Cisco SecureX [EOL] Reviews

When it comes as a business bundle, we come to customers [to provide] a one-stop shop, and we provide a return of value on human resources. We come with an angle of EDR, Umbrella, and email security. We provide one-stop management that provides the visibility, enrichment, the ticketing system, and the Rockwell playbook that integrates out-of-the-box. That's amazing value for our customers, and this is why we like it so much. 

Today we're not selling just EDR or just Umbrella or just a firewall anymore. We're coming with an XDR SecureX platform offer and that's it, and customers love it.

One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web.

Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. 

That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.

The visibility and the fact that customers don't have to go anymore to each one of the management consoles [are the most valuable features]. They have consolidation, and that's the best value.

Every solution can be improved. That's obvious. They could put in more third-party [integrations]. Unlike other solutions, here you have out-of-the-box support with third-party integrations, for example, with VirusTotal, with Sumo Logic, and AlienVault. But they can always improve themselves and put more and more, including the playbooks.

The automation, not just third-party integration, but also more playbooks, out-of-the-box, for automation [would be helpful].

I'm from Rockwell Automation. This is a huge corporation from the US. And in Israel, we have a bunch of cyber solution softwares. My department is responsible for being resellers of Cisco. We are a Cisco platinum partner. I'm the CTO and the vice president of Rockwell in Israel.

I have been using Cisco SecureX from the first moment it was released, something like two and a half or three years ago.

It just works.

[The scalability is also] the same, it just works. We have no issues.

[The support is] working very well. We have no issues. When we need them, they provide excellent service. The TAC support is a nine out of 10.

Positive

It's on the cloud. It's very easy. You just do the registration. They also pull Duo inside for multi-factor identity and that's it. It's really working very easily, in one click.

We have more than 40 to 50 customers with different variants of solutions and all of them [were done] in one click. We provide [it for] them out-of-the-box and we don't charge money for that. We say to the customer, "I will give you the XDR integration with all of the systems. I will not charge for that." Why? Because it's very easy. One click, remove the API keys, and that's it. It's working. And that's amazing.

There is a huge value, as we said. [There are] less resources to manage, good value for money when you take the business bundle. So why not? The ROI, it's very simple to prove. This is crazy.

I have used competitors in the past but it's not the same. First of all, Cisco is a giant. They have a lot of different varieties of solutions in the market. Other vendors only have firewall and EDR, or they only have EDR and deception and firewall. They don't have the concept of the full XDR out-of-the-box and free of charge. I must remind everyone that SecureX, out-of-the-box, is free for any customer. You don't pay for it. And that's amazing value when you buy solutions from Cisco security.

We would like to see from Cisco: more out-of-the-box playbooks and even more third-party [integrations]. It's an eight or nine out of 10. I [also] wish that the interface would be more sexy.

We use a lot of different Cisco security products to protect different areas of our entire infrastructure. SecureX basically gives us a single pane to all those products. We were trying to avoid going from product to product to product to product, either to research security events or just look at overall performance of those. SecureX covers every security product that we have. 

There are integrations into third-party products, such as Office 365 and Azure, as well as Virus Turtle to do some research. This solution was mostly initially implemented to help us with researching events and has grown since then.

SecureX makes it easier for me to present to management, i.e., our leadership team, how these security products are working and how well they are doing. We can look at things like our email statistics and realize that more than 50% of all inbound email is actually rejected because it is either spam, malware, or something else. They never would have understood that the percentage was that high until we had a product which actually tracked these things. We could show leadership basically what was happening. 

When we need to investigate something, we only need to go to one place. So if I need to look, then I can see an event which occurred. Maybe it is an event that occurred on an endpoint device, but I need to check the firewall. I might need to check Umbrella. I might need to check Stealthwatch, Email Security, and all of those other products to see what else was happening at the same time. SecureX does that for me. I can go into the threat response part of SecureX, put in that endpoint device or indicators of compromise, then it searches those products for me. I don't have to do that. Not only do I not have to do that, but we can now give that over to someone else who isn't as an expensive resource as I am.

The two biggest things that are great about SecureX: Orchestrator and visibility. 

We initially implemented it when it was first introduced because of the visibility piece. We could look at the performance and statistics associated with our entire security portfolio. 

