Cisco Secure Email Reviews

We use Cisco Secure Email for email security.

The product stands out compared to other vendors in simplicity and ease of use. It is competitive and should be considered a user-friendly option. Its integration capability is good as well.

It would be beneficial to have additional DLP functionality, particularly in the email DLP aspect. It could be included in the next release of the product.

I've been using Cisco Secure Email for ten years. Currently, I'm using the latest version.

The stability of the product is a ten on ten.

Scalability-wise, I rate the product a nine out of ten.

I've had a good experience with Cisco's customer service and support team. They respond immediately.

We have worked with Barracuda Email Security and Trend Micro Email Security.

We have deployed Cisco Secure Email both on-premises and in the cloud. One can use it as a private cloud solution or a virtual appliance in a cloud environment. The implementation and configuration process, including the dashboard, was user-friendly and straightforward. Along with it, the on-premises deployment was easy. It took less than an hour to complete.

It is a reasonably priced solution. I rate its pricing as a seven out of ten.

Cisco Secure Email is easy-to-use. I highly recommend it and rate it an eight out of ten.

The product is used for email security. We have around forty boxes of Cisco and cater to around four million users.

The strong point of the solution is that we hardly get any spam emails because of Cisco Secure Email. It has been a long time since I saw a spam email in my inbox.

Scalability has certain shortcomings and needs to be improved because there are service providers who provide better scalability.

Our company constantly checks out what the solution needs to improve. We need to be updated with what is available in the market and which application performs better.

The solution's UI needs little tweaking because most customers find it to be a very detailed and technically designed UI. If a person does not know email security or how Cisco devices work, he cannot manage it.

Other solutions are user-friendly. Even if the admin has a basic knowledge of managing the services, he can use them.

Cisco Secure Email needs to work on the security part, but it also needs to work on UI since it makes part of the entire solution.

I have been using Cisco Secure Email since 2010. My company is an email security service provider. I am using the solution's latest version.

The product is stable.

I rate the solution's stability an eight out of ten.

We have four million users using the solution. In India, we are a premium service provider of Cisco Secure Email catering to many institutions.

I rate the solution's scalability a six out of ten.

Cisco's technical support is good. I rate the technical support an eight and a half out of ten.

Positive

We have used Sophos and Mimecast before in our company.

The initial setup is very straightforward, but a new person needs to be trained to use this solution.

The solution has very good pricing.

I rate the pricing a ten out of ten on a scale where one means it is less cost-effective, and ten means it is the most cost-effective solution.

I recommend Cisco Secure Email to those planning to use it.

Around 40 administrators are required for maintenance.

Overall, I rate the solution a seven out of ten.

I work at S21sec, which is a partner of Cisco in Portugal. We do integration of different Cisco solutions for our customers. Nowadays, we mostly do integration of Cisco cloud solutions for customers.

Cisco Secure Email is the solution that we deploy for customers in Portugal mostly as a backup of an existing solution such as Office 365 because it guarantees that the customer never falls out of options if the main product has some problem. If they rely on having an email solution that cannot fail, that's an excellent option for them to have in place. It's the oldest solution that we deploy for customers in Portugal. It has a very nice history and very good quality. It's perceived by our customers as an email solution that functions all the time.

One benefit is the resilience of the solution when implemented in conjunction with other solutions, and the other one is the new features that Cisco is adding to the solution itself, such as awareness of advanced phishing threats. The environment that Cisco is building around this primary product in its catalog is helpful.

We offer almost all of the Cisco Security solutions, but recently, we've been working more with cloud solutions. It's easier for customers to adopt them. We also continue to deploy some of the firewall solutions with the physical devices and also email protection solutions either with the VM solutions or with the physical appliances. We've been seeing evermore integration of the products based on the browsing console, which is very nice for customers because they only need to have a browser to access all the different consoles of different products. They can be consolidated with SecureX. It's an advantage for the customer to be able to handle all the different consoles for different integrations that the customer has in one place.

Cisco Talos is a very nice complementary solution to the email protection suite. It gives you the threat intel regarding the latest news and infections that can be problematic for the customers. They become aware of what's happening and any latest vulnerabilities they may have on-prem.

