Coming October 25: PeerSpot Awards will be announced! Learn more
Buyer's Guide
Email Security
September 2022
Get our free report covering Cisco, Microsoft, Microsoft, and other competitors of Cisco Secure Email Cloud Mailbox. Updated: September 2022.
634,325 professionals have used our research since 2012.

Read reviews of Cisco Secure Email Cloud Mailbox alternatives and competitors

Director of Office 365 Services at a manufacturing company with 10,001+ employees
Real User
Catches emails that others don't, and we can escalate messages to the Incident Response team for additional expertise
Pros and Cons
  • "The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful."
  • "There is still room for improvement with BEC. There is more work to be done by Perception Point on machine learning and neuro language as well. BEC is very difficult if you don't have a computer language looking into the content of the email and trying to make a determination through that. With BEC you often don't have an attachment or a URL."

What is our primary use case?

We use it to scan email for security purposes. 

It's all cloud, there is no on-premise footprint. All the infrastructure is Perception Point infrastructure.

How has it helped my organization?

Judging the effectiveness of Perception Point when it comes to detection is difficult because we do not have only Perception Point in our email security flow. Perception Point is the last line of defense in our protection process, what we call a third-tier of protection. Before Perception Point, we have two layers of Microsoft in place, and those two layers filter quite a lot. We wanted to add another layer from a different vendor so that we were not only relying on Microsoft, but also because we knew Microsoft was not catching everything. That was proven through our PoC with Perception Point. Every month we catch a good number of malicious emails. Our focus is more on malicious messages than on spam, although it catches a good number of spam messages as well.

We escalate one or two emails per month that were not discovered by either Perception Point or Microsoft, so our overall effectiveness is pretty good. But Perception Point is certainly catching things that Microsoft does not catch. It is doing important work because an email that Microsoft does not catch is a risk if it gets into a user's mailbox. We are talking about 25,000 to 30,000 emails a month that Perception Point is catching that Microsoft is not yet detecting.

Also, Perception Point's Incident Response team is like an extension of our messaging team in the sense that we do not have the capacity or the resources to evaluate whether an email is malicious or not, especially for the type of volume we have. This was one of the key criteria for us when selecting a partner. With Microsoft, a lot of it is done by machine learning, but we do not have a Microsoft team making a determination about emails or a team that we can easily escalate issues to or turn to for an email security conversation. Perception Point performs a really important part of what our vision is for email security.

We have also created an integration where users are able to report phishing attempts, and those emails are scrutinized by the Perception Point Incident Response team. That is an additional benefit. They're adding value both through qualifying our emails and through reviewing messages that our users report as phishing attempts.

We have another integration between Perception Point and our endpoint solution. That is something Perception Point actually offered so that if the endpoint solution finds something where the entry point was an email, there is an automatic interaction through which Perception Point does a review and removes things from the email box. That is an added benefit.

What is most valuable?

The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful.

It also has features for detecting branding impersonation.

And specifically, when it comes to protecting our VIPs and avoiding BEC (business email compromise) attacks, that is another important part for us.

It scans pretty much all content, so it's full-scale. We see in our dashboard how emails are categorized by different engines. There isn't just one engine that determines whether an email is malicious. They have a multi-engine architecture for detection of malicious emails. They provide full scanning of email.

What needs improvement?

There is still room for improvement with BEC. There is more work to be done by Perception Point on machine learning and neuro language as well. BEC is very difficult if you don't have a computer language looking into the content of the email and trying to make a determination through that. With BEC you often don't have an attachment or a URL. That is an area where there is certainly room for improvement.

For how long have I used the solution?

We have been using Perception Point Advanced Email Security in production since August of this year, so more than four months. Before that, we ran a PoC and we were in pilot mode for about another six months.

What do I think about the stability of the solution?

We have not had any issues with the stability in production. We had some small issues during the PoC, but they did not have an impact on us because we were just in monitoring mode. And regarding the issue with Amazon this week, we were not affected, because it was in the US and we were not using the infrastructure in the US.

