Cisco Secure Email Reviews

We are using Cisco Secure Email to monitor the outgoing and incoming mail traffic in our financial institute. We have nearly 900 branches all over India. We have an on-premises mail server in which we use Cisco Secure Email as a gateway for all the mail, both incoming and outgoing. With that, we monitor all the antivirus, anti-spam, and other content filters. We have configured things like proxy, spoofing, and many other features. We have also configured DLP for the outgoing mails. It was quite good to monitor all the mails using Cisco Secure Email.

The features or capabilities of Cisco Secure Email I have found the most valuable so far are basically the security, anti-spam, and anti-filter capabilities. The AMP and Sophos engines are working here. It was quite easy because 90% of security breaches happen through mails only. With Cisco Secure Email, we can control the breaches and all. It was a major positive thing compared to other products.

The integration of Cisco AMP for Advanced Malware Protection with Cisco Secure Email has helped our organization's security posture. With that, we can know the global signature and the hashes and also real-time threats. It was quite useful, and we have also integrated with our IBM QRadar. All the logs which we get from Cisco Secure Email will be forwarded to SIEM also. Cisco Secure Email has many integrated options with the threat intelligence tools, so it was quite easy to monitor in a secure way.

The areas of Cisco Secure Email that could be improved or enhanced are the slowness in the console. I don't think it was a database error or something, but we feel some slowness in configuring DLP and other content filters compared to other consoles. It may have been due to on-premises, but it was much noisy at some times while configuring DLP. When we tried to configure a DLP policy, the console became much slower. In that case, we cannot see what had happened in the mail which was blocked at that time. It may take nearly an hour to get back to normal while configuring policies. That is the major issue in the product.

I have been working with Cisco Secure Email for the last nine months.

My thoughts on the stability and reliability of Cisco Secure Email is nine out of ten.

Positive

My thoughts on the scalability level of Cisco Secure Email is nine because of the delay in making a configuration and the slowness in the console.

Positive

Regarding my interaction with the technical support of Cisco Secure Email, it was zero downtime for the mail production. If any issue arises on the customer side or on our end-user side also, it will be much easier to follow on the Cisco side. I worked for nine months in the console side. We did not face any issues. It was quite easy to configure, and quite easy to know what the issue was. We did not feel any problem in the console side. If any problem arises, you can easily come to know that it is a problem and that it can be resolved this way. If there is any problem which we do not know about, we just raise a tag with the Cisco team. Within half an hour, the team person will arrive, and the issue will be resolved in an hour. There have been no escalations happened in the last over nine months I have experienced so far. As a technical person, I feel that is the one, because the support and the console should be easy to handle. That is how we can minimize the downtime in the production area.

Positive

Before Cisco Secure Email, I used a different solution for the same use cases. I actually worked with Check Point Email Security. It was a cloud-based solution, but it was not a gateway solution. It was integrated with email, such as Microsoft and Gmail. In gateway, Cisco Secure Email was the solution, and I have quite a bit of knowledge in Sophos email gateway also. Compared with other mail security things, Cisco Secure Email was much better and easy to deploy also. The deployment has a cluster and other additional options. Based on that, it will be a good suitable solution for the enterprise customers.

For the deployment process, I currently have migrated our on-premises Cisco Secure server to a VM-based Cisco Secure Email. We have migrated our hardware device to VM. In a couple of days, we migrated those things. It was much easier in the deployment phase. Currently, we have migrated our DC console. The DR was in process. We did not face any issue on that migration. In deployment, the initial deployment also was quite easy. When we start to move the on-premises gateway for a mail server, there will be much issue in starting. With Cisco, it was much easier. Even with customer support, there was reliable support on the Cisco side. That is the case we are going with on the Cisco side.

The automated features such as URL analysis and content filtering have benefited our security operations. We have enabled the URL filtering and other content filter options such as profanity. We have integrated many things, such as suspicious ID-based things and also DLP-based policies, and spam control. We have integrated many things. In the content filter, there was one good thing: we can create a customized content filter. If you have an environment of a financial institute, based on that guidance, we can create specified content filters based on our environment. Compared to other things, it was quite easy. It also has some templates. With the template, we can also create the content filters. It was quite easy to make those content filters to monitor the outgoing and incoming mails.