When they introduced Orchestrator, it was a game changer because now we can actually develop Orchestrator scripts to handle a lot of the investigations that we were previously doing manually ourselves. We can actually set up Orchestrator to do things like investigations. If it discovers something that we need to look deeper into, it can just send us an email or text message for whatever we need to do, which has been huge.

It has evolved a lot, just that monitoring piece to the current Orchestrator piece. The additional analytics are there. They now have something called Insight, which can basically take data from Microsoft Azure AD and Intune to give us information about our endpoints. This is detailed information about the endpoints, from Secure Endpoint and all these different products. So, it is just constantly evolving. Every time that it evolves, we have more information with more visibility. There are more features that we have that just make everything so much easier, and it is in one place. I don't have to keep going back and forth. I don't have to go to Secure Endpoint and ISE to get the data. I don't have to go to Intune on Microsoft to get the information. It is all in one place.

They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be.

We have been using SecureX pretty much since its inception. How long has that been? Three or four years, something like that.

It is great. We receive notifications from SecureX. When there are any issues on the back-end, they immediately notify us if it is affecting North America, Europe, or PAC Asia. We are constantly being updated. If they are working on an issue, then we get notifications when those issues are resolved. Most of the things that we have seen in the past usually happen, from our perspective, in the middle of the night. So, it doesn't impact us as much. It has been very reliable.

I haven't seen a product that we couldn't integrate with. It scales all the way up the whole Cisco product line plus all of this stuff that is non-Cisco. I haven't seen anything that indicates that there is a limit to what you can do.

It was something that we never even thought of. It is one of those things where they introduced the SecureX product when it first came out, and it was like, "What do we need this for?" Then, once we saw it, I was like, "How did we ever live without it?" It is one of those things now where there is all this talk about EDR and all these other products, and SecureX fits in that area. 

It was the first thing that we ever saw that was anything like it. We just tried it out. It was available. We contacted Cisco who configured it all for us. We tied it into the products that we had at the time, and thought, "Well, this is really neat." 

It is in the cloud, and there are integrations with devices. We did all the integrations ourselves. It was very straightforward. There are step-by-step instructions in the portal on how to get the different products integrated. I was able to do it all, so it wasn't hard at all.

Not only did they save us time, but as a small organization, we have a very small group of people who need to look into these things. Because we are a financial institution, every event and alarm needs to be investigated. You can't assume that something is a false positive until you have verified it. You can't take the risk. The ability to be able to have Orchestrator handle some of that for us, and even be a little proactive, e.g., go out to the Talos blog sites where they talk about the most recent attacks. They talk about the most recent indication of compromise and take that information to go ahead and run it against all our security systems to find out if any of those things show up. This saves me days of work, easily days within a week, because now I can do more from an architect's perspective instead of having to investigate all the events.

It is free. It can't get any better than that.

I would rate it 10 out of 10. It is one of my favorite things that has ever been built. It gives me the opportunity to be able to build orchestration so things can be handled in an automatic way. It gives visibility to me in one place. It is an all-around, outstanding product.

The tool's use cases include cyber threat intelligence and automated hunting. These are some of the key features that our customers like about the tool. 

Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process. 

Our customers also find the ability to create their own workflows using low-code capabilities to be really powerful. This powerful tool automates threat hunting. 

One of the improvements the product needs is more integration with collaboration platforms. The ability to drive actions and see insights through those collaboration and messaging platforms will be very powerful, and we see that as a feature that our customers would love. I think the key value in SecureX is the integrations. The improvements that we would like to see is those integrations keep coming because they are fantastic.

I have been working with the solution for about 18 months. 

The solution is scalable from an integration point of view. It is deployed over the cloud and has no limitations. 

The tool is a SaaS-based platform that is easy to set up. The integrations are also easy to do. Customers get it free of charge with a Cisco Security Portfolio and it's really easy for a customer to set up the solution and use it.

I would rate Cisco SecureX a ten out of ten. I find the product to be a fantastic platform. If you are eligible, start using it straight away. The best way to evaluate it is to start using it and see where it fits within your organization.

I think it helps our customers really deliver their SecOps goals, and I see it as a core foundation of CAE's own security strategy going forward.

