Mimecast Advanced Email Security Reviews

The primary use cases for Mimecast Advanced Email Security is email security, which focuses on email inspection, phishing, and impersonation detection.

Feature-wise, what we normally see as a provider is how well they are aligned with their confidentiality management like DMARC, SPF, and DKIM management. Mimecast Advanced Email Security has been doing an excellent job in that area, as well as the compliance part, including how they do email archival, legal holding, and eDiscovery. Apart from that, they also have features like awareness training and user risk scoring, which definitely helps as a provider to show the complete picture to end customers.

Regarding pricing, Mimecast Advanced Email Security will be at par with Proofpoint. They are not saying they are very cheap; they are a decently premium product in the market. The ROI discussion sometimes wins the conversations. Pricing-wise, they are slightly premium, and that is how everyone has positioned themselves in the market.

The improvement needed is not necessarily in the product itself, but rather around how other organizations have evolved. The DLP discussion is no longer limited to email; it has gone to border level with companies like Zscaler, Netskope, and Palo Alto giving the complete full-stack SASE setup. When somebody has a SASE setup, then Mimecast Advanced Email Security DLP might not even be needed at a point in time. Mimecast Advanced Email Security needs to improve in this area because they are only focusing on a particular set of problems which is on email and human risk, whereas companies that need a slightly bigger picture will look elsewhere.

The second thing is when you buy an XDR provider, they give you a complete holistic story around it, showing what has happened, which email somebody has clicked on, whether there have been any changes, and whether there is any network activity. You get a holistic picture. When pushing Mimecast Advanced Email Security to end customers, people are more often saying that they would rather buy XDR from another provider because the story when an analyst sees is complete in terms of what they see, whereas they only get an email story from Mimecast Advanced Email Security. Mimecast Advanced Email Security has to improve there. Companies like Abnormal AI cover more on UEBA and user behavior, and there are many things for Mimecast Advanced Email Security to improve in this area as well.

It is less of a technology issue; they are doing very well on email. The conversation for them to have is on how to get into a broader level or how to get a tie-up to become a broader supplier. At least from a service provider landscape, I can say that.

I have been working with Mimecast Advanced Email Security for probably three to five years.

Mimecast Advanced Email Security is a good product and is very stable.

Mimecast Advanced Email Security is definitely scalable, and we are deploying it in very large environments.

The customer service is good. Normally as a service provider, we do have our in-house support and we manage most of the things in-house, but if we need help, they are great. They are not like Microsoft, but they are great at it. They respond properly and try to help wherever they can.

The setup is straightforward.

We do in-house deployment.

The ROI is more around whether they are able to reduce the risk dramatically. The ROI which companies see should be able to justify buying Mimecast Advanced Email Security. It is acceptable. I cannot say that it is cheaper, but definitely it is on a decent side. People can buy it. It is not very costly. The ROI is decent and they can definitely invest in it.

DLP is part of most of the compliance journey for most organizations because it helps identify the PII data which normally gets sent. Sometimes you have to send it, and you have no other choice than the option of masking the data. It is this kind of a filter where you have an option to identify whether there are any passport details, customer PII data, or any source code. You have an option to hold it or encrypt it if you need to. If you still have to send it, you can encrypt and send it. You can notify your security team to check it and all that. These are features which most DLP has, and even Proofpoint has similar features.

They are being pretty happy with Mimecast Advanced Email Security. The policies are decently researched and marked. They are happy and at the same time, with some of the features, they have the option to customize. That is where service providers like us come into the picture. We help them customize few of the policies, but apart from that, they have been very strong in terms of the policies and their processes.

It will be straightforward. Since you have email security, you get a decent number of emails without phishing and BEC risk. They reduce dramatically. Email availability and business communication continue uninterrupted, so you have email continuity in your picture. Compliance, as I mentioned, the litigation hold and eDiscovery helps them maintain compliance. I have seen that being utilized by a few of our legal clients. For them, it is very useful. Data leakage is reduced; if you have an option to block something, encrypt it, mask it, or block it, you have less risk of data leakage. User security awareness is also important. They do have phishing simulation and security awareness trainings that help reduce human errors and maintain user risk scores.

The primary thing which comes when I suggest is that people mostly go for email security features. I would still recommend people to start with their DMARC analyzer. Start from there, start your authentication, get the authentication methodology right, get the process right, and then followed by taking a product like Mimecast Advanced Email Security. I have been in this field for ten years, and in Microland, I have been for three years. Overall, I would give this product a rating of eight point five.