In assessing the effectiveness of Cisco Secure Email's threat prevention features, we have two engines such as Sophos and AMP, Advanced Malware Protection. Currently, we are using a Sophos engine only to monitor the threat-related things in our email. It was much great compared to other engines because it was not too much of a false positive. It was most helpful in analyzing the mails because over 900 branches, we have nearly, over a day, we can get nearly 10,000 plus mails. If any false positives are raised, there will be a bunch of blocks in that, but the Sophos engine was good in that. There are no false positives, majorly. It was a major thing.

For advanced sandboxing, we do not use sandbox in Cisco Secure Email. For sandboxing, we are using Threat Grid. We are using Cisco Threat Grid for that.

In reporting and tracking, much of the time we used to track the mail ID which was already quarantined or if it was not delivered through our gateway. With the message tracking and reporting, we can see the clear view. We can see where the mail started and where it ended. There is a view of any fail in the anti-spam or antivirus. Also, the default mail security things such as DKIM, DMARC, and SPF, we can see clearly. With a single sheet of tracking, we can get a complete view of the mail. We can see who was the sender, what was the public IP, what was the actual domain it was configured on. With that, we can come to know whether the mail was delivered, whether the mail is malicious, or whether the mail has bounced back. It was a major good thing. In reporting also it was a major good. Tracking and reporting was good in Cisco Secure Email.

If it were a cloud solution for small and medium-scale customers, it would be quite easy to manage the email because no one will handle the email in our on-premises server. If it were in the cloud, it would be easy to handle, and the actual working is easy for the technical team. For a large environment, they need to go with on-premises servers only because if it were in a cloud solution, it would be much costlier for the enterprise customer. For small and medium-sized customers, there will be many other solutions such as Check Point, Proofpoint, and other Forcepoint email security available. Compared with Cisco, I think other solutions such as Check Point and Proofpoint are good for small and medium-scale customers. For enterprise customers, Cisco Secure Email is a must-have and good to monitor. The overall review rating for Cisco Secure Email is eight out of ten.

For our primary use case, we use Cisco Secure Email to handle email traffic coming from external sources to internal mailboxes. It focuses on email protection, ensuring that unwanted or malicious links do not get opened. Any suspicious links that attempt to download on users are avoided, and attacks originating from emails get blocked at the Email Security Gateway.

My favorite feature of Cisco Secure Email is the threat intelligence capabilities, particularly its integration with Cisco Talos. By receiving feeds from various stakeholders, it provides faster detection of attacks. The integration with the Email Gateway is crucial for detecting email activities. It also possesses multiple modules for spam detection, malware detection, and threat intelligence, which are valuable in categorizing emails and determining actions.

In some cases, detection is missed, leading to false positives where genuine emails are flagged as spam. This could result in users not opening genuine emails. We have highlighted this to Cisco because sometimes phishing or marketing campaigns, which are genuine, are incorrectly flagged as spam. The solution should better analyze the actual content rather than only focusing on the email header or origin.

I have been using Cisco Secure Email for almost five to six years now.

I rate the stability as eight out of ten.

The on-premises hardware is not very scalable, but switching to the SaaS offering is expected to improve scalability.

The support is pretty decent, with a rating of eight out of ten.

Positive

Setting up Cisco Secure Email is relatively easy, and I rate it eight out of ten. It takes around a week to analyze and transition policies from learning to blocking mode.

For Cisco Secure Email, the ROI isn't specifically calculated as it functions akin to a security or medical insurance. The focus is on preventing attacks, which can have a larger impact than the investment itself.

Given our user account, the pricing for Cisco Secure Email is moderate, and its cost is bundled with other Cisco products.

We considered alternatives like Proofpoint and Check Point. Proofpoint was not chosen because their nearest data center is in Singapore. However, due to its better detection capability and scalability, Proofpoint would have been the preferred choice if not for the geographic constraint.

I recommend Cisco Secure Email and I rate it eight out of ten. Cisco is a pioneer in security, but Proofpoint has a more focused SaaS offering with improved detection and scalability. Customers should decide based on their requirements and budget. I regard Proofpoint as the top choice, followed by Cisco and Check Point.

Positive

We would have the product at the edge, passing it off to another service like Postfix. It was a platform that allowed us to sell a service to customers, enabling certain clients to email us securely. We used it to take everything through email security, which included policies allowing specific emails from certain domains.