The advanced phishing protection and the integration with the awareness tool that Cisco has embedded into the solution to bring awareness to the customers about the dangers of phishing attacks and other things that come from email are the most valuable features.

Cisco has already improved this solution with some add-ons to the basic product. Cisco is already providing a very good environment with the IronPort solution, but there could be some more integration with other products. For instance, an integration with the EDR solution could be there to raise an alert.

We've been a partner of Cisco for more than 10 years, and we've mostly done integration of solutions. 

We usually give the first line of support to the customer, and then only, we go to the Cisco support. We have a very strong Cisco security team in Portugal, so whenever we need any support, we use those resources. I don't remember a time when I had to open a ticket because the local team has been very good.

Positive

Cisco Secure Email hasn't helped clients consolidate any applications. In Portugal, there's no business for that because what you usually do is implement several solutions that are regarded as the better solutions in terms of the market. In some cases, it could be Cisco, and in other cases, it could be another player. At S21sec, we try to give a better solution to customers and adapt and customize it to the specific needs of our customers.

The main difference between Cisco Secure Email and other solutions is the reliability and the capability to offline the email if there are some problems on the customer side. We can also overcome problems that may arise in terms of the local telecommunication operators that handle the communication. If there's a failure there, we can overcome those problems with the relays from the Cisco solution.

The deployment model varies a little bit. In Portugal, some sectors still rely on on-prem solutions, but we are trying to build awareness that the new solutions relying on the cloud are better for the customers because they don't have to worry about getting new patches and new security updates and patching the infrastructure. They only need to rely on having a service that is provided by Cisco for having the best security. They don't have to worry about the maintenance of the platform itself. The cloud provider that our clients use varies. We work a lot with the banks and financial organizations in Portugal. They are historical customers that don't want to go for public cloud solutions. They still rely on on-prem solutions. They have evolved to having virtualized solutions instead of appliance solutions, but they still rely on having mostly private cloud solutions. They use local providers. We are seeing a shift to global providers but not with all of them.

It's a very modular solution. We have some customers who have deployments all over the world. We clusterize the solutions in each of those locations, and then they connect them with the global management solution. We can manage all the operations of the different clusters spread around the world from one site. It's a very good solution in terms of redundancy even in different geographies.

It's a very easy solution. You can go for a very customizable environment, but usually, for the day-to-day needs of most customers, it's very easy to deploy. You can just customize the options to make it more secure for a customer's environment.

It's adapted to the market. It's similar to other vendors. We at least don't have many problems regarding that because Cisco is adaptable on that side. When we present the solutions to the customers, we tend to achieve the goals that the customer has in terms of the budget for such implementations.

We offer the best solution for what customers intend to do and the type of problems that their business may have. When a solution is adaptable and customizable to the customer environment, customers tend to go ahead with it. Even if it requires more investment, we find a way of getting it to the budget and getting a good return on investment.

To those evaluating this solution, I'd recommend trying the product. Cloud solutions are very easy to use, and you can do a PoC. In a matter of hours or a day, you can deploy the solution and use it fully.

We are Cisco partners. Cisco has a very nice solution and a very good security team in Portugal, but obviously, they can't cater to all the customers. An integrator does that part. With the relationship that we have with the customers, we can apply and customize the solutions that Cisco has in its portfolio according to the environment and specific needs of each customer.

Our partnership with Cisco is pretty close to a 10 out of 10 because we are getting different kinds of solutions. We at S21sec handle just security. We don't do storage, and we don't do servers. We are very focused on security, and the partnership that we have with Cisco is ever-growing because nowadays, for instance, OT solutions are also a very huge concern for us, and what we have seen with Cisco solutions that are being brought to the market is that they also started to handle the new security issues that we find in other sectors. They are not only into IT. They are also going into the OT and the IoT world. They are able to customize and bring new solutions, even some developed insights, by buying other companies and adapting them to the Cisco reality. They are able to devise a product that handles the needs of different kinds of customers in different areas of the business, not just the IT world but also the industrial world.

