofing and DLP. More control over backend functionalities and simplifying rule management could enhance user experience.

The product's complexity at times results in redundant rule sets that are difficult to untangle, highlighting the need for streamlined management systems and a more user-centric approach to system configuration. Furthermore, the pricing might deter new users who could opt for alternative, more cost-effective solutions.

I have dealt with this product for four or five years.

The initial setup is not straightforward and requires some level of understanding. It takes time for someone to master the environment to configure items such as smart mail, spoofing, content filters, and DLP functionality. It is a powerful tool, but it requires some degree of engineering and understanding of how a mail system is supposed to work.

I would rate Cisco for their support on this product as an eight at the beginning, but over the years it has averaged around six or seven when we receive a good TAC response.

I am familiar with other email security solutions such as Proofpoint and other vendors. I have had considerable experience using those solutions.

The initial setup is not straightforward and requires significant understanding. It takes time to master the environment to configure features such as smart mail, spoofing, content filters, and DLP functionality. It is a powerful tool, but requires considerable engineering expertise and understanding of mail system operations.

The return on investment with this product is good, and we have had success with it over the years. The challenge lies in maintaining it and keeping it streamlined without accumulating too many rules that become difficult to clean up. It can be complex to untangle some of the rule sets.

The pricing for Cisco Secure Email Threat Defense is relatively high. For an organization that already has the legacy system, it makes sense to continue hosting it. However, new organizations might not choose Cisco and instead opt for Microsoft 365 with supplementary tools.

The main difference between Cisco Secure Email Threat Defense and Proofpoint is that Proofpoint is more of a turnkey solution where reliance on third parties to augment the environment isn't necessary. If Cisco had developed Cisco Secure Email Threat Defense now, it might have been different, but it appears to have security items grafted on top rather than being natively built with security and business email compromise in mind.

I have experience with vendors such as Cisco, and briefly with Fortinet from 15 years ago. I work in financial services, specifically in healthcare enterprise finance.

We currently use IronPort, which is a legacy device we monitor for email management, along with 4400 routers. We utilize the advanced malware protection, which is effective for attachments though we use additional tools to augment email analysis.

The integration with threat intelligence feeds has enhanced our organization's ability to analyze emails using additional security tools, adding value beyond standard Microsoft 365 email protection.

The flexibility of Cisco Secure Email Threat Defense is substantial, though we desire more control over backend elements such as spoof, DMARC, or DKIM. The solution has a level of complexity that requires daily interaction for full understanding and leverage.

On a scale of 1-10, this solution rates a 7.

We are working with Cloud Mail Gateway and on-premise mail gateways. We have worked with Cisco Secure Email Threat Defense.

The advanced threat analytics and URL filtering in threat detection are good features that are working well.

For email security, the centralized management console is mainly used for reporting, message tracking, and checking message tracking. They can view situations such as bulk mail or high mail rates and analyze the top sender and top destination. Most of the time, they check message tracking to understand what is happening in messages, especially in situations involving high mail queue rates and bulk mail situations.

For automated incident response, when there is a high mail queue rate or in situations where a ticket needs to be opened automatically, it is beneficial because it takes time to get notification when the mail queue is high. Without checking, we cannot determine this. The automation part is very important and effective.

I confirm that when there is a high mail queue rate or in other situations, the automated incident response will open a ticket automatically.

We have deployed Cisco Secure Email Threat Defense in two customer environments. It is still in development as a new product. Some customer requirements, such as sending logs to a Syslog server, are limited as ETD only supports sending audit logs. Customers have requirements for other system logs as well, which should be developed from their side.

Another customer request is to restrict the IPs that can log in, which cannot be done from Cisco Secure Email Threat Defense yet. Any user with login details can log in. We can restrict the IPs in Cloud Mail Gateways, but not from Cisco Secure Email Threat Defense. It would be beneficial to improve this feature.

Cisco Secure Email Threat Defense can take actions, such as requesting O365 to quarantine mail. In that case, the customer requires notification to the recipient from Cisco Secure Email Threat Defense. This option would be valuable if available.

The real-time threat intelligence of Cisco Secure Email Threat Defense is an AI-based classification. It took one to two months to optimize the classification, but we still experience some false positives. Reducing the learning period would be beneficial.

