Cisco Secure Email Reviews

Cisco Secure Email is our primary gateway. We are a service provider in India. Cisco scans every email that gets into our system.

We faced a targeted attack. Most of our customers were targeted, but no one got the email. It was quarantined by Cisco. That is why we are still using Cisco.

The solution has no competition. ATP has been the most valuable in improving our email security posture. It has helped our customers too. The click-time URL protection is also valuable.

When we use multiple Cisco devices, we cannot manage the servers with a single UI. We must log in to each server for the management. We cannot manage multiple devices from a single UI. The solution has some inhibitions. They need to be finetuned.

I have been using the solution for 15 years. I am using the latest version.

I rate the tool’s stability an eight out of ten.

We are supporting around two million mailboxes. I rate the tool’s scalability a seven out of ten. It is a multi-server architecture, and I have to manage them separately.

We hardly get in touch with the support team. Whenever we got in touch with the team, the support was good.

We are using both cloud and on-prem versions. The deployment took less than two hours. We keep a backup of the configuration ready. Once we implement the server, we just put in the configuration and start.

We do the deployment ourselves. We also do maintenance and troubleshooting. We have around 20 L3 engineers on our technical team.

The pricing is good. We do not have any issues. I rate the pricing a five to six out of ten. There are no hidden costs. We know about the additional costs associated with the tool.

We do not integrate the product with other tools. I will recommend the product to others. Overall, I rate the solution an eight out of ten.

The solution is an email gateway.

The security features are valuable. I am satisfied with the product.

The user interface is a bit complex. It is not very easy to learn the product. It is not very intuitive.

I have been using the solution for more than three years.

The tool is stable.

The tool is scalable. We have eight to ten administrators. All our emails go through the solution.

There is a bit of a communication gap in support. The support persons must improve their responses.

Positive

The solution is cloud-based. The initial setup is straightforward.

Overall, I rate the solution an eight out of ten.

It provides good IT assistance. 

It is not user-friendly, and it is quite complicated. So, it should be more user-friendly. The GUI is difficult to understand. 

We have been using this solution for four years. We don't use the latest version of the hardware. 

It is a stable solution. Stability-wise, it is good.

It is not scalable. For scalability, Cisco products are not good. That is the problem. And for deployment, it's a three-tier architecture system.

We have around 200+ users.

Cisco's tech support is good. But they respond very late. The support in itself is good, so there is room for improvement. 

The setup is quite complicated. It took us one week to deploy. 

The deployment was done by the consultant company.

As per market availability, this solution is more expensive than other vendors.

My company is looking for a new email filtering server or system. So, I was just making the comparison with Cisco and FortiMail, and that's what we're actually looking for a new or updated system. So this is the reason I was doing this R&D.

Overall, I would rate the solution a seven out of ten. 

Protection against external email threats is our primary use case.

Less spam means more productivity; less time is wasted, helping both users and the security team.

Anti-Spam and Advanced Malware Protection are the most valuable features. They provide protection from most email threats and we also have the option to block Zero-day attacks.

The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations.

In terms additional features, I would like to see customization of reports and dashboards. 

There should be separately module for Phishing and Fraudulent emails

More than 4 years

IronPort is indeed a very stable solution, including both software and hardware.

Scalability is very good. We have not faced any hiccups over the years with a 15 percent increase per year in the number of users. We currently have 3,000-plus users in our organization.  It is one of the main security controls we have and is used extensively. We don't have any plans at the moment to increase usage, but that might change.

We connect through a local/regional partner. Cisco is not good in dealing proactively or even reactively, so we end up relying on partners.

I cannot answer in detail about the initial setup because it was done before my tenure began. In general, it is a complex configuration.

Regarding an implementation strategy, it is best to define basic policies that deal with malware and spam-blocking which apply to the whole organization and then configure specific policies for individual and departmental needs.

Deployment shouldn't take more than a couple of hours for a team of two engineers.

We have seen ROI in the processing time. It processes efficiently and fast. It is almost transparent in its operation. We only need to worry about our email infrastructure. Security and performance-wise, it does not add any overhead or latency.

I am familiar with McAfee and Symantec to some extent. But we have not used those solutions in our production environment. I can't say much about specific differences between the solutions, but Cisco is more stable and we have not faced any issues with its detection capabilities that would make us look at other solutions.