I would rate Cisco Secure Email a nine out of ten. It's growing up to be much more than just an email protection tool. It's going for the awareness of the customers, and that's a good complementary solution that addresses other problems that come from using email nowadays.

It is like a gateway for email. They receive all your email traffic. They send over your email traffic, and it is the first incoming point and the last outgoing point. They deliver the traffic to the destination. Whatever it is, you want to be informed of what is happening. Depending on the site's deployment, if you have a single device, then you have all the information on the device. And if you have several devices, you have all the information on every single device for each device. However, for consolidation, you need another device called Security Management Appliance (SMA).

It has no real interaction with other stuff. It does not interact with a gateway beyond the networking level. You have a router and that router provides IP addresses for a switch, etc. You don't have to integrate Cisco Secure Email with something specific since it is standalone and only requires basic essential networking. You can integrate it with a firewall, like ASA, but that firewall has to allow traffic. To do that, you would open port 25.

It is available to be deployed as on-premises, on the cloud, and hybrid cloud.

The solution is valuable if you are looking for a security email gateway that provides you with the most services possible. It has anything that you may be looking for in an email deployment, except for the endpoint which should be supported by something else, like Exchange. It doesn't have mailboxes because it is a gateway.

There are some methods to authenticate email, i.e., putting a stamp or seal of trust on an email, where one method is DKIM and another is SPF.

• For SPF in the DNS, where you have records that list the different devices or IP addresses that can send email from a specific domain, a security device can consult that DNS and check if the mail coming from that domain is coming from an authorized source.
• DKIM is a cryptographic signature of an email. It is usually what you announce is the public key of that system's PKI and verify the signature in the headers. You have a checksum of all the contents so it is possible to define or identify whether the message has been tampered with in route.

They are mutually exclusive in a way, so DMARC consolidates both. It provides alignment with the IP address, domain name, etc., and has to match at least one, being properly aligned. It has become something very important for compliance.

When you are receiving, you use all this information to decide whether an email is legitimate. Or, if you also need to deploy your DKIM, DMARC, and SPF infrastructure, that lets the rest of the world know where you are sending email from and how you are authenticating your email.

It can honor all SPF, DKIM, and DMARC rule sets and apply rules based on the results of these tests as well as sign the DKIM. Therefore, your email can comply with whatever you are announcing on your DNS for the rest of the world to know that you know about the signed domains. It has perfect, robust integration on that. 

The most valuable feature is reputation filtering. In the beginning, it was based on just the IP source. but it has now evolved to domain reputation. It allows you to classify different IP sources and different sender groups, where you can reject to throttle to whitelist from any IP sources, domains, etc. Based on the reputation gathering, the reputation is powered by Talos security. It is a super powerful feature. That alone gets rid of more than 50% of the crap from the traffic flow, before even hitting the anti-spam or antivirus.

If you have some knowledge about email, it is a pretty simple solution that has many controls on different levels, from the gateway part to accepting messages from certain sources to stringent filtering. It is state of the art with anti-spam, antivirus, and different threat prevention features. 

SecureX is powered by Talos, Sourcefire, etc. Today, it is the largest, richest threat intelligence on the market. SecureX is quite standalone in regards to integration since you put it into the network, whether it is on your own cloud or a third-party cloud.

If you go to the filtering level, you can have very accurate features or filters since it is programmatic. At a certain point, you can define sets of rules, such as where the email is coming from, whether it has this content, or to apply this policy. For example, if it has the same considerations, but the content is different, apply this another policy. It is super flexible and very customizable to your needs. It is not difficult to use.

It provides information, reporting, logging, and tracking. It has powerful tracking, so you can know exactly and accurately where an email came from, for which specific device, etc. It shows the emails which were:

• Dropped
• Rejected
• Quarantined
• Accepted by which policies.

It also shows the rule sets applied for that email and considers

• The source
• The Offender
• Anything else that you may consider in an email.

It has an intuitive, clear graphical interface where you can deploy your policies and understand the overall flow. There are a lot of things that you cannot handle on the graphic interface, like message filters. For this, you need to go to a lower level where you have more power, like command line interface. So, this solution has the best of both worlds. There are not a lot of bells and whistles. It is more practical with access to most features that you can configure. 