The learning curve shows that in the beginning, there are numerous false positives. For one month, we had to reclassify the false positives manually until the system learned. Reducing the learning time would be much better.

Additional features desired in the next release include IP restrictions and user logging IP restrictions, ensuring only the customer environment can log in to Cisco Secure Email Threat Defense. Logs forwarding needs improvement as currently it only has audit logs. In Cloud Mail Gateway, we can create an IPsec tunnel to forward logs. However, in Cisco Secure Email Threat Defense, there is no option, and we must do API integration to send logs. Only SIM can get logs; Syslog cannot retrieve them.

The implementation of Cisco Secure Email Threat Defense is confirmed to be easy to set up. To implement it in the customer's environment, it takes less than one hour after receiving the welcome mail. Initially, we implement it in read-only mode. After a few months, we enable read-write mode, which also takes about one hour. The implementation process did not require much time.

The technical support provided by Cisco is great. I would rate their technical support eight out of ten.

Positive

Comparatively with other products, the pricing of Cisco Secure Email Threat Defense is normal. As a technical guide, I am not very aware of the pricing details.

I do not know of any other competitors with these features of Cisco Secure Email Threat Defense.

I recommend Cisco Secure Email Threat Defense for both bigger and smaller companies, although I think it should develop more as it is still in development. Cisco Email Gateway is a very good product compared to others. The overall rating for this solution is 8 out of 10.

I use Cisco Secure Email Threat Defense as a customer. I can explain that I'm using Cisco Secure Email Threat Defense for advanced email threats, such as business email compromise and phishing attacks. The solution also handles clawback functionality.

The best features in Cisco Secure Email Threat Defense include the clawback feature, which works effectively, and it allows for an in-depth level of investigation on this product.

When utilizing the advanced malware protection feature, it is effective, though I cannot remember whether it's on the cloud email security or the Cisco Secure Email Threat Defense. It has capabilities of detecting malicious emails based on attachments, and it provides reports when it detects malicious email with malware.

The analytics and reporting capability of Cisco Secure Email Threat Defense is not particularly useful. In terms of analytics and reporting, it still needs to catch up with competitors as it's very basic and does not allow for granular reports.

From using Cisco Secure Email Threat Defense, I have seen benefits such as being able to inspect east-west emails within Exchange and identify spam emails and advanced phishing emails.

The integration capability with other threat intelligence platforms is not optimal, as I have experienced difficulty in sending logs to our SIEM.

Cisco Secure Email Threat Defense's flexibility could be enhanced while it mostly integrates with cloud solutions, but not on-premise.

The behavioral analysis capability of Cisco Secure Email Threat Defense is not particularly helpful for identifying new, evolving threats within my company, as it keeps flagging legitimate emails as malicious.

Regarding room for improvement, the significant number of false positives should be addressed. The solution does not adapt to behavioral analytics and does not make changes when it sees a pattern.

I have been working with Cisco Secure Email Threat Defense for about two years now.

Regarding stability, Cisco Secure Email Threat Defense is very stable.

In terms of scalability, Cisco Secure Email Threat Defense is scalable as it's a SaaS solution, and Cisco does a good job at the back end to scale it.

I am happy with the technical support for Cisco Secure Email Threat Defense, which I rate as a nine.

Positive

I have worked with some other email protection tools apart from Cisco, but we were just testing them.

The initial setup of Cisco Secure Email Threat Defense is very straightforward.

Cisco Secure Email Threat Defense is part of our package, so I'm not privy to that pricing information.

The solution does provide value for money and can save resources, with an ROI of about 65%.

For comparison, looking at Cisco Secure Email Threat Defense as an email security solution, the competitor would be something such as Darktrace, which has better reporting capabilities and behavioral analytics.

I do not work with Mimecast. I have not worked with Mimecast in the past and do not have any experience with it.

Currently, I work with Imperva and Cloudflare for WAF, and we use Imperva, but I mostly administer Imperva cloud WAF and on-premise. We also use Cisco for email security.

The solution is called Cisco Email Security Appliance, and we have their cloud ESA and the on-premise as. We also have Cisco Secure Email Threat Defense product.

On a scale of 1-10, I rate this solution a 7.

I use the email gateway as the core of the email exchange between the Internet and our domain. The email gateway serves as the email exchanger.