Our partnership with Cisco is one that was built on trust over a long period of time. This has enabled us to work together to be able to provide the solutions that our customers need to drive their organizations forward.

The value we add as a reseller is being able to work closer with our customers, understand them, and get intimate with their organizations. That enables us to offer them the right solutions that will help them achieve their goals.

This solution is a new solution. It gets visibility into all the components about security. For example, in the Firepower application, emails, and in the cloud, I can see across those in SecureX. It shows all the layers and the entire security solution. This is very important and key in the world of security.

Organizations are afraid of attacks. For example, many companies have an attack once a month. We need this solution's visibility into our customers' applications.

The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem. 

I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect.

We have been using it for five years. This solution is very important to us.

They are good and are graduating to the next level with this solution. We can see the security in the cloud for this solution. Whether I am working at home or out in the world, I can see all the security in my network. 

The deployment is very easy. You just log, install, and run the software. That is all.

The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution.

It is a good solution. It is Cisco's best solution.

Monitoring is easy. My engineers are monitoring this application all the time and the customer doesn't have to call me. My engineers will call the customer and say "Hey, you are having an attack."

I would rate the solution as 10 out of 10. It is the best. The SecureX solution has the best impact for the customer because it has all the visibility of my applications and my users' applications. Of course, it is also easy to manage this application.

We use multiple firewall boundaries. We use Cisco for both internal networks and external networks that we provide for our customers across multiple sites. 

This solution definitely helps us meet our cyber security goals and we haven't had any problems so far. Cyber security resilience is very important to our business. This solution has improved our network and optimized our firewall. 

The ability to create firewalls online has been most valuable including the ability to create rules. We have done this using the ASA old firewall which we prefer over the newer ones. This solution helps us meet our cyber security goals. 

The resilience of this solution has also been valuable. We can trust in the fact that we can always reach out to developers if we have any problems. This solution has improved our network architecture.

The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved. If I want to look up a rule, I want it to be easy and just have the rule displayed instead of having to look through highlighted results. 

We have used Cisco ASA firewalls for seven to eight years.

This solution offers good stability. 

Deployment and setup of this solution take a week as we need to copy the rules from a previous firewall to this one. This solution does require regular maintenance. We have seven team members responsible for this. 

We have experienced a return on investment using this solution.

It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco. 

We evaluated other options but prefer Cisco because it integrates well with other technologies. 

This is a good quality solution and I would rate it a ten out of ten. 

We use it to investigate threat incidents. It lets us better manage security incidents.

We just use it for the security department.

It gives us more visibility into detected threats so we can determine their impacts.

Its cybersecurity and resilience have been extremely important for our organization. It helps us save our operations by protecting us against ransomware and most threats.

The automation and orchestration tools are the most valuable features.

It is good that it provides information. However, I think that there needs to be more actionable items for us based on the information provided.

Remediation stuff could be integrated into the product's automation.

I have been using the solution for a year.

It is really scalable. We are looking to increase usage in the future.

Overall, the technical support is great. I would rate it as eight out of 10.

Positive

We did not previously use another solution.

The initial setup was complex. It took about a month to deploy. The deployment took me about 20 hours overall of work.

I had to work with the SecureX engineer in order to get things rolling. It wasn't a very straightforward process when we rolled out the product.

We used an integrator for the deployment.

We have seen quicker response times. It took a few months to realize the benefits.

It comes free with all Cisco products. So, it is a good price.

We didn't evaluate other products.

Leaders in organizations should invest in IT, training, and staff.

SecureX is a dashboard that aggregates all of the reporting from the Cisco stack into a central location. It's hosted on a public cloud.

ESA has a portal that has all their data, Cloudlock has a portal, and Umbrella has a portal. It basically aggregates them all into the same place so you have a widget or a section of the screen, depending on what you want to focus on. You can customize the dashboard to show all of those inputs in the same place at the same time.

We were just given the APIs, and you basically plug in the API coming out of your Cisco stack into the SecureX portal. It starts sending all the data from those products into Cisco's portal. There's no insight into the backend.

We had a handful of users using this solution. It's giving a readout of very sensitive metrics on our security stance, so we only had it pointing to a handful of users like top cyber security engineers and two or three people in management.

If management wants to ingest reports at a high level from all of the different products, they would only need one login to SecureX to view this information as opposed to separate logins for each of the integrated products.