It provided a platform to sell a service to customers.

The logs are easily readable and help diagnose problems, although they can be difficult to find initially. The solution addresses our email security, but for the rest of our security, we would use multiple vendors. It covers everything through email, like antivirus, IDS, and IPS. 

We've got policies that only allow us to receive from certain domains and emails within those domains. We pass that on to Postfix. That sorts out anything attachments-wise. It eventually goes through a Palo Alto firewall for the traffic. Anything malicious is picked up across all of the vendors in that solution.

The user interface needs massive improvement. While the device works fine and it's not complicated to write policies, renaming menu items and showing policy flow in conjunction with the application could help.

I used the solution for about seven years.

Considering it was a Cisco C170 before I joined the company, it had hardly any issues with the IronPort.

Cisco's tech support can be hit or miss, depending on the engineer you get. But ultimately, if there's an issue, we can contact the account manager or another engineer.

We did not use a different solution before this one. We chose Cisco Email Secure because we're a big Cisco house with familiarity with the product stack.

I personally did not see any form of return on investment, as I am just an engineer.

The licensing is a mess and needs sorting out. I am not really concerned about the pricing because I only make recommendations, not buying decisions.

I would rate Cisco Email Secure about seven out of 10. Get used to the user interface and always click the save button to ensure changes are applied. 

We use it primarily for filtering both internal and external messages, especially within our Office 365 environment. It serves as our main filtering solution.

The most significant enhancement we've gained is in terms of security through the upgrade we received.

The pricing needs to be reconsidered or enhanced.

It offers good stability, we never faced any issue.

It is highly scalable. We have a user base of over forty-two thousand individuals.

Another company assisted in our deployment process. It's relatively easy to handle maintenance since another company takes care of that aspect. We focus on managing features and handling basic administration tasks.

We haven't observed significant value in terms of ROI.

The price is significantly high.

We are in the process of assessing alternative options and examining various products, including technologies from companies like Barracuda and Microsoft Defender, which already include certain features. Finding alternatives is challenging because Cisco is unique and requires specialized skills, making it more expensive. Unlike Microsoft EOP or Defender, where the transition is smoother, Cisco's system is distinct and demands specific expertise.

Overall, I would rate it seven out of ten.

We have a number of different types of customers and organizations who need to secure their environment. These range from healthcare professionals to financial organizations to very small organizations. They have a number of security requirements, whether it's just to secure the actual environment where they're working and also to provide additional services, such as VPNs and remote access for their remote workers.

Most of the customers that I work with tend to be on-prem, and a lot of them go with the centralized management system, FMC, purely because it has larger memory and larger hard disk space, and it can hold reports for a much longer period of time. Also, as their network infrastructure scales, FMC can manage more and more of their devices, and they're not having to manage individual devices. It's all centralized for them. 

A lot of our customers use another Cisco product already, so they have confidence in Cisco products. The firewalls they are currently deploying and using have evolved from their older ASA products. They are now moving to the new Firepower Threat Defense, which incorporates many more features and allows them to get the latest ALOFT download and feeds for any security vulnerabilities and they're able to react very quickly to any vulnerabilities that have been highlighted.

Initially, when the firewalls were first marketed and came onto the market, the visibility wasn't very good. But as the software evolved over time, that visibility has increased a lot more, and that is giving customers a lot more competence in the traffic and the traffic flows that they're seeing through the actual devices, so they can better understand the types of applications that they have on their network.

The good thing about the actual firewall itself is that it can integrate with other Cisco products, such as Cisco ISE so that it allows full end-to-end visibility of connectivity. It gives very good visibility. It's that integration with other products, not just what that individual firewall can do itself.

Talos is obviously fundamental to the actual firewall, reporting on vulnerabilities that are happening day to day. And the regular downloads, obviously, give customers confidence that their products are as secure as they can actually be.

There are a number of valuable features because we have that sort of single product that can do a number of different things, but remote access for users is very important, and visibility of the types of traffic that are passing through the actual appliances is very good, and the reporting of the devices is very good. 

It's not just the firewalls themselves, but one thing I think, where certainly firewalls and other products could actually improve, is in the licensing. Licensing is quite complicated for a number of customers, including ourselves. The licensing appears to be changing on a regular basis depending on the product and the software versions, so we are constantly having to keep up to speed with the different licensing types.

