Cisco Secure Email Reviews

The primary use case was for email security and load balancing between Exchange mail servers.

From a security standpoint, IronPort really helped with the mail filtering and load balancing between the Exchange servers they had. IronPort enabled us to blockade domains that send these emails. IronPort gave us fantastic service.

By the time I administered it, I was able to block some 25 or more domains.

The filtering is something I found very valuable. 

Also, the users were able to do a check by themselves on quarantined emails. They could check if a valid email had been stopped, if it matched up with the SPF certification. The kind of environment we ran was a kind of complex environment. For us to be in compliance with PCI DSS and ISO 27001, the users needed to implement this and we needed to know how often we got unsolicited emails and how to mitigate users being victims of spear-phishing or phishing attacks.

One of the things that Cisco could improve on with IronPort is the support. Cisco doesn't really have enough engineers who have full, hands-on knowledge of IronPort. Knowledge of it is not something you can find easily compared to other security appliances. They could also share more technical resources on how to do conversions.

I did a video tutorial while I was training on CISSP and on CCIE security. There was a series that had the Cisco Secure Email Gateway in it and also the WSA. I was able to follow most of the configuration and explanation from the instructor.

Also, if Cisco Secure Email Gateway and WSA could be brought together, it would make a better appliance, one wholesome appliance.

One to three years.

From my perspective, it's pretty stable. We didn't have any issues.

It's scalable. In the enterprise in which I had to deploy it, there were between 500 and 1,000 users, so the scalability is quite okay. We had two Cisco Secure Email Gateway boxes and there was load balancing using Cisco ACE. The scalability is okay.

There weren't any plans to increase usage, as far as I can remember. It was used very well and they're still using it. I do interact with the current engineer now, and I don't think there has been a serious issue of late. The only issue he told me about is some outside mail is being trapped by the current site.

I did contact support once or twice before I left and that was during the license regeneration. We had an issue which was more like a wrong configuration. There were some steps that needed to be taken to correct it. Support was awesome, although it took a while.

Because I had a video walkthrough that I made use of, I found the configuration pretty easy, not so difficult. Also, the prior knowledge of my then-line manager gave me an edge, helping me with using and administrating it.

The deployment I did last was done within five to ten days.

IronPort has been in production before I got the job. They had issues because the configuration was not suited to the business. What I had to do was a clean configuration, reload it, and start the configuration all over again.

I and my line-manager were the ones who were involved. I did a larger chunk of the job. I was the only one maintaining it until I handed it over to the network engineer who took over from me. Maintenance takes one person or two.

It reduced the costs resulting from phishing attacks on the organization. That was one of the major reasons for deploying Cisco IronPort.

There were no other costs in addition to the standard licensing fees.

So far, so good. IronPort was fantastic. It's an awesome solution, but I don't think it's something for a small-sized organization due to the licensing cost. I think it's a great solution for email security.

I would rate Cisco Secure Email Gateway at eight out of ten because of the awesome functionality and features. The only downside with it is the knowledge about it. When I was trying to enable cloud encryption services on it, allowing you to encrypt emails to send confidential emails to a third-party, the resources on that were not that grounded and the technology was somewhat difficult to configure. The way the technology works for email encryption services is not ideal because once you send an email to someone, he has to click on a link and be redirected to a web portal, rather than having everything done on his email platform.

My primary use case was email security, to protect against phishing mails, spam, malware, and viruses. 

We used to get emails with viruses that would impact the business or we would get emails with malware. We were able to scan the email and clear it or block emails with viruses. That was the business justification. On a weekly basis, it was blocking about 2,000 or 2,500 emails.

It protects you, it protects your network, it protects you from phishing emails and malicious content and the like.

The most valuable feature was the anti-spam feature. You could set rules to block emails based on specific words like "pornography," "sex," "guns," "violence." That was one thing I liked about it. With the anti-spam, we didn't get all those emails.

Also, Cisco was scanning our emails with their own intelligence. I liked that.

Finally, the user interface was quite friendly, it was quite easy to use, unlike some other Cisco products. Anybody could use it. You don't have to be familiar with IT to be able to handle navigating it.

There were a couple of access issues.

Also, they need to keep their intelligence top-notch. I remember a particular phishing email that came through to my then-CEO. So they could improve on their intelligence.

One to three years.

It's quite stable. We didn't have issues because, when I think about the issues, they were from us. The two boxes were in cluster, so when the guys at the other site would start without telling us, we would get cluster error messages. Apart from that, it was fine.

In terms of scalability, I'm pretty much sure we could go as high as 1,500 users.

The support is great. It's one of the best, if not the best. If you have a particular issue, Cisco can SSH tunnel into your box and help you fix it. As long as we had a running contract, their response time was five minutes, tops. 

If you don't have a running contract but there is a security issue, say malware, for example, they'll respond. But if it has to do with hardware, they don't respond. They'll tell you to get a contract before they'll respond. It depends on what the issue is.

The deployment was quite easy. We wanted it with high-availability. It wasn't a greenfield, it was just an upgrade. The initial deployment had been done before.

The GUI is self-explanatory: If you want to block emails, you want to erase emails, you do the IP address configuration and what your DNS is. It's pretty simple, a very easy-to-use GUI. If you want to buy licenses, you want to check the status of your licenses, you want to check the status of your box, you want to check the environment, it's very simple.

The upgrade took me about 30 minutes for each box. It was just me involved in the upgrade.

The ROI is about business continuity. If you get hit by malware through an email, you'll understand. Email security is a must-have; not necessarily Cisco Secure Email Gateway, but email security. It can come from any vendor, as far as I'm concerned.

The licensing was not per user, the licensing model was per feature. You could choose anti-virus, anti-spam, etc. It was feature-based and charged yearly. Aside from the standard licensing fees, you have to pay for support.