You can consolidate on SMA if you want to spam or threats quarantined for multiple devices. It is not advisable for a single device, because if it fails, you are left without any email.

I would like to see a few changes to the UX. 

There is space for improvement with data loss prevention, particularly with third-parties integration. Data loss prevention is quite important, though most customers have some third-party or other elements in their network doing data loss prevention, specifically for email. However, if it could be possible to integrate with other solutions, not only on the email flow, but on analysis for a connector or something like that, then that would be ideal.

The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear.

I have been using it since 2004.

It does not add anything to the potential downtime for a corporation, unless everything fails. If all your email exchanges fail, then you don't have email, but this solution does not affect the performance of your whole network. 

At the minimum, you need two devices. If you have two devices and one fails, then the other one can handle the work, though you might have some email delays.

You should keep track of what is going on. It does need some daily administration, fixes, and policy changes.

In general, their technical support is really good. There are a few who are still learning, e.g., not providing enough help, but there is always the option to escalate.

It was the IronPort before Cisco acquired it in 2007. It is the same appliance and software. This solution has been upgraded by several versions, but it is basically the same, they just changed the name. 

I have done the architecture for a company in China.

It is a super big router that costs a few hundred thousand dollars.

These days, the first tiers of this market have good enough anti-spam, antivirus, etc. These have become routine. There are some other not-so-good solutions, like Barracuda and Fortinet, but it depends on how much you are willing to pay as this solution is not cheap.

The best other solution is Proofpoint. They have been long-time competitors who have also been evolving. The big difference is it is more fancy because it has more bells and whistles. The solution is good as well. However, they are super expensive, not cheap.

If you want a multi-tiered deployment, you could perhaps have Secure Email on the cloud and Proofpoint on-premises. Then, you have the two best solutions in the market working together. I have customers who have done this and are satisfied. Very few solutions can compete with Secure Email and Proofpoint outside of the price. If your budget is a problem, then you have a problem.

Along with Proofpoint, this is the best solution in terms of preventing spam, malware, and ransomware.

Check Point has fancy graphics and an interface where you can do a lot. The Cisco Secure gateway has both, though not as fancy as Check Point, but a big majority of the tasks can be done on the graphical interface level.

It is not so difficult to us, but neither is it easy, particularly if you don't have some knowledge about email.

Whatever you are looking for with an email security appliance or device, you mostly have it, though nobody is perfect.

The solution’s ability to prevent phishing and business-email compromise is fairly good. DKIM, DMARC, and SPF integration are the best way to prevent phishing, spoofing, etc. However, they still have room to work in this area.

It is our email gateway. We have the Exchange Servers, but the Exchange Servers don't relay directly with the internet. We have ESA in-between, and every incoming and outgoing email must pass through ESA before it gets to the internet.

We are using Email Security Appliance C690, and we have three of them in a cluster. They are on-premise. We have decided not to go to the cloud. It is primarily because most of our clients are government agencies and the government, and they have this suspicion about the cloud. So, right now, we are still on-premise. 

Currently, we are on version 13.8. There is a newer version, but we are yet to migrate to that version.

We use ESA with Security Management Appliance (SMA). We have SMA M690. The integration of ESA and SMA makes the whole work easier. SMA is the central content appliance, and we have three ESAs. The SMA is able to collaborate with the clustered ESAs for log management and other things. It gives some stability in terms of what is happening. ESA keeps a lot of logs, so SMA is able to move through ESA and get those logs out. This integration has really helped us to drive our operation in the email platform.

It does a lot in terms of preventing phishing and business email compromise with DP and Advanced Phishing Protection. DMARC gives visibility for preventing spoofing and social engineering attacks. ESA has been able to help and protect us from those attacks. It is doing a lot of work. Gartner has always rated Cisco's ESA appliance as one of the major players.