I have been using Cisco Secure Email for over ten years.

When most software evolves, the software becomes more stable and feature-rich. As we're seeing with the latest version from seven onwards, it's a lot more resilient and a lot more robust. The actual GUI interface is also a lot slicker now, whereas before it was a little bit clunky. We've definitely seen improvements with the latest version of Secure Firewall.

We typically work with customers to price space. We don't typically work with customers in the service provider realm where they would typically have very large scaling of firewalls. They would do clustering and things like that. We know that these features are available, but that's not a particular area that we would actually work in. But, obviously, there's a breadth of Firepower products and platforms, and we can actually scale or arrange the correct firewall for the particular needs of that customer.

As with most Cisco products, we typically find Cisco and their support very good. In the unlikely case, we have to raise a tech issue, they're very responsive, and they generally always provide a quick resolution to any encountered problems.

The tech engineers are very knowledgeable. The tech engineers who pick up cases know the product very well. And they always dive deep into the problem and provide regular updates to us or to the customer. If there are any other problems that are noticed after we've had an issue, the case can be reopened and investigated further.

Positive

We and our customers use a variety of different firewall manufacturers, not just Cisco. And as with all vendors, some have better properties or better features than others. Cisco Firewalls for Firepower had to use the centralized management system, FMC, but where some customers prefer just an On-Box GUI to configure the device, Cisco was playing catch up with other vendors who were operating in that same area. But what we found is that with later versions of Firepower and also FDM which is the On-Box management, those features have now come leaps and bounds. They are now on par with the centralized FMC to the FDM, allowing customers an easier way to deploy these products not only on-premise but also in the cloud.

I would give Cisco Secure Firewall an eight out of ten. We're expecting that with later versions of software, again, more features will become available.

We have approximately 2000 employees and we sell a variety of Cisco solutions and products. 

I use the solution in my company for email security. The tool is the email gateway we use for email security in our company. Cisco Secure Email acts as the first level of defense in our company's email security flow. When an email arrives, it first arrives in Cisco Secure Email Gateway, after which it gets filtered there, and then it passes through our Microsoft 365 Defender.

The tool's most valuable feature in preventing security breaches revolves around the area of malware protection that the product provides. I don't use the product much for URL filtering or spam filtering since you need to work with the configuration a lot.

I would like to see features like AI since it is currently an area that the product lacks. With AI, the tool would learn and know when an email is fraudulent or is coming for the first time to our organization. If a domain, for example, is very new and was created a while ago, and if it has a bad reputation, then it should automatically block it and not allow it to pass. I would like the product to have a self-learning mechanism based on AI, similar to some other tools.

I have been using Cisco Secure Email since 2019. I use the solution's latest version.

The product is used on a daily basis in my company.

Around 150 people in my company use the product.

I cannot say whether my company used to use another product in the past since I was not a part of the organization before 2019.

The solution is deployed on a public cloud, and it is taken care of by Cisco.

In terms of the benefits from the use of the product in my company, I can't say that I have seen any cost reduction happening, but at the same time, I also need to consider that it is not a very costly product. The price of the product is normal in my opinion. The tool is not cost-effective. One cannot experience any ROI from the use of the product or any cut down in costs. The product is available in a good price range. On a yearly basis, one needs to pay and renew to use the product.

I consider Cisco Secure Email to be a reasonably priced product. I rate the product price as six on a scale of one to ten, where one means it is a very expensive tool.

I have not noticed any impressive advanced threat protection mechanisms in the tool.

I don't know if there are any AI features in the product. I don't know if there is any other technology embedded in the solution.

Cisco Secure Email successfully mitigated potential email threats. My company has seen plenty of scenarios where Cisco Secure Email successfully mitigated potential email threats, spam emails, and fraudulent domains. The product is good for dealing with spam emails, and it can take care of more than 100 spam emails per day. A huge number of spam emails are monitored with the help of Cisco Secure Email.

I would not recommend the product to other businesses because you need to have some kind of expertise in configuring and knowing a bit about the tool's GUI. The tool also lacks in the area of AI mechanics. If I would like to have an overview and review another solution, I would go for another product other than Cisco Secure Email.