It consolidated and streamlined viewing of metrics and high level data from our security stack.

I like that I don't have to jump around to five different products and log into five different places to view the data that it returns.

The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive. There were still some gaps. I think Cloudlock said that it was able to ingest it, but any time we tried to configure it, it didn't actually pull over anything. I think it was just new. You need maturity.

There could be a better effort for the app integration. Some of the integrations were not completely ironed out. It was very new at the time, so the documentation lacked the integration. Some of the services were on-prem and some of the services were cloud-based. The cloud-based integrations were very well done and easy to integrate, and the ones that were generated via on-prem were cumbersome and needed a little bit of ironing out.

They were harder to set up and less consistent with their reporting. One of the main things was that SecureX didn't ingest the entire Cisco product set at the time. It was going under pretty rapid development, so I hoped that would expand, but I haven't had insight into it in the last 11 months.

I used this solution for two years.

At the time, the solution was very new so it was a mixed bag.

The scalability is fine.

Technical support is fair. I would rate it 3 out of 5.

Because it was new and because it's Cisco and they had people changing all the time, it was just kind of a mixed bag of who you got and when. Then depending on the product you were integrating with, it got passed around to someone who knew what they were doing.

It's touching so many different platforms, and each platform has a different tech support group. SecureX was trying to reach into all those different silos. I think that was part of the issue – it's trying to aggregate so many different products.

For some of the products like the cloud-based ones, it was extremely easy. You just export an API, plug it in, and it works. For the on-prem stuff, it took quite a bit of wrangling to get it to work consistently. It was inconsistent. That's kind of a mix. Some of the integration was really straightforward, really easy, and some of it was complex.

There were a couple times where a revision to a product changed, and so it had to be set up again.

Because the product wasn't fully baked, we just rolled it out as feature sets became available. As we stood up Cisco's security stack, we were able to integrate each piece fairly quickly. It was a kind of an ongoing project over a year.

The only person needed for maintenance was me.

I would rate this solution 7 out of 10. 

It's a great idea if it worked consistently, but it has to be way more mature than when I used it.

We are a managed service provider with a number of customers that have different Cisco security products. We utilize SecureX to give us a better, high level overview of all of those different security installations.

When considering how SecureX has improved our organization, things should be looked at holistically with an endeavor to see threat patterns across one's entire environment rather than individual products. We still haven't really explored the Orchestration side of the tool, but if we can start to leverage that it will help us do better with some of the security challenges that we face. Hackers use automation and this means we can only attempt to keep up if we use automation as well.

SecureX is both a security analytics product, as well as a security orchestration and remediation product. We've integrated it with a number of Cisco security technologies, though we're primarily using it for Network Analytics right now.

SecureX definitely provides us with contextual awareness throughout our security ecosystem, since it allows us to integrate multiple threat intelligence feeds, as well as multiple security appliances and platforms. This enables us to have all the threat intelligence and threat event data in one place.

The security orchestration aspects of the tool came out only about a month ago and we haven't yet moved forward with testing it. It does look like its Orchestration will prove quite powerful in terms of allowing me to have interaction with and control of all the systems. Whether this will be to create a ticket in ServiceNow, or to send security alerts to WebEx teams or something of that nature, it does look like it has some very powerful features.

This is a relatively new offering from Cisco and some time is needed for the evolutionary development of the platform. It's good that there are some third party integrations available and it would be a positive step to see more offered.

I also would like to see a full managed service provider addition to the platform. I would like to see a managed security service provider console just like there is for Cisco Umbrella and Cisco Secure Endpoint.

We have been using Cisco SecureX for around three months.

Overall, it seems to be really stable. I have noticed that sometimes there is a slight lag between when you do an integration with an API key and when you start seeing the data. But once the data starts flowing it all seems to be quite stable.

We've added multiple devices onto SecureX and this seems to be both stable and scalable. We can customize how the individual tiles are laid out, resize them, and play around with the spacing. We can have whatever we want on whichever dashboard tab we wish to create, so it provides us quite a lot of customization.

I see the Orchestration automation side of the tool as a very positive thing and one that will help us to scale as a managed service provider.

We raised a couple support cases for SecureX and these were worked through and resolved.