It is doing a lot to prevent spam, malware, and ransomware. Everything is also tied to how you have configured it. Some of the spam emails don't get to the customers. We can quarantine a spam email, which gives us the visibility to look at it and see if it is actually spam or not. It is doing its work. It is. There are no false positives. It is working perfectly.

Email service is one of the services that we offer at Galaxy. ESA has improved our business. Our customers want to maintain their business with us for email security. We have over 500 domains on our email platform. It has improved our profitability in everything.

They have a lot of features such as Advanced Malware Protection, Email Protection, Advanced Phishing Protection, Antispam, Antivirus, and Outbreak Filters. They are very important.

It is doing its work. It is doing what it was actually designed to do. It has ensured we don't have business email compromises, and it has also ensured that our brand Galaxy is unique all year round. 

The area of license renewal should be improved. We normally renew our license every year. There is a feature called smart licensing, and I switched from the legacy mode to the smart licensing mode because of what I thought smart licensing does. I thought it would make licensing renewal seamless and very swift, but ever since I've switched to smart licensing, each time I want to renew my license, it is a whole lot of headache. The process is not smooth, and I had to keep calling Cisco TAC to see how the issue can be resolved. At one point, I wanted to revert back to the legacy mode, but I can't revert. Once you switch from the legacy mode to the smart licensing mode, you can't revert. They should improve on the visibility of the smart licensing mode so that it can indeed be smart and easier to use for the license renewal every year. That is one challenge.

Another challenge is that there is no way for me to know my level of utilization. For example, if I have a subscription of 2,000, there should be a way for me to know my level of utilization. Currently, I don't know my level of utilization. So, if my license is renewed on 20,000 subscribers and I'm using less than 20,000, I wouldn't know. It doesn't improve my ROI. If I'm using less than the subscription I've applied for, there should be a way the system should tell me, rather than me going to find out manually. When I go to the smart licensing profile, I should be able to see my utilization. I should be able to see that I've subscribed for 20,000 but I'm only using 12,000. This means that if I'm going to renew, I should reduce my licensing mode from 20,000 to maybe 15,000. This kind of information should be given to the customers, but right now, we don't have that.

I've been using this solution since 2017. My organization has been using it before that. It has always been in use as our email security gateway.

It is very stable. They have AsyncOS, which is the OS that runs on the appliance. They've released different versions. There is a general version, a limited version, etc. They keep coming with more services just to improve the platform. 

We never experienced downtime. We have ESAs, and they are in a cluster. If one ESA fails, there is no downtime. The remaining two can handles email communication and relay. We have high availability and redundancy. So, we don't experience any downtime.

We do ESA health checks with OEM during which they connect with us virtually. They connect to the device and then check if all security features are still well configured and if there is any other way to improve. Doing this quarterly has really helped to make sure that the appliances are up to date.

It is scalable.

They are very good. I would rate them a nine out of 10. If possible, I would rate them a 10, but I just want to be a little bit reserved. 

They've really been very knowledgeable and very patient, and they've always ensured that for any issue, any ticket, or any case that is opened with them, they are prompt. They are quick to ensure that they resolve an issue as soon as possible.

It has always been ESA from the onset.

I wasn't part of the team from the beginning to the end. I came when they were almost done. It was complex but also very interesting. It took two weeks or so if I'm not mistaken.

For the setup, you need to look at the low-level design and the architecture, and then you look at the network interfaces, listeners, routes, default routes, etc. If there is a way they can come up with step-by-step information about configuring it, that would really be nice. The guide right now is too cumbersome and bulky. If there is more straight-to-the-point and procedural information, it would be better. 

Cisco service engineers were the ones in charge. 

We have seen an ROI.

At times, we feel the pricing is a bit too high, but then, there is also room for discounts. We enjoy a lot of discounts, and that is why we are still with them. There are no costs in addition to the standard licensing fees.

We have evaluated other solutions, such as FortiMail from Fortinet, but we stuck with Cisco ESA. ESA's pricing and licensing were what led to us trying to see how we can bring it all together.

It is stable and credible. I would always tell someone else to try it out. Of course, before you try it out, you can look at what Gartner is saying. Gartner has always placed the Cisco Email Security Appliance up there along with Mimecast and other top players. 