What do I think about the scalability of the solution?

We haven't seen any issues with emails failing because they are delayed or in queue. We haven't been aware of a situation where users are waiting for an email. To a certain extent, it's because we are not running inline so Perception Point cannot be a bottleneck because the users have the emails in their mailboxes. A customer that runs the solution inline may have a different opinion because email will not arrive until Perception Point has processed it.

How are customer service and support?

Perception Point's team in general, whether it's the support people, the management, or the sales folks that were engaged with us, have been very good. Often, when a company is at the PoC stage, they engage with you and try to demonstrate that they're good, but once you have signed a contract that might fade away. That has not been the case with Perception Point. They are very responsive and very attentive to our requests. The support has been very good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was in between a straightforward and a complex process. We had some hurdles at the beginning because of some issues with AWS.

Also, the way we have rolled out the solution is different from the way Perception Point normally rolls it out for its customers. In general, it is known as an inline solution, where the traffic is scanned by sending it to Perception Point, and then they send it back to the customer before it reaches the users' mailboxes. But we did not set it up that way. We rolled out in another way that became available during the pilot phase. We decided to go for that option because we felt it was less risky when it comes to the email flow. If something were to happen to Perception Point or to Amazon, like happened to Amazon a few days ago, then the email flow would be affected and require us to take action.

The way that we rolled it out is similar to what the competitors do. The email arrives into the user's mailbox and is then scanned. It then takes any necessary actions in seconds or minutes. I don't know how much Perception Point is advertising this. We were the only customer that was testing this option and then decided to go to production with it.

From a protection point of view, the inline method, which is the preferred mode, is obviously more secure, because emails will not get to the end-users until they have been scanned. In our case, end-users are receiving the emails and, in parallel, they are being analyzed. If action is required, Perception Point will take the email out from the end-user's mailboxes. There is a small period of time where the user could click on an email that is malicious. But we made the decision to roll it out in this way.

We did the rollout in phases over three weeks in the month of July. We first rolled it out to our users in Asia-Pacific, and then to our users in America, and then our users in EMEA.

In terms of time-to-value, the solution was already delivering value during the PoC. The difference was that in the PoC, the solution was just alerting us and was not taking action. However, we had an agreement with Perception Point that if we knew with certainty that emails were malicious by code, they would remove them even during the PoC. When we moved to production, Perception Point was immediately taking action.

Another difference in our rollout was that we started with a goal of avoiding a lot of false positives, using an 80 percent accuracy level for the determination of maliciousness. That meant that if the algorithms thought that there was an 80 percent chance, or above, that an email was malicious, action was taken to remove it from the user's mailbox. We started to see that happen from the very first moment we went live. The value was there from the beginning.

After months of working in production with this 80-percent-and-above threshold, we changed in November to 60 percent. In the November numbers, we see a decrease in reports from our users of phishing emails. We still have to see if this remains the case during December and January. But this could be an indication of Perception Point now catching more, before users are required to report something as phishing.

What was our ROI?

I believe we have seen ROI. We are catching emails, important emails to our VIPs. We run reports facilitated by Perception Point on the numbers, but they also provide summaries that we highlight at the end of every month about emails attacking VIPs or impersonating VIPs. We can see that if an email had not been caught it could have been really malicious. From that point of view, the return on investment is there. Even one email that gets through is already one too many, but there is no 100 percent solution. When we see that, on top of Microsoft, Perception Point is catching 25,000 to 30,000 emails, that is a good number for us. As a percentage of the volume of email that we receive overall, those numbers are small, but they're quite big if we understand that there are 30,000 emails with potentially malicious implications for our users and our company.

Which other solutions did I evaluate?

We ran an RFI with different solutions, but we only did a PoC with Perception Point and another competitor.