My use case for Mimecast Email Security is that it's one of the best solutions for a traditional gateway. Check Point is the best for the AI-based solution. We are selling both as a partner for both solutions to customers.

Mimecast Email Security includes the best gateway solution across all Cisco, Trend Micro, and other solutions. For customers who want a traditional gateway, we suggest using Mimecast Email Security. For customers who want the advanced solution, we suggest Check Point for those features.

Mimecast Email Security's anti-phishing features are good and perform as expected.

Mimecast Email Security is a good solution because our customers haven't reported any phishing emails being delivered. It performs effectively as a traditional gateway solution. We haven't received any complaints regarding this solution.

Mimecast Email Security can be improved by adding some API integrations. Instead of remaining a traditional gateway, Mimecast Email Security needs to provide API solutions similar to Check Point.

I have been working with Mimecast Email Security for almost two years.

The system is not user-friendly because you have to create policies that are mapped in a dictionary. As an IT engineer, I understand how it works, but explaining it to another IT person can be difficult. Having more user-friendly dashboards would improve the work experience. In Mimecast Email Security, checking policies in the dictionary or gateway is very complicated, and not everyone understands this process.

If you examine the Check Point portal, it's user-friendly with easily accessible tabs that anyone can explore. With Mimecast Email Security, making changes might impact existing mailboxes. The portal is complicated compared to Check Point's user-friendly interface.

Mimecast Email Security is a stable solution. We don't encounter many issues with it. Customers report issues rarely, once or twice a month at most. It's performing well, and customers aren't reporting significant problems after implementation. They confirm it's a good solution where only one or two rare emails get through, while the rest are properly blocked without any issues.

Mimecast Email Security is a scalable solution. If Mimecast Email Security introduces API solutions, it will dominate the market. This would also be beneficial for Check Point.

I would rate my experience with technical support of Mimecast Email Security between seven and eight out of ten for their support.

Positive

The initial setup of Mimecast Email Security was easy, though it's not user-friendly.

My relationship with Mimecast Email Security is as a partner.

I am not familiar with the pricing details of Mimecast Email Security as I am an engineer. The sales team manages all pricing-related matters.

Most customers are using Mimecast Email Security in the cloud only, not on-premises.

Mimecast Email Security has a high catch rate compared to other solutions such as Cisco, Trend Micro, or Barracuda. They consistently implement new solutions and inform all their customers and partners about new features, which is a positive aspect.

Based on overall experience, Mimecast Email Security is the best solution for traditional gateways. Having worked with multiple traditional gateways including Cisco, Trend Micro, and Barracuda, Mimecast Email Security stands out as the superior option.

On a scale of 1-10, I rate Mimecast Email Security a 10 overall.

Could you please describe a few use cases for it? What do you use it for? How do you use it?

From the features perspective, are there any specific features in the Mimecast Email Security that you find the most effective in intercepting phishing attempts?

To clarify, you mentioned that you are using the AI-driven structure in their Abnormal functionality to indicate phishing attempts. Do you use any AI within Mimecast Email Security?

Have you worked with or utilized the targeted threat protection in the Mimecast Email Security?

If I ask you about the room for improvement, we discussed the phishing aspect, the DNS system, and the key rotation. Apart from that, are there any other areas that you would like to see improved or enhanced in the Mimecast Email Security?

The solution has been in use for more than five years.

What are your thoughts on the technical support of the Mimecast Email Security?

On a scale of one to 10, where 10 is the best, how would you rate the technical support of the Mimecast Email Security?

Neutral

Can I ask you about the initial setup process of the Mimecast Email Security? Do you find it straightforward? Is it complex somehow?

I have a question about the ROI, regarding the cost efficiency and operational efficiency of the Mimecast Email Security. Do you have any data to share with us? Do you find it cost-effective? Are there any measurable benefits?

Do you know anything about the pricing and cost of the Mimecast Email Security?

Based on your rich experience with the Mimecast Email Security, what kind of advice or recommendation can you share with users who are considering it? The reviewer gave Mimecast Email Security a rating of 10 out of 10.

Securing the mail communication.

Biggest benefit would be filtering everything that is either spam or a threat before reaching users mailboxes.

Filtering from threats before emails are reached mailboxes.
URL protection and sandboxing. Potentially dangerous links are open in Sandbox rather than in user's web browser further helping with potential threats.

Allow modification of potentially dangerous hyperlinks to be converted into either text or image instead of rejecting the message.