At the moment we're experimenting with SecureX. We will only do a full implementation for all our customers when a multi-tenant platform designed for MSPs or MSSPs becomes available hopefully sometime this year. We want to avoid creating a lot of configurations that have to be repeated later when a new platform is released. 

When it comes to the complexity of the initial setup, it depends what you're trying to do. At its basic level, integrating threat feeds or security appliances is really easy and only takes a couple of minutes to perform each task. The Orchestration automation side of the tool is a bit more complex and requires more time to understand and test. The basic side of the tool, meaning the security analytics that require you to integrate the threat intelligence feeds and then the security appliances, is really easy.

The security orchestration is a bit more difficult but not anymore so than what I would expect. What Cisco is trying to do is bridge the gap. You can either automate with programming-related skills, using Cisco's DevNet—which would require having special DevNet engineers in-house, or use Python or JSON—or you can use a SOAR tool. Although SecureX is not specifically a SOAR tool, it does have security orchestration and automation functionality. Rather than having to use specialist DevNet engineers, you can use people with more general network engineering skills or cyber security skills. You can use the tool to create workflows from the palette that is built into SecureX to create automations. It's not easy but it's easier than it would be if you had to use just Python or JSON. Cisco is definitely bridging the "skills gap" when it comes to programming. They're definitely making it easier than it would be otherwise.

We have five to six environments and most of them have at least one Firepower appliance and an email security appliance like Cisco Endpoint or Cisco Umbrella. Then we added threat intelligence feeds from VirusTotal and Have I Been Pwned. So we have enough to give us an idea of how it works, what kind of data we can see, and how we can use the tool going forward to automate.

The product is absolutely free to any customer that already has one Cisco security product. If one only wants to make use of the security analytics, this is super easy, as set up and integration of all the security appliances can be accomplished in a couple of hours. If one wishes to undertake the Orchestration automation side of the tool, it will take a bit more effort and time to understand and test. What should be taken into account is the number of different things one wishes to automate and the level of its complexity, but this is definitely easier than having to code everything in Python.

We didn't conduct a detailed product evaluation between SecureX and other vendors of this kind of product. As we are a Cisco partner and customers get this product for free if they have at least one Cisco security product, it seemed to make sense to explore this because of its level of integration across the entire Cisco security product range.

I think it's one of those things that's a "no brainer." It's a cloud service that you can turn on in two minutes and you can be up and running in an hour or so maximum, at least for the more basic side of the functionality. So I would say if you're already using one Cisco security product, it just makes sense to start using this because it increases the visibility of threats across your environment and allows you to start using automation.

The SecureX Ribbon feature integrates with a sister tool called Cisco Threat Response. This allows us to do threat hunting and build a kind of casebook from our threat hunting investigation. From what I see, it looks pretty good and it looks like it will help our business from a CyberOps perspective. We feel that SecureX Ribbon features will affect collaboration within our team or across teams. The ability to pivot between SecureX Cisco Threat Response and different Cisco security products from one location will make the business of investigating security events and threats easier.

As I have not personally evaluated similar products of SecureX, it would be difficult for me to properly rate this product on a scale of one to 10. Although I would score this product an eight, as it is very good. This takes into account that it has only been available for use for the past six months and the Orchestration feature has only come out of beta a month ago. The biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective. If this can be resolved, the score will likely go up to a 10. Hopefully, this request will be accommodated in the next release.

We are using SecureX to protect all of our users and devices, both onsite and offsite, no matter what network they're on. We wanted a solution that would integrate across various platforms that we purchased through Cisco.

The biggest way we've benefited is because of COVID-19. In March, when the pandemic hit, as a school district we had to go fully remote. Obviously, we have devices that left our network for a substantial amount of time and we don't necessarily know what they were connected to, in terms of networks. Were they keeping safe? We were ready for that shift. We knew exactly what was going on with those devices, no matter where they were. SecureX has been keeping our devices safe during the pandemic. We haven't had any major threats that have come in or that have been found on our devices. That speaks to what Cisco is doing.

The fact that SecureX is built into Cisco Secure products and connects with our existing infrastructure has increased our security significantly because we use all Cisco products in our district. We have Cisco Next-Gen Firewalls and Cisco wireless controllers. What SecureX brings is that all of those can be incorporated together, and you're pulling data from all of those various systems into one pane of glass. You can really quickly see what security threats you have on your network.