One of the main attractions for us with Perception Point was the Incident Response team. Perception Point was one of the few companies that offered that feature and it fulfilled something that we did not have: the expertise and the capacity to look into emails. The other vendors that did offer something similar charged additional money for it.

The other piece was the inline versus post-delivery issue. We actually liked the idea of inline, but our management was attracted more to the idea of the post-delivery. Perception Point gave us the flexibility to do one or the other and that also was important to us.

In addition, the company and the individuals who engaged with us at Perception Point were very good in terms of listening to us and our requests, and in many cases, implementing them very quickly. Before we had even signed, they were already giving us solutions to some of our requests. That reaction, listening to our feedback and implementing it, continues now. We checked with some Perception Point customer references and they said that type of responsiveness won't change after you sign, and that has been our experience as well. We are still in contact regularly, discussing ideas and improvements with them.

Obviously, you need to be convinced about a solution on the technical side and see good results out of a PoC, but the service and the people behind it were part of what made us go with Perception Point.

What other advice do I have?

Whether you're looking at Perception Point or any other solution, the first thing to do is to find the weak areas with your current solution. Some solutions may be more targeted to a specific technology or type of threat. There are solutions that are very specialized in BEC, for example, and they're very good at BEC. So if your problem is with BEC, then maybe focus on them. Knowing your main problem will help in determining which solution to go with. Otherwise, you could be picking something that is not going to resolve your problem.

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Head Of Finance And Administration at a financial services firm with 1,001-5,000 employees
Real User
Top 10
Good gateway and email security with an easy initial setup
Pros and Cons
  • "It's really quite user-friendly. In terms of technical superiority and the product itself, there are no complaints. It is really cutting edge."
  • "We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee."

What is our primary use case?

We use Mimecast as our email gateway. We also use it as our archival service. All those phishing, anti-phishing, spear phishing, spamming, and other security filters that they have, we use all of them.

What is most valuable?

We have found email security very good.

The gateway is excellent. 

We have found the archival services to be very valuable.

It's really quite user-friendly. In terms of technical superiority and the product itself, there are no complaints. It is really cutting edge.

The initial setup is straightforward.

What needs improvement?

It was not so much about the product itself, however, their business model needs improvement. We have subscribed to an archival service, and yet, when we have to get our data out, we have to pay a fee to get our own data. They charge an extraction fee. This is something which really worries us as a company.

For how long have I used the solution?

I've used the solution for about six years at this point. It's been a while.

What do I think about the stability of the solution?

The solution is stable. There aren't bugs or glitches. It doesn't crash or freeze. It's very good.

What do I think about the scalability of the solution?

The solution can scale well. If a company needs to expand, it can do so rather easily.

We have grown from about 2,600 users to about 4,000 users. We have added additional geography as well. The product is resilient enough to take care of all of this.

How are customer service and technical support?

We have contracts and we are also subscribed to a service plan. Whenever we have used it, the service levels have been very good and we have no reason to complain.

Which solution did I use previously and why did I switch?

We were previously thinking of an alternative to Mimecast for two reasons. The main reason is as an organization, we are in the financial service industry, and we have to show some data resiliency to our regulators. However, due to the fact that we're present in 30 countries, what happens is all Mimecast data is centrally hosted in one particular grid, which is preventing us from showing data resiliency to them. I want a solution that allows me to selectively map users to a particular geography. 

How was the initial setup?

We didn't find the initial implementation complex. It was pretty easy and rather straightforward.  We didn't run into trouble.

We are a complex organization. We are present in 30 countries. It was a mix of on-prem and some were in Office 365. Due to the set up of our own architecture, we had to undergo some labor, however, otherwise, the entire process was pretty straightforward.

What's my experience with pricing, setup cost, and licensing?

We typically use a subscription service. If there are version upgrades. We automatically get upgraded to the latest version, as it's a software as a service setup. We don't need to update it as Mimecast takes care of it.

If you need to extract data from their archival service, there is an additional fee involved.