The product offers protection, email security, anti-spam, and antivirus. It includes threat intelligence with advanced malware protection and many features that rely on Cisco and Talos threat intelligence. Every email is analyzed, not only for content, however, also for context, including URLs, DMARC, and other security checks.

The physical appliance has been discontinued, although the platform still exists. Improvements here and there could be beneficial, however, there aren't too many needed. Some potential improvements could be customization and enhancements to cloud features. 

Other suggestions include a makeover of controls to make it more modern.

Threat has been mentioned as something to watch for, and the product is decades old.

The solution is highly scalable. It is secure and is based on the principle of SMTP. Even if you have multiple servers, the scalability is consistent since each entity is isolated.

I would rate their support around eight out of ten. I have never had issues with them and there is always space for improvement.

Positive

The initial setup fundamentally depends on the complexity of your deployment. If the person deploying understands both the target infrastructure and the domain role, it is pretty straightforward.

Cisco's closest competition is Proofpoint. Both are in the same range in terms of pricing. Pricing is on the higher side. That said, you get what you pay for.

Proofpoint is the closest and most serious competitor, along with others like Barracuda.

On a scale of one to ten, I would rate Cisco Secure Email with an eight. 

I highly recommend it as one of the best choices. There are emerging solutions, but for generic SMTP gateways for secure emailing, Cisco Secure Email, alongside Proofpoint, is the best.

We use the solution for email security.

It is a very robust and reliable product. Based on the capacity you choose, it can handle a tremendous volume from a security perspective. Additionally, it consistently provides high protection against malware, viruses, and other online threats.

We predominantly used the file analysis service in addition to the standard services. The standard service is common among all vendors or OEMs. However, we found that the file analysis services from Cisco were exceptionally excellent.

Cisco is a multi-product, diverse organization. Before it was acquired by Cisco, the company that developed Email Threat Defense focused on building purpose-built devices. After the acquisition, Cisco's multiple product lines and verticals made this just one of their many verticals, and we could see a shift in focus.

I have been using Cisco Secure Email Threat Defense since 2008.

The solution is stable.

It is scalable. 300 users are using this solution.

The pre-Cisco support response was much faster.

Neutral

My team deployed it during multiple tech refresher upgrades. Thanks to these devices, the migration was seamless. We could easily migrate from one version to another or from one hardware platform to another without external help.

The availability impacts the security of our Secure Email system. These systems are implemented to ensure uninterrupted security services for all email communications. If these features become unavailable, the customer or user is at risk. Also, Maintenance is easy.

The Cisco solution generally has the upper hand compared to Microsoft's solution, though Microsoft's solution is still evolving in terms of threat analytics or detection capabilities.

It is a crucial security product, given that emails are critical for any organization today. The sensitivity with which they handle tickets or issues related to these email security devices should be a top priority. They cannot consider it something basic that can managed or resolved at their own pace.

Overall, I rate the solution a seven out of ten.

We use the solution for email security. We used cloud ESA and Microsoft Office 365 for email filtering, especially for spam.

One good thing is that you don't have to train people because people are already aware of Cisco, unlike the other new vendors. So it's very easy for them to work with Cisco in terms of administration. Cisco has been very much into security for a long time, and its Talos platform is pretty strong.

Cisco has a threat mechanism called cloud-based Talos, where all the threats are inbuilt. Cisco has a very powerful engine, and that's the most valuable thing you can have from Cisco in terms of security.

From a technical point of view, Cisco is far behind in terms of cybersecurity, and it has to improve very much.

We have been a gold partner with Cisco for a very long time, and I have used the solution within the last twelve months.

I haven't received any complaints yet after installing the solution. It depends on the use cases, how customers' requirements keep changing, and how the product meets the requirement.

The solution’s customer support has always been good.

The solution's initial setup is not complex. Since most engineers in the earlier days were trained on Cisco, it's pretty much manageable.

The deployment differs from client to client as the deployment architecture is either on-premises, on-cloud, or a hybrid concept. If you push it on the cloud, you'll have it on AWS. You map the whole connection to your on-premises point DPTR to the Cisco ESA, then it is mapped to your Office 365. It depends on the requirement.

Any cloud deployment will take three working days if you have the exact information. Then you can test it and fine-tune it.

Cisco has the best technical university online.

The solution’s pricing is manageable.