With everything in one location, instead of having to open up five, six, seven, eight, or 10 different applications and look at data in them and then cross reference it, it's all in one pane so we can look at one application and see everything in one place.

It has also reduced the workload of our security team because that single pane of glass makes it easy. We don't have a dedicated security person in our department. We're a rather small IT department for the size of school district that we are, so we had to find a solution that easily gets the information we need, in a matter of seconds, because we might not always have the time to do it. And we needed something that obviously was a leader in the market share and we felt Cisco was that. SecureX has probably reduced our workload by 30 to 40 percent.

Something I've noticed, since going with Cisco security products, SecureX and all the rest, is that the number of issues on our devices has decreased substantially. Typically, in the past, we were re-imaging machines, wiping them clean and setting them up again, because they had run into issues, and that has decreased significantly. These products have allowed our users to continue to use their machines for many years without really having any threats on them.

In addition, it has saved us time when it comes to investigation tasks, again in that 30 to 40 percent range. An example of the way we've seen that reduction would be using Cisco Threat Response. If a computer has an issue, and we see some traffic or files on that computer, we can instantly investigate where that file or service has gone across our network. We can see if it went to five different computers and, if it did, we can instantly know what those five computers are. It reduces our investigation time because we don't have to go and check each machine. Cisco is going to give us a roadmap of how that malware impacted our network.

One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not.

They have released a lot lately that has continued to give us more insight into what's going on. But if they could make the Cisco Umbrella piece a little bit more advanced or easier to manage, that would help. We use it for filtering and when you compare it to a normal content filter, it lacks some functionality. It's something that we've adapted and continue to use. We see the value that it brings to us.

We have been using Cisco's products for about three years.

It's been very reliable. It has not caused us any heartache since we've deployed it. If there is an issue, we usually get notified right away, but even those issues have not impacted our devices. For example, if they release a new software agent for the Cisco Secure Endpoint and maybe there's a known bug, they will usually recall that and let us know right away. But we've not really been impacted by any of that. 

I feel that they do a good job testing everything before it's released to the end user.

The scalability is endless. We use it as a K-12 school district, but the same products can even go to a smaller school district than us, or they can go to a large corporation with thousands and thousands of users. It is meant to meet whatever needs your organization might have.

Not only that, but you have the interoperability of it, where it can be attached to a wireless controller or attached to your firewall. It's not just security at the device level. It's security of the network level as well.

We have not used technical support for the SecureX stuff. That speaks highly of the quality of product, especially with all the integrations that we have going on with different devices, and all the different solutions that we've purchased from them. We have not had to create tickets for any of that.

We've used several different solutions in the past, the typical antivirus solutions. We were not impressed with them, so when Cisco first released this we took a look into it and were impressed. We did a pilot test of it and saw that it met our needs, that it fit what we are doing here from a Cisco standpoint, and we purchased it.

We purchased a Cisco Enterprise Agreement that contained a lot of these products. Once we got that we started with Cisco Umbrella, which is part of the SecureX platform. We got that deployed to all of our products, including PCs, Mac devices, and iPads. We have about 300 PCs, about 800 Macs, and right around 4,000 iPads on our network. For us, that was the major first step because we wanted to protect our devices no matter where they went or what network they were joined to. We have started using that as our filtering program in the district.

From there, we deployed Cisco Secure Endpoint, which was also called AMP for Endpoints at one point, but they just recently changed its name. We deployed that to all of our devices as well. It was easy to deploy. It worked with our mobile device management system. And on the iPad, we use the app that joined both Cisco Umbrella with Cisco Secure Endpoint. Integrating those was important. We can go to one system and see a lot of that traffic and get a lot of the information.

It took us a couple of weeks to deploy SecureX across our devices. It was very easy because we could push it out using various systems. The biggest one was our mobile device management system that supports Macs and iPads. We could just upload the software to that and push it out. On the PCs, because we use Active Directory here, we could do it through group policy. We might have manually touched some of the PCs, but the deployment was very fast and easy.

