Share your experience using Vade for M365

The primary use cases for Mimecast Advanced Email Security is email security, which focuses on email inspection, phishing, and impersonation detection.

Feature-wise, what we normally see as a provider is how well they are aligned with their confidentiality management like DMARC, SPF, and DKIM management. Mimecast Advanced Email Security has been doing an excellent job in that area, as well as the compliance part, including how they do email archival, legal holding, and eDiscovery. Apart from that, they also have features like awareness training and user risk scoring, which definitely helps as a provider to show the complete picture to end customers.

Regarding pricing, Mimecast Advanced Email Security will be at par with Proofpoint. They are not saying they are very cheap; they are a decently premium product in the market. The ROI discussion sometimes wins the conversations. Pricing-wise, they are slightly premium, and that is how everyone has positioned themselves in the market.

The improvement needed is not necessarily in the product itself, but rather around how other organizations have evolved. The DLP discussion is no longer limited to email; it has gone to border level with companies like Zscaler, Netskope, and Palo Alto giving the complete full-stack SASE setup. When somebody has a SASE setup, then Mimecast Advanced Email Security DLP might not even be needed at a point in time. Mimecast Advanced Email Security needs to improve in this area because they are only focusing on a particular set of problems which is on email and human risk, whereas companies that need a slightly bigger picture will look elsewhere.

The second thing is when you buy an XDR provider, they give you a complete holistic story around it, showing what has happened, which email somebody has clicked on, whether there have been any changes, and whether there is any network activity. You get a holistic picture. When pushing Mimecast Advanced Email Security to end customers, people are more often saying that they would rather buy XDR from another provider because the story when an analyst sees is complete in terms of what they see, whereas they only get an email story from Mimecast Advanced Email Security. Mimecast Advanced Email Security has to improve there. Companies like Abnormal AI cover more on UEBA and user behavior, and there are many things for Mimecast Advanced Email Security to improve in this area as well.

It is less of a technology issue; they are doing very well on email. The conversation for them to have is on how to get into a broader level or how to get a tie-up to become a broader supplier. At least from a service provider landscape, I can say that.

I have been working with Mimecast Advanced Email Security for probably three to five years.

Mimecast Advanced Email Security is a good product and is very stable.

Mimecast Advanced Email Security is definitely scalable, and we are deploying it in very large environments.

The customer service is good. Normally as a service provider, we do have our in-house support and we manage most of the things in-house, but if we need help, they are great. They are not like Microsoft, but they are great at it. They respond properly and try to help wherever they can.

The setup is straightforward.

We do in-house deployment.

The ROI is more around whether they are able to reduce the risk dramatically. The ROI which companies see should be able to justify buying Mimecast Advanced Email Security. It is acceptable. I cannot say that it is cheaper, but definitely it is on a decent side. People can buy it. It is not very costly. The ROI is decent and they can definitely invest in it.

DLP is part of most of the compliance journey for most organizations because it helps identify the PII data which normally gets sent. Sometimes you have to send it, and you have no other choice than the option of masking the data. It is this kind of a filter where you have an option to identify whether there are any passport details, customer PII data, or any source code. You have an option to hold it or encrypt it if you need to. If you still have to send it, you can encrypt and send it. You can notify your security team to check it and all that. These are features which most DLP has, and even Proofpoint has similar features.

They are being pretty happy with Mimecast Advanced Email Security. The policies are decently researched and marked. They are happy and at the same time, with some of the features, they have the option to customize. That is where service providers like us come into the picture. We help them customize few of the policies, but apart from that, they have been very strong in terms of the policies and their processes.

It will be straightforward. Since you have email security, you get a decent number of emails without phishing and BEC risk. They reduce dramatically. Email availability and business communication continue uninterrupted, so you have email continuity in your picture. Compliance, as I mentioned, the litigation hold and eDiscovery helps them maintain compliance. I have seen that being utilized by a few of our legal clients. For them, it is very useful. Data leakage is reduced; if you have an option to block something, encrypt it, mask it, or block it, you have less risk of data leakage. User security awareness is also important. They do have phishing simulation and security awareness trainings that help reduce human errors and maintain user risk scores.

The primary thing which comes when I suggest is that people mostly go for email security features. I would still recommend people to start with their DMARC analyzer. Start from there, start your authentication, get the authentication methodology right, get the process right, and then followed by taking a product like Mimecast Advanced Email Security. I have been in this field for ten years, and in Microland, I have been for three years. Overall, I would give this product a rating of eight point five.

I work on the endpoints. I work on endpoint, email, and firewall. Email, I use it on my personal domain, so I know what it does.

Sophos Email security is the primary product I use. It scans all your inbound and outbound email for malware. It also has a capability for looking for phishing and spear phishing content and blocking it. Email has an extended capability that includes what's called a secure web gateway. All user traffic gets managed through that, making it a combination product. The version of the product you run determines which features are available.

Reporting is competent. There is scope for more improvements, which they will do as they do every year regularly. They keep updating the product. Reporting gives you the relevant details of what is happening, so it's mature on that front.

The main benefit is security for your email. The beauty of the Sophos system is that the XDR functionality runs across the system. Sophos, Trend Micro, and Microsoft are the only three that have a very strong system with this concept. XDR stands for extended detection and response, and it's a technology where the system automatically exchanges security signals between the endpoint, the email, and other similar products of the same brand. If you have Sophos Endpoint and Sophos Email, you have very good connectivity from the endpoint to the cloud at the email level and to some extent onto the browsing traffic. You have a very rounded security aspect.

Some existing functionality in the product needs better articulation in how data is displayed. In one place there is data, but the way the data should be shown is not being shown right now. I have provided feedback during tech support sessions.

Two years.

It's pretty solid on that side. It does a very good job. I've had more than a 99.5% uptime rate. I don't experience much downtime, but it's done a fantastic job over the past two years. I would give stability a rating of ten.

I would give it a nine. I have not used it in big sizes. The sizes where I'm using it are small, a couple of hundred users, and it does its job very well. But it can go up to around fifty thousand users or something that can be accommodated in one tenant. I'm not sure of the exact sizing, but that's a general rule that has always been there.

They are very competent. They even have machine learning technology plugged into that, which gives you some search capabilities. They have what's known as MDR, which stands for Managed Detection and Response. It's a paid service, and it's actually very expensive. It's a service wherein they have dedicated engineers for your use. This will work best for enterprise customers where they have several thousand users. They have very good capability. I would give them a nine.

I don't work with Trellix now. I work with Sophos.

It's pretty straightforward. When you buy the endpoint product, you get a bunch of default policies which frankly speaking, you just have to leave running and install the client on the laptop. I use Office 365, and the integration process took me about ten minutes to do.

The main competitors are Trellix and Trend Micro. At the endpoint security level, all three are pretty equal, with some pluses and minuses here and there. Trellix has a DLP module as an add-on component, and that's a very fantastic product for endpoint DLP. Sophos doesn't have a strong one. Trend Micro doesn't have a strong endpoint DLP either. That's one critical difference between the two. Trend Micro has email security as one of the modules as part of the pack when you buy it, depending on the subscription you have. Sometimes you get it, but most of the time it's an add-on like Sophos. Trellix doesn't have that capability right now as far as I know.

I've used the firewall for the longest, over fifteen plus years. I've been using the endpoint for three to four years now. Sophos Endpoint is what they call Sophos XDR now. I don't use the encryption part of it, but the basic functionality does a very good job. I would rate this review an eight.