Unlike other email security solutions like Mimecast, Forcepoint, or Trend Micro, Cisco will only scan for email security, whether on-premise or Office 365. Cisco does not scan all the Office 365 suites, including OneDrive, email, and Microsoft Teams, while other vendors like Trend Micro offer an all-in-one solution.

Gartner doesn't bring Cisco into the category of Forcepoint and Mimecast. Mimecast and Forcepoint are better products than Cisco Secure Email Threat Defense. I push Cisco email security because we are Cisco partners, but we will oblige if a client prefers something else.

Overall, I rate the solution a four or five out of ten.

We are using the solution as a secure mailbox. We do provide this solution to customers. The main use case is for email protection.

The product offers very good documentation and guides.

It's very easy to deploy and configure.

Their intelligence is pretty competitive when compared to other email security vendors. Cisco has a strong reputation.

The solution has been stable. 

We find the product to be scalable. 

The solution is a bit expensive. It could be cheaper. 

I've used the solution for about five years.

The stability is very good. It's reliable and offers nice performance. It does not crash or freeze. There are no bugs or glitches. 

It scales quite well.

We have more than 100 people on the solution right now.

Technical support is helpful and responsive. We have no complaints about their level of service.

Positive

The solution deploys very easily. It's also simple to configure. The process is not overly complex or difficult. The deployment itself takes, at a maximum, half an hour. It's quite fast. You just have to point it toward your email office. 

The license is pretty clear and understandable. It's based on the user base and the subscription base. It could be a bit cheaper. 

Currently, the ease of deployment is the low-hanging fruit for Cisco email security. It's good to deploy and then easy to use, and the GUI is understandable. Simply having email knowledge is more than enough to plug and play into this particular product.

I'd rate it ten out of ten.

You need to have email security on your entry point. It helps us to avoid all the spam mails and getting your domain blacklisted, et cetera. In the initial stages, the security solution provided by Microsoft was not strong enough or not mature enough. So we had this in place and were able to see if mail received on the domain is spam mail or not. If there is malware within an attachment, it goes for analysis and is sandboxed, and sends back the attachment once it is cleared.

The features and functionalities are much better than Microsoft's in-built Defender plan.

The sandboxing and file analysis as well as the malware protection are great. People send either through attachments or Excel or PDF or a Java script embedded in something. This product has helped us to protect our organization from any malware attack in the past.

It is a mature solution that provides good security.

The solution is simple to set up.

I haven't found any weak points just yet.

The pricing could always be better.

We started using the solution for the past year.

The solution is stable and reliable. There are no bugs or glitches. 

It's scalable. It's all on cloud, and therefore, you have the potential to scale up.

We have about 3% of the company on the solution.

We only dealt with support one or two times during implementation. We didn't have to contact them after it was set up. 

Positive

Prior to Cisco, we used Ironport.

The setup was very simple and straightforward.

It is not difficult to maintain.

We engaged with a system integrator for the initial setup.

We'd like the pricing to be lowered. However, I can't speak to the exact cost of the license. 

I haven't evaluated any other tools. It's my understanding that Symantec also had a product for email security and now Microsoft has its own email security built in for 365. I haven't evaluated their products. Compared to Microsoft's current status or stage of evolution in the email security space, Cisco is much advanced in building in the industry for quite a long time. 

Maybe when my Cisco is due for renewal, after two years, I may compare at that time what the maturity level is of both products. For example, if Microsoft is mature enough to handle the current risks that are in place, then we may think of leaving Cisco and taking everything on the Microsoft system.

We have done the configuration and our configuration and policy setting and everything. At the time of our implementation, there was work to do. However, once you implement there is not much to do apart from some whitelisting or blacklisting which you need to do on case to case basis. That's all.

Once people started working more from home, we had to consider that and started moving to the cloud. 

Earlier I used to take the mail to my premises, process it, and send it back to the O365 cloud. That was actually an app loop and that just took up some of my bandwidth. However, when the time came for the renewal, I moved it to the cloud so that the entire traffic could flow outside my network to the O365 for instance.

We are on the latest version of the solution. 

I'd rate the solution eight out of ten.

I'd recommend the solution to those who are looking for separate or dedicated email security. If they're non-Office or Office 365 users, I'd recommend it for sure. And if they are Office 365 users, they should compare both Cisco and Microsoft email security to see which would be best.