My advice would be to have a very good partner because Cisco will not be proactive in helping and educating you. They will do proactively health check on their device but they don't offer education/training free to the customers like other vendors do. 

It has a complex UI and configuration menu but the product works well, both in terms of security and performance.

I have experience as an SE for IronPort as well as a private consultant. I have used this solution in multiple environments.

I have been able to help customers improve their email security, both new customers purchasing Cisco Secure Email Gateway, as well as long-time users. 

The most valuable features are Advanced Malware Protection, URL filtering, and of course Reputation Filtering.

The reporting functionality needs to be improved.

I have been using Cisco Email Security for nearly 15 years.

We use it to secure our email system, to cut down on all the bad emails that we would otherwise receive. 

The reason for implementing the product was the huge increase in spam and junk mail which occurred when we were adopting these devices. There have been some changes in the way that email is delivered since then, and one or two of the major spam sources have been taken down or prosecuted or jailed. Today, we have less blanket-spam, but we have more targeted phishing emails or spear phishing.

The combination of emails with links that encourage users to give away their user login information can cause problems. When someone's account is compromised it can result in access to our global address list and access to emails that the compromised user may have sent. Therefore, they have details of the format and the style emails that our company uses. We have communication threads that they can take advantage of because they can inject their fake emails into an existing communication thread and try to fool a supplier or client into giving more information or, worst-case, giving money to the wrong person.

When we first had Cisco hardware, we were having significant problems in that we were getting something like 10,000 emails per device per hour. We have four devices, so if we calculate that up it was like 1,000,000 emails a day, and most of those, about 99 percent, were junk mail or spam.

We had a major problem with email, and introducing Cisco Secure Email Gateway systems was a set change for us. It reduced the number of unwanted emails by a huge factor. That has continued to be the case, from when we first got the devices, until today.

Previously, we had other email security appliances, and they were overwhelmed by the volume of email that we are receiving as a company. The introduction of the Cisco Secure Email Gateway systems had two effects for us: 

1. They significantly reduced the number of emails that were even considered for delivery or for being accepted into our company for internal routing.
2. It gave us another line of defense. We use the Cisco Secure Email Gateway systems as our first line of defense which we then follow up by another manufacturer's email security appliance, which gives us a second level. Subsequent to that, we've adopted another layer of email security. So we now run three layers.

Initially, the most valuable feature for us was the SenderBase Reputation, because that reduced the number of emails that were even considered by the system by a huge number, before we ended up processing them to get through the spam, the marketing, and the virus-attached emails. 

Since then, customized filtering has been very effective and useful for us.

In addition, Cisco has developed the product with its Talos product. They've developed the Cisco Secure Email Gateway systems so that instead of just specifically stopping known spam sources and using that to stop virus-infected emails, the Talos solution which they're now providing has a lot of attraction because it helps to prevent phishing emails.

Things such as Sender Domain Reputation, which is a relatively new feature, are attractive because when there's a pop-up domain, which might be a look-alike of your own company domain, or it might be a look-alike for some other company like Microsoft, it gets a bad reputation, and the Cisco Secure Email Gateway systems will reduce the possibility of these emails delivering to the recipient's desktop.

We have occasionally had hardware problems because we are using an appliance-based solution, but that might change.

More than five years.

The system is very stable. We have had very little downtime and the system is, in general, reliable. 

We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. We may consider going to virtual systems. In general, we have had a good experience with this product. The hardware, given occasional failures, has been very reliable. There is an upgrade process for keeping the system running with the most current, recommended version of AsyncOS. We have had very few problems where an upgrade has gone wrong. We've been very pleased with the solution.

The scalability is good because when you have appliances such as we have, if you have the infrastructure and the available resources, you can install additional virtual appliances. From the point of view of scalability, if there were a problem with performance, it is possible to add other systems or devices, even though they are virtual, and they all fall under the same control interface. They are all a part of the same cluster so they are all relatively easy to manage.

We currently have 11,000 employees and a large number of those users hold email accounts and email addresses.

We have a 24-hour operation because our company is located in 62 countries, so we have to respond relatively quickly because email is important. We have a department that deals with IT security and likely, at a minimum, we would have six people who have the capability to work on these systems. But in reality, because the systems are very stable, we have three or four people who regularly work on them. All the people who maintain the system are currently in the same department as me and all of them are considered IT security officers. They deal with other systems as well as the email.