The only thing that I would consider as maintenance when it comes to SecureX is making sure the devices update the software as it's released. That usually happens automatically from the server, as they check in, but sometimes there's an issue with a device that prevents that. In that case we have to go out and physically do it, but you can pull records and see which ones have not updated. So there's very little maintenance from our end.

For us, everybody plays a part in it because we don't have a dedicated security team and we only have one network specialist. Aside from the network specialist using it, we have a server specialist, and all of our building technicians have access to the system and can run reports and can do investigations if they feel comfortable doing that.

Our ROI is that we've not had any serious security threats. All of our devices are pretty healthy right now. I know when I leave at the end of the day, and all of our devices are exiting our building, that they're going to be secure no matter what happens. And when they come in the next day, we're not going to have a lot of threats brought in.

The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy. We continue to grow the number of licenses that we have each year.

We evaluated other solutions briefly, but we saw the value that Cisco brought to the table. Because we have a small department we need to simplify our solutions so that they integrate really easily, and that means we stick with one vendor. It's easy to get a hold of support and troubleshoot issues if they do arise. That's why we put all of our eggs into one basket with Cisco.

Meet with Cisco representatives or their reseller to get a demo of their products. Then, reach out to some clients that are using it and get their feedback on it. That will show you that it's a solution that you need to invest in.

I would give SecureX a 10 out of 10, and I really do mean that. We've had really good luck with Cisco and all of their products. It's a great all-in-one solution for us and we've been extremely happy.

We use it to track our emails and to secure our endpoints. SecureX is a really big tool. If somebody tries to attack us with a virus, SecureX helps us to find that email quickly. Our staff members use laptops, computers, and other devices, but they don't have a lot of knowledge about the whole "IT war." There have been viruses and SecureX has enabled us to protect those users, and our systems and components as well. We have used it to solve spam and phishing attacks that are really popular these days. In our company we have over 20,000 users, so you can imagine how many emails we have on a daily basis. That is a really good example of what we can do really easily with SecureX.

Are you using multiple products from this vendor?

We use multiple Cisco tools within our environment. We use network solutions, products like switches, access points, routers. We also use many Cisco phones. For network solutions we use Cisco ISE and Cisco Prime. As the telephone system, we use Cisco CUCM, Cisco Unified CallManager, integrated with the Cisco Unity system for voicemail boxes. We also use Cisco Contact Center for our help desk and our employee services lines. We also provide systems to our customers. We have many government clinics. For communication, we use Cisco Webex Teams and Cisco meeting systems for video and call communications. We also use Cisco as a design solution.

Using multiple products from the same vendor is really nice and useful because many of Cisco's products are integrated. For example, we have that Cisco CallManager system which allows us to provide phone solutions for our users and that has really good integration with Webex Teams, the video conferencing platform. With the integration, we are able to provide standard phone PSTN features to our Webex Teams users. That is really great.

Using multiple solutions from one vendor saves our company time and money. With all the integrations, we also get really great support from Cisco because if you have, for example, a problem with integration between the systems there is just one company responsible for getting things right. A couple of times, in the past, I worked with two or three vendors, asking for support. We had some issues with integration and it is hard work to get good support from a couple of vendors at the same time.

Also, there have been a couple of times when I had to order physical devices and, working with Cisco, we got some better prices. Being a really big customer of Cisco allows you to also get preferred pricing.

The native integration between Cisco's products is really good because Cisco has solutions for almost every part of IT. There is a managed solution for network and unified communication. Integration between all these systems is really simple because Cisco has really good documentation. And if you need any help, you don't understand something, you are able to ask the great support.

To keep everything very simple, we use a solution provided wholly by Cisco. We grabbed SecureX from them and the cloud from them. That allows us to have better support because it's from one provider. If you have an issue with the system from Cisco, and the whole solution is based on Cisco products, the support can be moved from one team to another.

SecureX provides many measurements and has a really good dashboard. Working with it you are able to see things very clearly and you have every detail on a single display. That saves us money and time. There have been times when there have been 1,500 attacks per day. In a big company like ours, many employees are fired or leave the company and many have used the company email address for subscriptions or for personal usage and that also provides an opening for many attacks. These email addresses end up being used by fraud guys who try to get more information about the company. A couple of years ago we had a really bad situation related to something like that.

It brings all our data into a central point. It also shows us many data connections between many of our environments.