As we are an enterprise customer and we have a relationship with them, what we are told by the reseller is that we pay about 40% of their list price for this product.

It's an expensive solution. There are other competitors, like Barracuda, who offer similar services. We believe that over the years, they have picked up, and their pricing is much more competitive than Mimecast. As an organization, Microsoft itself has really matured over the years. They offer probably 90% of what Mimecast is offering, and then you don't have to pay anything extra for it because it comes with part of the Office 365 licenses. That is why we also believe that there is a lot of room for Mimecast to get their act together, pricing-wise.

Which other solutions did I evaluate?

We evaluated a few other options such as Cisco IronPort as a security service. We evaluated Proofpoint. The comprehensive solution that Mimecast offers, however, really made us sign on the dotted line.

What other advice do I have?

We're just an end-user.

We use their Perimeter Defense plan, we use their Continuity plan, we also use email to archive. These are the three scales that we use from them.

I would advise others considering the solution to technically evaluate their competencies, their highs, and lows, first. Also, read the fine print, and understand the exact costs. A company will need to understand natively how much of Mimecast capabilities does Microsoft offer if you just subscribe to an Office 365 license. It might make them rethink using this solution.

From a technical standpoint, I would rate the solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Consultant
Consultant
Great protection, good privacy, and helpful support
Pros and Cons
  • "We are close to having 99% or 98% detection."
  • "It's not easy for an admin to check and decide if the email is good or not."

What is our primary use case?

This solution is not for endpoints. It's for servers.

The way that the engine algorithm detects different fingerprint signatures from files that are allowed to pass using other antivirus solutions is great. ESET just takes it and stops it. We are close to having 99% or 98% detection. It's really good.

What is most valuable?

I trust ESET to be the last frontier to stop something from attacking mailbox users. I consider it more valuable, even though having other layers of protection is important.

It's very easy to set up the solution. 

The solution offers competitive pricing.

Technical support is helpful.

It's a stable product.

What needs improvement?

The only thing I would like is a way to open the email that is going to quarantine. Based on the level of security, they cannot open the email to check the message. Even for the administrator, you have to create a security copy to be sent, which will lock the log support. It's not easy for an admin to check and decide if the email is good or not. That is the only thing that I'm seeing could be improved.

Basically, ESET doesn't have the ability to let the administrator release an email showing the message on the email. It's not possible. 

If you want to have an email review, you have to select an option to send a copy. In the way that they designed the system, for security, they are not letting anyone even have the admin privileges to make this happen. Privacy is at a really high level.

For how long have I used the solution?

I've been using the solution for about a year at my company. 

What do I think about the stability of the solution?

The stability is good. We don't have any problem with what we have now. We don't have any bottleneck. We don't have any congestion, nothing. That said, after being set up, you have to wait some days to allow their AI machine to detect and know what is good, and what is not, as it's in a new context.

Therefore, in the beginning, in the first days, the detection is still increasing, and this is normal. By the second day, it was a little bit better. After a week, we saw a difference, and after a month, we have really good security as it's learned the system. At this point, we have quality detection and are not getting positive or negative quarantine applications. We're very close to 100% correct detection.

What do I think about the scalability of the solution?

We don't have a cluster, so we don't know about scaling. We have a single server. The escalation and the multi-tenant are available on that product. However, I don't use that for my use case.

We protect only the domain. We have 100 people using it. 

How are customer service and support?

We had support in the beginning. We had one instance where we needed a tweak, and another instance when we thought that the system was detecting something that it was not supposed to be. 

I asked for support a second time. However, it was a rookie mistake for us as we set out and added something to a block list. They have given us risk support and the ability to give us support. They connect to the server and check it. Each time was 15 minutes o assistance, and the issue was solved. We haven't needed much more than that in terms of assistance. 

Which solution did I use previously and why did I switch?

I'm aware of Cisco, Proofpoint, and Barracuda solutions, which are more expensive than this product.

How was the initial setup?

The solution is easy to set up and implement. 