Cisco's technical support is, perhaps, taking a different approach to the way that IronPort managed systems. Cisco tends to try and answer questions or problems by email more, initially, rather than talking to someone on the telephone. Sometimes that's not quite as good as IronPort was. 

But, in general, Cisco is good in that when we have a question they will respond quickly. But equally, because we've had these systems for several years, there is a good pool of experience in our security team so that we don't regularly have to ask questions of Cisco support.

We switched to using IronPort because it gives us a second line of defense from spam, phishing, and all the other problem emails. One of the reasons was that there was a major spike in the number of spam and junk emails that people were sending from when we first got these systems. 

The other system that we had was suffering from performance problems because it was being overwhelmed by the volume of emails that were being delivered to Fugro. The other product was still a good product, but it didn't have the performance to handle the volume of email. With the IronPort system being used as a first line of defense, it probably would have done everything that our previous system did, and we could have just removed it from our email processing.

However, we wanted to retain the old system because it had some nice features to do with additional email filtering. Having IronPort as a first line of defense was really good, and then, it was possible to do special filtering and other email reaping on this other system. The other system could then perform at a good level because it was not being overwhelmed by the huge volume of spam, junk, etc.

The initial setup was very straight forward. Having said that, we had a lot of experience in email systems before we set up these devices. But to get the most out of the functionality of the devices it took us some time to implement custom email filters. These were detecting targeted phishing email, although they weren't called that back in the days when we first got this type of hardware.

This was in the days before it was common to have virtualized systems. The systems we had at the time were probably the type that might have been considered by a small ISP. At the time it might have been Cisco Secure Email Gateway 310 or 320 systems. It was a long time ago. We have had those systems on contract since then. We've regularly upgraded the systems when the contract has been renewed.

We've had the systems configured in a cluster where the cluster spans more than one email gateway. Email gateways are located in different countries, so although we have different places where the email can be delivered to Fugro and from where Fugro sends email, the systems are all managed from the same interface and console, even though the systems are in different countries.

Because we had the systems before Cisco bought IronPort, we used some assistance from the then-IronPort company for the initial set up. But our own personnel were involved in training courses, so most of the configuration was done by Fugro people.

The IronPort consultants were very good. Because the company was keen for business, they were keen to assist us. At the time, we were, perhaps, one of the more unusual cases because of the quantity of junk, spam, and other types of emails that were being sent to Fugro recipients. IronPort, at that time, was very responsive, very helpful, easy to deal with and, usually, very knowledgeable about the product.

It would be fair to say we have seen return on investment using this solution, but I'm not the person who spends the money or places the orders so I do not have detailed information on it.

We did evaluate other options, but it was a long time ago so I'm not sure I can remember which other options we considered.

Having a good understanding of the product helps in the implementation process, so do some upfront training before you adopt the product. Be closely involved with Cisco support or the Cisco implementation team which will help to make sure that configuration is well adjusted and suited to your company.

I've used the product for more than ten years. Prior to that, it was IronPort. Cisco bought IronPort. We were using the IronPort products before Cisco bought them. We're currently using AsyncOS version 12.

We've used this product for so long, and we've been very happy with it, that we do not have a direct comparison against other products that are available today. That said, and accepting the fact that email security systems are not cheap, this product is still a front-runner and, combined with the new things that Cisco is doing, it has a lot of scope and capability. I would suggest this product would be about a nine, if ten is the best.

It is an anti-spam solution, and we primarily use it for email anti-spam. It removes the spam emails, and we have our own manual filters to remove unnecessary or unwanted emails. So, it is working just fine.

We have been using the solution for more than three years. We started on version 9 and are currently on version 11.1.

In regards to what we filter out, we don't have a lot of information. We have a small team who handles most of the software, including the email filtering and email security. 

The solution drops bad email, like the spam or emails with viruses. We are not currently doing further analysis to indicate what was really targeted, or determining if something else with generated, malicious or spam. The filtering is okay, and we don't have complaints from our customers or users, so we aren't doing any further steps.

The email processing and event logging are very detailed and valuable. They are also helpful when we troubleshoot email issues and perform email analysis, even though the logs are not structured properly.

We like the in-built features, like the email filtering based on the IP and domain. Cisco has its own blacklisted domains and IPs, which is very good. This filters around 70 percent of emails from spam, and we are seeing fewer false positives with this.

The notifications about why the emails were blocked is a good feature.