I can definitely suggest others to look at the product and review it, but I would also recommend that they compare it with the other solutions in the market. I wouldn't prioritize Cisco Secure Email over other tools.

Either the support partner of the product or I take care of the tool's maintenance phase by looking into the configurations and doing some fine-tuning.

I rate the tool a seven to eight out of ten.

My company operates as a service provider, and we use Cisco Secure Email so that we can secure the endpoints, systems, and emails in our data center.

The most valuable feature of the solution is the ease of use. It is easy to set up and manage the tool.

There are some concerns in the way the architecture is set up, making it an area where improvements are required. When you set up the tool, the way you put your SMTP routes should be possible through an easier process.

I have been using Cisco Secure Email for ten years. I am a customer of the tool.

The product is stable. The only challenge is the IPs get easily blacklisted. The IP addresses of IronPort devices easily get blacklisted. Cisco should make items to contact the companies whose IP addresses get blocked. During the configuration of the tool, there should be some provision in the product to indicate which IP addresses are from IronPort devices and not from the server.

It is a scalable solution.

My company uses three Cisco Secure Email solutions in parallel. In my company, we have set the product for different segments or networks, but all three sync well with each other and work fine.

For administration purposes, there are five people who use the product. As end users, there are over 2,000 to 3,000 people who use the product.

I am happy with the responses and the solutions provided by the solution's technical support.

The product's initial setup phase was easy.

The product's price falls on the higher side when compared to the other products on the market.

Whether the product would be worth the money for a business is something that depends on what a company is trying to do with the solution. If you are looking at the profitability angle, the new can get cheaply priced solutions in the market. I work in a government organization where profit alone is not our goal, and we need a product that offers security.

I recommend the product to those who plan to use it.

The DLP feature in the product is not a functionality that we have configured yet, but we do have access to its settings.

A beginner can learn to use Cisco Secure Email through a straightforward process.

Cisco Secure Email has integrated with our company's existing email gateway in a very straightforward manner through a configuration process involving IronPorts, and then URLs on IronPorts are set up.

Though it is easy to set up the product, the cost of the solution is not favorable for everybody.

I rate the tool a seven out of ten.

I primarily focus on managing secure settings for our organization. About ninety percent of my work involves overseeing security measures. I begin by concentrating on the operational site and then extend my attention to other aspects, such as network sites. As I progress, I tackle new tasks that come my way, often centered around enhancing security and efficiency.

The primary consideration for adopting a new product revolves around its most valuable features, and this assessment is product-specific. In our organization, we heavily rely on this evaluation to determine if the product aligns with our needs.

Capital expenditure is a significant consideration, and the impact on major expenditures prompts a careful analysis before onboarding the new product. We evaluate its suitability for our organization, assessing whether it aligns with our requirements.

Many smaller businesses opt for more cost-effective solutions, such as Gmail or Hotmail accounts, instead of investing in Cisco Secure Email, given its higher cost. While theoretical knowledge, especially in terms of POC and PNA technology, is commendable, the challenge lies in the practical application.

We have been working with it for the past five months.

The stability depends on the volume of the workload.

It provides a high scalability. Our customers are enterprise businesses. I would rate is eight out of ten.

It provides good customer support services. I would rate it nine out of ten.

Positive

The ease of deployment is contingent upon the size of the organization, specifically the number of users and titles involved. If the deployment is for a smaller organization, with a straightforward configuration, it can be completed quickly, often within a month or two. In contrast, for larger enterprises with a significant number of users, numerous branches, and a complex organizational structure, the deployment timeline can extend to six to eight months.

It is a relatively expensive option compared to other alternatives. I would rate it eight out of ten.

While Cisco is a preferred choice for larger enterprises, its products, especially in the realm of security, tend to be more expensive due to their advanced features. Many organizations commonly rely on Microsoft Outlook for their email needs. Transitioning to Cisco security solutions, including Cisco SecureMail, requires careful consideration and typically involves a learning stage. The decision between traditional hardware and virtual machines (VMs) for deploying solutions like Cisco Secure Mail often depends on financial considerations. VMs are generally more cost-effective compared to dedicated hardware, leading industries to increasingly favor VM deployment. The choice is particularly relevant when the server's capabilities are robust enough to meet organizational needs. Overall, I would rate it nine out of ten.