We will receive daily reports and don't have anything to worry about. Nobody is asking, "Hey, release this and that." It's just reporting what was found in the email. That's it. We don't invest time to give support. It is really good. It works automatically.

What's my experience with pricing, setup cost, and licensing?

It was not expensive. I don't remember the exact cost. That said, it's really cheaper than Cisco, Proofpoint, or Barracuda. 

What other advice do I have?

I'm a customer and end-user.

It's a trustworthy solution that is easy to learn. Personally, I have 15 years of experience using it in my home to protect me, and it's been really good. 

I'd rate the solution ten out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Jefferson Monfardini - PeerSpot reviewer
IT Director at BRASP
Real User
Top 5
Good protection, technical support, well priced, and is easy to install

What is our primary use case?

I am a SonicWall certified professional, and my company has SonicWall ESP, as well as projects, security, and limited protection.

I am a reseller, as well as a partner.

SonicWall Email Security is used to protect from spam, viruses, and DLP.

What is most valuable?

The most valuable feature is that it protects from spam.

It is very easy to use.

SonicWall security is very good and well priced.

What needs improvement?

The reporting needs improvement.

I would like to see Spam Control and virus block features.

For how long have I used the solution?

I have been using SonicWall Email Security for approximately seven years.

The TZ Series is deployed on the cloud.

I use version 3300.

What do I think about the stability of the solution?

SonicWall Email Security is a stable product.

What do I think about the scalability of the solution?

We have 100 users in our organization who use this solution.

How are customer service and support?

Technical support is very good.

Which solution did I use previously and why did I switch?

Previously, I was working with Email Security by Cisco, which is very good but it is very expensive.

How was the initial setup?

The initial setup is straightforward and simple.

It took one hour to complete the installation.

We only need one person to maintain this solution.

What's my experience with pricing, setup cost, and licensing?

The price is good for both me and our customers.

When compared with Cisco, it is very well priced. Cisco is very expensive.

What other advice do I have?

I would rate SonicWall Email Security a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Security Technical Manager at a tech services company with 51-200 employees
Real User
Top 5
High detection rate, simple installation, and customizable
Pros and Cons
  • "Fortinet FortiMail is easy to use and the detection rate is very good. You can customize content filters and profiles are done easily. Additionally, there is a sandbox integration feature that is good."
  • "My customers frequently ask to have detailed documentation for FortiMail and FortiWeb as they have in FortiGate. What they currently have is not enough."

What is our primary use case?

Fortinet FortiMail helps protect our organization's emails from attacks and threats on their system.

What is most valuable?

Fortinet FortiMail is easy to use and the detection rate is very good. You can customize content filters and profiles are done easily. Additionally, there is a sandbox integration feature that is good.

What needs improvement?

My customers frequently ask to have detailed documentation for FortiMail and FortiWeb as they have in FortiGate. What they currently have is not enough.

For how long have I used the solution?

I have been using Fortinet FortiMail for approximately five years.

What do I think about the scalability of the solution?

I have approximately 10 customers using this solution.

How are customer service and support?

I am certified to give support and I have not used the support very often.

I have not faced any issues with the configurations. All technical support issues I had were because of a new feature that caused a bug that needed to be upgraded.

Which solution did I use previously and why did I switch?

I have used other solutions previously and Fortinet FortiMail is better than Cisco and Trend Micro IMSVA.

How was the initial setup?

The installation is simple.

What's my experience with pricing, setup cost, and licensing?

There is either an annual or six-month charge to use this solution. Fortinet FortiMail is cheaper than Proofpoint or Cisco Security, or other email security appliances.

What other advice do I have?

I would recommend this solution to others.

I rate Fortinet FortiMail a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Buyer's Guide
Email Security
September 2022
Get our free report covering Cisco, Microsoft, Microsoft, and other competitors of Cisco Secure Email Cloud Mailbox. Updated: September 2022.
634,325 professionals have used our research since 2012.