Having Cisco Email Security as a standalone solution is not good enough. It needs to be combined with another solution. For example, it will not stop all phishing and malware. We tried having only Cisco Email Security (IronPort) and faced multiple issues due to the sandboxing. The sandboxing for this solution is not up to mark and needs improvement. It does not detect much at the moment, just the set criteria that it already has designated.

The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working.

While the tool does a good job of blocking malicious emails, it does have limitations. For example, it sometimes cannot identity file extensions and sends through files that we don't want, like OneNote. We can filter by file name extension, but it is too easy to change the file name extension by adding numerical characters, etc.

Three to five years.

We expect 95 to 98 stability (perfection) in the product. 

We have one person doing maintenance, which is me. I handle this product along with three other security products. 

We are currently utilizing all the features in the product.

We have 1100 users.

The support is great. They are very fast with their responses and are very knowledgeable. Its support is available 24 hours. These things are very good.

We did not use a solution prior to this one.

We were looking to automate most of the stuff related to email filtering, so the solution bought from IronPort (now a part of Cisco) was to reduce our workload.

The initial setup was straightforward, but very lengthy, because it powers up most of the options from the email filtering solutions. While it is good, it will take some time to implement all the features, compared to other solutions. 

It is very simple to set up, but we decided to set it up with exceptional cases. Cisco is more flexible compared to other solution, but it could still improve, especially in the area of ruling logic and enhanced communications. With some other email security products, we can have very complex conditions which we can filter out. This is still not available with Cisco Email Security.

It takes a minimum of a month to build the setup. However, for a good set-up, it will require one year to put in place all the options in place. We had to understand how the emails flowed. 

An implementation partner, SecureLink, helped with the setup. They did a good job and were knowledgeable in the product. But, as an implementation partner, they do not take responsibility for any failures of the product.

Cisco helps with the day-to-day. 

We set up the filtering options ourselves.

We have seen ROI. Only 70 percent of phishing and bad emails are getting through. There are very few solutions that boast this percentage of filtering. This level of filtering helps our company.

It is not that costly. We pay for the solution through a contractor and pay an annual fee.

We are currently using two different email security products, which is how we are able to identify the pros and cons of Cisco Email Security. We use a similar product called FireEye. It can detect based on sandboxing. Anything bad that it sees, it will detect. It is not based on file extension or file types. Recently, we have been able to block with it using some type of file extensions or hash.

I would recommend to use Cisco Email Security first as your email filtering solution, but do not rely on it as your only solution. 

I like the product because it is very easy to work with or we can make it complex if we want.

We have around 500 to 600 users and we use it for services like Anti-Spam, Advanced Malware Protection (AMP), and scanning. We are also using also multiple content filters, and it's working pretty well for us. In combination with Cisco Secure Email Gateway, we are using Trend Micro.

Before we had Cisco Secure Email Gateway, so we had more spam emails. In fact, we had some other solutions in place, but there was more spam going to the Exchange Server when we compare between we didn't have Cisco Secure Email Gateway deployed and when we deployed it. We cannot say it's 100 percent, but we're covered for 90 to 95 percent of spam. No spam is going to the user right now.

We are using almost all the features because they are necessary to protect emails. The most valuable feature is the different content filters we are using, such as DKIM. 

The Anti-Spam feature is also valuable for us because, most of the time, we notice that what is coming in is spam, and the Anti-Spam filter works very well. That's one of the features we like most.

We would like to see more options for the customization of content filters.

Three to five years.

The stability of the solution is very good. They always come out with very stable versions of firmware and it has never caused any issues.

Cisco Email Security is working well for us, but we currently have no plans to increase usage.

Technical support is very fast to respond. They are well-trained and experienced.

We were using Trend Micro and we are still using it now that we have Cisco Secure Email Gateway. Cisco's solution is more efficient and provides more options. For us, it also creates one more layer of security.

The initial setup was pretty straightforward. The basic mail policies were very easy to set up, but tuning the email flow and blocking certain things according to particular requirements takes time.

The initial deployment took about a week. Our implementation strategy was not to stop the mail flow while implementing adequate security features, including Anti-Spam, AMP, and AV.

Deployment and maintenance requires one engineer, maximum.

We used an integrator. I was not involved directly.

Licensing is done yearly, but I am not involved with purchasing side of things.

Cisco Secure Email Gateway was our first choice.

This is a great product with wonderful support. You won't have any issues.