When it comes to investigation tasks, SecureX saves us time. SecureX gives you really good information about potential risks. You are able to find the source of a risk, a potential risk from a user or a machine. I can't tell you how much time it saves, but it's a really good tool that provides you many models that make your work easier and faster.

With SecureX you can see unusual activity and get more information about the machine or user involved. It provides you with more information about how to sort it out. That's a really important part of security, that you can protect your own network from unauthorized access.

In addition, using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices.

Contextual awareness is also a really good part of SecureX. It works with many areas and, with one tool, you have good visibility into many areas that you manage. That is a really good feature.

The automation process with SecureX could be simpler. When we started to use it that was not the easiest part for us.

Sometimes it's a little slow so that is also something Cisco should check. 

They should also work on the reporting.

We have been using SecureX for about two and a half years.

I'm not sure that I would call it a bug, but sometimes the solution is a little slow. But there is no other issue aside from that. Many bugs that we noticed were related to configuration changes made on our end, so we couldn't say they were system bugs. 

Anytime we are notified about patches and upgrades, we try to upgrade SecureX as soon as possible. There may, potentially, be some bugs, but Cisco also works to improve on its products. In my eight years working on Cisco products, I found one new bug in a Cisco product and I got an email from them: "Hi, Michal. You've found a bug. Thanks for that. You are the first person." But that was only once, and not in SecureX.

It's a really good solution and I haven't seen any limitations. 

I have worked with Cisco systems and products for over eight years and I have never had any issues with their support. You can open a TAC case in many ways: through your email or their support portal. And if you open a ticket with them, the engineer is assigned to your case in 30 minutes or so. With Microsoft, I had to wait one or two days. So Cisco support is really nice. If you need help with a problem, you will definitely get fast help. I only have good things to say about Cisco support.

I joined the team at the beginning of using SecureX and, to my knowledge, we didn't have anything like it. We had some really old systems and we replaced a couple of things provided by really small companies by using SecureX. Most of the things we replaced were created by our programming team, but these apps were only for our internal usage.

The initial setup was straightforward. SecureX is online. When you get your credentials to access the system, that is the only thing that you need. Just log in and start the integration with your environment. It's really simple. In the beginning we went through some manuals and documentation that we got from Cisco.

We needed something like 45 minutes, maybe an hour, to run the initial setup. That was really fast. For sure, we had to spend more time after that, but the initial setup is really easy.

Cisco has really good documentation about the product. For the last year, I worked on the Teams integration with our phone system. We immigrated from Skype for Business on-prem to Teams because we had many issues. Microsoft was not a good source of information or documentation so I had to ask their support to explain many things. The documentation Microsoft provided was really bad. By comparison, Cisco really has an advantage in this area. They have really good documentation about everything, as well as support.

In our company and in our team, we don't have roles divided into administrators and others. We are working as a security team and we try to obtain knowledge about all our systems. SecureX was implemented by me and one other guy, but after that we provided the rest of the team some training and shared our knowledge with them. We manage all our systems and help our end-users with them.

The cost has been good for us. We know the Cisco license and it is good for us. We pay for a really good solution, and that is the most important thing for us. You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending.

I don't think the company evaluated other options. We didn't talk about doing so in our team. Those things were handled by our leaders, based on the experience of many teams. In IT we have many teams that are responsible for many parts of our IT functionality. But I think the decision was made to go with SecureX because we have so many Cisco products. The thinking was: Let's ask Cisco about a solution for us, and Cisco provided it.

The biggest lesson I've learned from using SecureX is that, before, I thought that if you have a solution that handles many things and that can be used in many areas, it could not be a good solution. Working with SecureX, I realized that I was wrong. A good company like Cisco can provide a tool that you can use in many areas, a tool that provides many solutions for many models, with many features, and it can be really good. That solution can also be integrated with many other products, not only from Cisco but from third-party companies. Working with SecureX made me realize that you can have a good solution that you can use in many areas. Before that, I was a skeptic about that.

I would rate it a 10 out of 10. Using SecureX, we can aggregate the data from all our security products. It gives us the option to automate many of our tasks that we had to do manually before. It's a really huge time saver, and not only for my department, because we can also provide many reports about usage of our systems and networks to our leaders and our managers, and show what we can do to make our security better.