We use Cisco email security against threats such as phishing and malware and block weaponized URLs. Cisco provides a cloud solution, along with the appliance, and a hybrid solution is also there. We deploy the solution as per the customer's requirements.

The solution is very robust because it talks to Cisco Talos. Talos is the number one threat detection engine, the most trustworthy and used globally. That's one strong reason we back our products. Not only do we use it on our premises, but this is the product's main USP when we sell it.

Cross-platform is one major pain point. Many of our clients use an open-source Linux system. These components cannot provide for any Ubuntu or any Linux open-source system, and that's where we get stuck most of the time. Previously, we were doing a POC for Cisco Umbrella, and we got stuck at the point where the customer had almost 200 to 300 of his endpoints, almost 80% of his workforce, working on Linux. This was both on the server and roaming user sides, and Cisco has no solution for Ubuntu. We have raised this suggestion many times when interacting with Cisco during seminars and webinars we've attended. However, we only got feedback from them that they will introduce that feature very soon with their Cisco AnyConnect agent. But it's still only available for Windows and Mac.

I've used this solution for one year.

The product is stable. There have been no complaints from the customers. Fine-tuning is important, which will come whenever you go live, especially for larger domains where customers have 1,000 or 2,000 email IDs and multiple domains. That is the only challenge where we have to fine-tune the policies. But the product is stable.

Cisco Email Security's scalability is good. We have had a couple of cases where the user increased the licenses. There is no challenge to scalability. For the past year, there have been four to five customers to whom we have sold the product.

Cisco's technical support is excellent. Whenever we contact tech support, the hierarchy starts with our regional ACs. If they cannot resolve our issue, we contact TAC, and TAC is a ten-on-ten. They're well versed with their technology. They know the capabilities of their product and how it works. The one thing we expect when we contact an OEM technical person is clarity on the subject and the issue. There should not be a gray area. When we reach out to them with any issue and when the customer is also on the call and has already purchased the product or is about to purchase the product, the most important thing is for there not to be a gray area in figuring out whether the product will work or not. That's more important than providing a prompt solution. Cisco's tech support always clarifies whether a feature will work before proceeding with the solution. If it is possible, they always provide the solution. If it is impossible, they provide the proper documentation explaining why it is impossible.

Positive

The initial setup is straightforward. That's one of the main USPs, the deployment of these products. It takes hardly 20 minutes to deploy Umbrella over a network. And with email security, it's less than a one-hour job. After deploying, the fine-tuning part comes. That comes under the policies, so I don't count that under deployment. The next step will take another one or two hours, but not more than that.

When deploying the solution, we first go on a call with the customer, understand their pain points, and understand their existing network. We have to analyze the scope of work before deploying. Depending upon the existing setup the customer has, we make our steps. "Is there any prerequisite required? Are there any virtual appliances needed in the network to be deployed?" Accordingly, we will plan our activities. In a two or three-hour call for the first session, we have to define what we have to cover, and in the second session, we have to define the success criteria. The deployment is not a template. It changes from customer to customer.

Cisco's price point is good. When we talk about Cisco to our customers, they already have the mindset that Cisco has a particular price point. It beats other competitors when it comes to the quality of the product.

I rate Cisco Secure Mail a nine out of ten. Cisco is improving. We had a session where we asked them to improve their GUI. They have improved it and the end-user experience because it was too mechanical a dashboard earlier, where it was difficult to find mail logs. We recommend the solution.

We use Umbrella for our DNS layer security, blocking all the DNS layer threats. For endpoint security, we are using Cisco Amp. Whenever there is a requirement, we hunt for greenfield opportunities where no Cisco solution is present. We can then create a window where we can reach in. We deploy one product and then explain the single vendor advantages to customers. That mostly goes with the Cisco Umbrella, which goes hand in hand with Meraki. Once the user gets his ecosystem on Cisco, giving a single vendor solution is possible.

Similarly, XDR is there. XDR is one of the key products we're pitching these days. It's a simple single glass pane where we can orchestrate all the customer's products from a single dashboard. That's a major concern we hear these days from security personnel and IT teams. They have several products from several OEMs, and whenever it comes to orchestration or finding a glitch, they have to access all the products independently on different tabs or screens.

As far as policies and security with the components are concerned, Cisco is the perfect product.