I have been dealing with Mimecast Web Security for more than five years.

Relatively stable with minimum issues. However, there were a few in the past caused a lot of headache.

From what I've seen from the MSP, it seems quite complicated to manage the configuration itself, but since I am not using the product as an admin, I can't answer it definitively.

I have not dealt directly with Mimecast Web Security's technical support; whenever we have a problem or something needs to be changed, I reach out to my MSP.

I did not purchase Mimecast Web Security through the AWS Marketplace because it goes through my MSP.

In general, I can't comment on ROI with Mimecast Web Security since I never worked without mail security application. I can't quantify the time I would need to spend on fixing issues or dealing with threats without Mimecast.

MSP in charge for setup etc. Costing seems similar to other evaluated solutions.

Mimecast was chosen by MSP who is also providing full support for us with the product. However, we as a company are evaluating various solutions which can provide better value to us either directly or indirectly via MSP. Mimecast seems to be heavy on configuration rather than using a user behaviour compared to alternatives we were presented.

We have been using Mimecast Web Security for quite a lot of years. Regarding the analytics part you asked and what metrics are most valuable for monitoring web activities in our case, we am not dealing with the monitoring; that's our MSP who does the majority of the monitoring on our behalf.

Regarding the reporting part, I have seen the original reports from Mimecast Web Security, which seem to be quite heavy in terms of information. With the MSP, we are just reviewing and discussing what is necessary. If there is a concern, that is dealt with MSP immediately rather than waiting for formal conversations. However, I think the Mimecast report is fine and easy to read.

It is hard for me to say whether the installation is easy or complex, as I wasn't involved; it was done by our MSP. I am the end customer of Mimecast Web Security, not a consultant.

We are doing a POC (Proof of Concept) for a customer looking into offset solutions to see how it performs compared to other players in email security.

In terms of efficacy, Proofpoint is better than Mimecast, though it's a little difficult to manage. A distinct advantage of Mimecast is its ability to block phishing and impostor attacks, which are significant threats currently. Security is a major feature where email security tools like Mimecast have delivered value by identifying and preventing phishing emails.

Mimecast needs to reduce the number of false positive emails; a big pain point for us. A lot of emails were missed despite being known samples. This needs improvement to reduce the workload on admins to manage emails.

I have been familiar with Mimecast for three to four years.

I rate the stability as eight point five out of ten.

I rate scalability as nine out of ten.

Support is not very good; not bad, but not very good. Response time is decent, however, support personnel are hesitant to engage in remote sessions, preferring to share documentation via email.

Positive

We have used Proofpoint and Barracuda for Security awareness training. The Barracuda tool is very poor; nobody is happy with it. I also have experience managing and implementing Proofpoint.

I have implemented Proofpoint, yet not Mimecast. We manage Mimecast for our customers.

There is definitely a return on investment when using Mimecast, as it blocks phishing emails, reducing the risk of significant financial losses.

The pricing is higher for Mimecast, particularly for the Indian market, where it is considered expensive.

We have experience with Mimecast, Proofpoint, Trend Micro, Barracuda, DirectCoder, and TruePoint.

I recommend Mimecast based on customer requirements and budget. It is a good tool for email security. I rate it eight out of ten.

I have been working with Mimecast Email Security.

The functionality, including email archiving and data loss prevention features, is adequate. Mimecast Email Security offers certain features inherent to the product which are beneficial. In case of additional needs, I explore further customization.

There is room for improvement since new threats are emerging. Considering the availability of new features would be worthwhile. Mimecast Email Security is somewhat expensive compared to the competition in the Indian market, and the local presence is lacking as they do not have a local representative currently.

I have been working with Mimecast Email Security for approximately seven months.

Currently, I am not facing any issues with Mimecast Email Security. If something comes up, I will be keen on exploring other products.

I have been satisfied with Mimecast Email Security as a good solution. However, if I need anything additional, I will surely explore what can be done on that. I would rate this product nine out of ten.

Neutral

I really don't know all of the features of the solution.

I did have a problem with Mimecast. That is why I was looking for an alternative solution because their sender IP address gets poorly rated by Microsoft. So it blocks sending emails to Microsoft addresses. The aforesaid reason made me decide to opt for an alternate solution possibly.

I have been using the latest version of Mimecast Email Security with Targeted Threat Protection for the last two to three years.

Stability-wise, I rate the solution a one out of ten because of its IP reputation.

Scalability-wise, I rate the solution as six out of ten. With Mimecast's IP reputation being degraded by Microsoft, it just caused me huge problems.