Cisco Secure Email Cloud Mailbox can handle a complete portfolio, which is required to protect any kind of attack coming from emails. However, it does not have advanced phishing, but it is available through Cisco. If you compare Cisco Secure Email Cloud Mailbox with the competition, in the competition you have to have one or two solutions together to address the customer's requirement, whereas Cisco Secure Email Cloud Mailbox is addressing everything, such as web domain and email protection. If there is any kind of challenge it will come across through email.

Cisco Secure Email Cloud Mailbox can improve by adding advanced phishing, then the solution would become the best in the market. However, this could increase the price even more. Additionally, if CES with domain protection could be added it would be an even better solution.

I have used Cisco Secure Email Cloud Mailbox for two years.

I have Cisco Secure Email Cloud Mailbox to be stable.

The scalability of the Cisco Secure Email Cloud Mailbox is good.

The support from Cisco Secure Email Cloud Mailbox is excellent. Regardless of the solution that Cisco carries, the advanced sales and support they provide their partners are beneficial. All mechanisms are put together, they have excellent support and infrastructure.

I have used other solutions, such as Trend Micro.

For the initial setup, it's a matter of adaptability. If the adoption is taken at the early stage, then the implementation becomes smoother. The more the setup is larger and when introducing any new team, you will have challenges.

Cisco Secure Email Cloud Mailbox does not have any competition with Sophos, Trend Micro, or other vendors of the world. However, there is a pricing premium for the solution. One has to look at it from that angle that while they are buying Cisco, there will be a premium, and Cisco justifies that premium value. That's why they're charging a high price. 

The cost comes from their support and the feature set of the complete portfolio. If somebody is only buying Cloud Email Security from Cisco, and they have many other solutions, which are non-Cisco, he may not see the value, but fully Cisco-based customers, are more than willing to have more solutions from Cisco.

When comparing Cisco Secure Email Cloud Mailbox to other solutions they are the leading in the market for a particular point. When it comes to an enterprise-level solution, CES with APP and domain protection becomes a very strong proposition.

The market is going towards clientless and agentless requirements. 

Microsoft has its own email security solutions, but there are a lot of reasons for customers to look at cloud email security vendors. However, most people, don't even explore other options. They have their own perception that one must be a costlier solution than the other. They're giving three or four additional features, which they might think are not required, but when it comes to a discussion, then one would realize that all these are required over a period of time. With the kind of variety of attacks that happen these days, your solution has to have a wider range of features for protection.

I rate Cisco Secure Email Cloud Mailbox a nine out of ten.

I am a solution provider. When it comes to email security, the main threat factor today is email. So we follow the rule of thumb that any and all customer emails must be malware-free. That is how we intend to approach it.

I would say it's very comprehensive, with multiple antivirus OEMs, virus encrypt features, encryption, and more.

In terms of email security, I believe Trend Micro is similar to this solution to some extent it is closest, otherwise, it has no competition.

The distributors provide an annual billing option, but we do not have a monthly billing option. Customers will benefit greatly from monthly billing because the majority of customers today use the cloud, be it Office 365, or Google Cloud. Monthly billing will be extremely beneficial.

Maybe the end DLP can be a bit more granular in email security. DLP is already present, but it could be more in-depth.

I have been selling Cisco Secure Email Cloud Mailbox for the last eight years.

It's a hybrid solution, but most are moving toward on-premises or the cloud.

We have not had any issue with the stability of the Cisco Secure Email Cloud Mailbox.

It is a scalable solution. It is easy to scale. 

They increase the number of users we can use by 20% for the duration of the year. And the coming year they will bill for the 20 percent, and you can increase the number of users.

We don't find any issues that need security technical support. Once you implement, we are well versed in implementation and have the technical results. There is no further support required once it is implemented and the pointer is pointed towards the mailboxes. With so many data centers in India and Singapore, support is never an issue.

We sell Fortinet as well as Cisco.

We haven't sold a lot of FortiMail. We've sold a lot of Fortinet firewalls, but not a lot of FortiMail. We have also sold a few FortiWeb web application firewalls.

It is dependent on a specific customer segment and a specific vendor. Fortinet, we take it to a lot of small and medium-sized customers.

The initial setup is easy, it is not at all complex.

The feedback from vendors and customer is that it is expensive. 

It's expensive, but if customers want the best product they will have to pay for the best product.

I would rate Cisco Secure Email Cloud Mailbox an eight out of ten.