It is well-secured. Security is everyone's concern, so I will always tell people to go for it. It is very secure. Its pricing has been a little bit high, but you can always ask for a discount from your account managers, country manager, or whoever is in charge in your region.

I would rate this solution an eight out of 10.

Cisco Secure Email is a budget-friendly solution.

I am not satisfied with the solution's reporting and logging.

I have been using Cisco Secure Email for the last five years.

I like Proofpoint's reporting, management, and interface. It has a single dashboard, very simple configuration and integration, and a very user-friendly GUI.

The solution's initial setup is not difficult. However, it has the management's separate interface and email security's separate interface, which we need to manage.

It was not difficult to integrate Cisco Secure Email with other products in our infrastructure, but it has many complicated options. Sometimes, we need to go to the command line to check the debugging. The solution's DLP (data loss prevention) feature is partially for compliance. DLP needs a full-fledged solution with the agent implementation. Until the agent is not there, you cannot implement DLP.

The solution's email encryption feature works fine. Cisco Secure Email is not a single platform. The engineer has to be a little technical to understand the command line, which is different from the firewall. There are different types of command lines. You have to check the mail log using different command lines.

Overall, I rate the solution eight and a half out of ten.

We use the solution for endpoint protection, including email protection, such as antivirus, anti-phishing, content filtering, outbreak filtering, and greymail protection.

An important feature is retrospective analysis, which allows the solution to retrieve emails sent even a week ago, even if they have already been delivered. This is done by analyzing emails for malicious content after they have been sent.

Cisco Secure Email focuses on cloud-based threat intelligence and endpoint security. The current version improves on the on-premises version by integrating Threat Grid and Advanced Malware Protection, which helps users quickly identify malicious emails.

The product is stable. We never had issues. If everything is configured right, it's something you can easily forget about.

The solution is scalable.

1300 users are using this solution.

We used it once when the appliance was acting up and then realized that an upgrade was needed. We follow up on the requirements upgrades and patching. It doesn't require much patching.

The initial setup is straightforward.

Cisco Secure Email can be integrated in-house, but we are too busy. Therefore, we have decided to use an integrator.

Even though Cisco Secure Email is not cheap, it offers a good return on investment. Cisco needs to ensure that its products are functional and have a long support timeline.

The solution is not cheap.

Cisco Secure Email is a fast data service. Because of this, most of its features are already pre-configured. All clients need to do is customize and tailor the service to their specific use cases.

I would recommend anyone using the on-premise ports move to the cloud.

Overall, I rate the solution a ten out of ten.

I use the solution for spam filtering.

The solution works well. Cisco claims to have the biggest threat intelligence database in the world. We trust them because they are enterprise-level products. If we are protected, then it is working well. I am satisfied with the overall performance of the solution.

The management features of the product are not up to date. It does not match the features provided by the new vendors in the market. The solution does not offer features to protect workloads on the cloud.

My organization has been using the solution for the last 20 years.

Support is not good. The support team provides a slow response. I rate the support team a six or seven out of ten.

Neutral

We pay at least 25% more for Cisco Secure Email than Trend Micro. Cisco’s support is better than that of Trend Micro.

The solution is expensive. Every additional workload or feature has an additional cost. The product should provide a single bundle for protecting both on-premises and cloud solutions. We do not have to pay for support.

We do not have the resources to review the product technically. It is very difficult to analyze these weaknesses. As an end user, we need something to defend us and block threats. If any product works with 95% efficiency, we can say that it works well. Email protection is very critical. No one should take risks.

Cloud protection apps are very critical to the business. They should be easy to configure and easy to manage. These days, there are hundreds of products available. It's very difficult to find a good solution. Just because a tool is popular, it does not mean that it will always be the best solution. The backend technique is very important. Machine learning, artificial intelligence, and threat intelligence are very important.

If we have more knowledge, we can have more protection. If we don't have the knowledge, we can't. The solution does not offer a complete bundle for on-premise and cloud protection. If we need more features, they charge us more. They do not offer all features together.

Overall, I rate the tool a seven out of ten.