I rate the technical support one out of ten. The product is good. Mimecast's support is not the most flexible.

Negative

On a scale of one to ten, where one is a difficult initial setup, and ten is easy, I rate the setup an eight. The setup was easy.

It was deployed in my organization through the cloud.

The deployment took two days.

The deployment was done by one person.

On a scale of one to ten, where one is cheap, and ten is expensive, I rate the pricing a ten. It is an expensive tool, especially when compared to Microsoft Defender.

The poor thing about Mimecast is due to their unwillingness to move our center IP to a different center IP. So it doesn't get a bad reputation with Microsoft, and they refused to do that. So that's why I would possibly end up choosing a different solution.

To those planning to use the tool, I would ask them to make sure they put you on an email server. However, it has got a bad IP reputation because it refused to move off to a different server.

Overall, I rate the solution a five out of ten.

We use Mimecast to deliver email security to all of our clients. Between all of our customers, we have about 3,000 to 4,000 users. Some of our clients use Mimecast DMARC, too. 

Mimecast gives our clients peace of mind and helps them educate their users about email-based threats. 

We like Mimecast's spam filtering. The email signature feature is also a big plus for our users.  

Lately, Mimecast's outbound mail servers have been regularly blocklisted by spam filters. That didn't happen a few years back, but it seems to be a more frequent problem these days. When a server is blocklisted, it means all of my outgoing mail ends up in the recipient's junk mail. That affects my reputation and business confidence. 

I have used Mimecast for about 10 years.

I rate Mimecast eight out of 10 for stability. 

I rate Mimecast nine out of 10 for scalability. 

Some of our customers can't afford Mimecast, so we offer SpamTitan as an alternative. Mimecast is our preferred vendor, but we want to help secure our clients to the best of our ability. 

A few years ago, our team found the implementation to be somewhat challenging. It has gotten easier as we've grown more experienced. The difficulty depends on the expertise of the person doing it. 

I don't work with Mimecast every day, so it might be more difficult for me than it is for one of my techs who regularly does Mimecast implementations. It requires some specific in-depth product knowledge and an understanding of email solutions. 

The deployment time varies. In South Africa, it depends on who you use to deploy it. If you use one of Mimecast's local partners, it can take up to two weeks because of their process. However, it's only about four to eight hours of work. 

After deployment, there isn't much maintenance aside from supporting and educating your customers. Users require constant education on how to use the Mimecast client and release an email that has been blocked.

ROI is hard to quantify for security solutions because the client's return is that they don't have any breaches. We don't know how much a breach would cost them because it's all speculative. 

It's similar to home security. How do you quantify the added value of each component, like alarm systems, fencing, lighting, etc.?  Mimecast is like an electric fence. The lighting could be your EDR.

I rate Mimecast three out of 10 for affordability. It's much more expensive than competing solutions. It's like Mercedes versus Toyota. Pricing is always an issue. Mimecast charges per user. We pay about 2,500 rands per 50 users, so a client with 300 users pays about 8,000 rands a month.

You also need to pay an additional fee for support. It's around 3,500 rands a month. You don't get any support unless you purchase it, so we provide support for our customers. 

I rate Mimecast Email Security eight out of 10. 

We use this solution for email threat protection and archiving. 

We have 99-year retention and that has enabled us to get down to a 60-day retention policy on our emails, so that's pretty cool. In the current environment that the world is in, everyone is trying to hack everyone else, so Project+ definitely helps a lot there.

The lock in is very, very tight. It is impossible to move out of Mimecast to a different product, like Proofpoint or 365 ATP, and keep the chain of custody for every email that I've archived.

The reaction time between a new threat being identified and Mimecast picking it up needs to be narrowed a bit. That gap needs to close. But other than that, I think it's good.

I have been working with this solution for just under three months.

The solution is very stable. It's very fast compared to native exchange online archiving. 

The solution is scalable. We actually have about 14,000 users on it at the moment and predict that to go up quite a bit in the near future. We have about 20 employees working as the core admins.

I worked with native Microsoft ATP before this solution. 

I'm always going to say the price needs to be lower, but it's reasonable. We pay annually for licensing, support, and training. It's about eight and a half million RENs. 

In terms of the actual email protection part, if we need to release emails, that is possible for the end user with certain caveats, and it works very well.

My advice to those considering this product would be to go for it. It's a very good product. I think it's one of the best in its class in terms of threat protection. I would rate it as an eight out of ten.