After using Cisco Secure Email Gateway we used Trend Micro. The difference between them is just the vendor. There's really no difference. Same approach. It's the same technology. I would say Trend Micro is more granular. But overall, It's the same technology. I don't think one is better than the other. Who you buy from depends on marketing.

Email security is a must-have, and as much as the cloud providers will tell you they have security, from our own experience, the vendors' security products are a bit superior. The reasons I chose Cisco Secure Email Gateway are the interface is - it's easy to use - and the support is great. Also, it's nice to have another gateway, not just the Cisco Secure Email Cloud Gateway because it has proven not to be enough.

The organization I was working in where Cisco Secure Email Gateway was implemented had about 700 staff members, roughly 700 email boxes. There were no plans to increase usage of Cisco Secure Email Gateway at that organization. The reality now is that if your emails are on O365, O365 offers you some form of Cisco Secure Email Cloud Gateway. For most organizations, they're looking for business justification to keep Cisco Secure Email Gateway when Microsoft, for example, is offering cloud protection for your mailboxes on O365. In a case like that, you really don't expand business on Cisco Secure Email Gateway. Now that mailboxes are no longer on-prem, and the cloud provider is offering you email security, the way they sell is that you cannot say have your email on the cloud without paying for cloud security. There is really not much expansion on Cisco Secure Email Gateway from a business standpoint, if your mailbox is with a cloud provider.

I would give Cisco Secure Email Gateway an eight out of ten. We didn't get any malware, but a few phishing emails, maybe one or two, slipped in. There is really no vendor, in my experience, that I would rate at ten out of ten.

Our main deployment is for a shipping company. We're protecting their local Exchange Server and their online Exchange email.

It means less malicious email, fewer interruptions, and less risk. It actually circumvents malicious emails; rather than getting to the users, the users don't see them. End of story. There's a risk without it. The user might get the email and might click on the link. Once that happens, they are toast, as is the network.

The number of malicious emails it blocks differs from one company to another. It depends on the volume of email they get. I would say on average, depending on how many users there are, it could block 1,000 emails a day.

The most valuable features are protection against ransomware and spam. Those are the main two features. It also adds an additional layer to your networks. Cybersecurity isn't a comprehensive solution. You have to keep on adding layers without disrupting the flow of the business. The Cisco Secure Email Gateway does that, where it adds another layer without slowing down the business or the performance of the network.

The user interface needs some improvement to become more user-friendly. The graphics could be better. It's designed more for a technical user rather than a business user.

The solution has flexibility. I think they are working on improving it as we speak. They're responsive to the feedback we give.

One to three years.

It's very stable. We haven't had any issues or downtime.

It's very scalable, especially the cloud version. You can get up to about 100,000 users on the appliance but the cloud version is more flexible. When you do scale it up you don't see slower performance.

In the largest environment in which we've implemented it, there are 200-plus users. It's utilized by 100 percent of the users. It's not at 100 percent capacity.

Their technical support is very good. We haven't had any issues. Their response is very prompt and they are very knowledgeable.

The initial setup is straightforward. There are two flavors. There's the cloud-based and the appliance. With the cloud-based solution you just point your email server to the IP address in the cloud. With the appliance, you just install it into your rack and connect it to the Exchange Server. The cloud deployment takes about ten to 15 minutes, and the appliance, because you have to install it, takes about 60 minutes.

It requires just one person for deployment. It doesn't require anybody for maintenance. You just set it and go.

The return here is more security and fewer interruptions. It's more stability and productivity versus less productivity, although I'm not sure how you can quantify it.

It's a time-saver. If you get interrupted by ransomware or a hack, it could be costly. Every breach, just the cybersecurity breach, on average costs at least $65,000 to fix, let alone the interruption in work and retrieving data, according to industry sources. You could say that you're minimizing your costs by $65,000.

Licensing costs depend on how many users there are. It could range between $5 and $7 per month, per user. There are no costs other than the standard licensing fees.

There is no totally comprehensive solution in cybersecurity. I find Cisco Email Security to be comprehensive, but it's not 100 percent. There is no silver-bullet solution when it comes to cybersecurity. You better keep on adding protection layers to your network. Don't think you're not going to be a target. As a small or medium business, you will be targeted. It's so easy to get through a firewall nowadays. One layer of cybersecurity is not going to do it. You need to add two, three, four layers. 

It's just like going to the airport. The first thing you see is the check-in desk. They check who you are, that you have valid credentials, where you're going and why. Then you go through the scanners. Then you go through another layer of security. Once you get through, you're also being watched to make sure that you don't become "malicious." There are a lot of layers.

I would rate the solution at nine out of ten. What comes to mind when giving it that rating is ease of use. Just set it and go. A better UI would make it a ten.

It's pretty normal daily incoming and outgoing emails. We have customized policies based on our security measures using this tool to scan the emails in our inboxes. We also check all incoming emails.

Because we can customize policies with it, we have good documentation.

I can customize the configuration and policies.

There should be some type of help section that can help us configure clients' emails. Sometimes, we just need to customize the quality. 

The graphical user interface is not user-friendly like other vendors. I find it very difficult at times to find some options on the UI. 

It's very difficult to configure at that time. 

Three to five years.

I have had no complaints with the stability.

The scalability is quite good. We have three administrators using it. The product is serving around 2000 to 3000 people in our environment.

The technical support is quite good. Whenever I need them, I just raise a case, then someone responds. I have no complaints.

The implementation is quite straightforward, but the customization can is a bit difficult. It took us three hours to implement and three to seven days to configure.

Before implementing, we had to design a new program.

We had a partner who did the deployment and customization, who was very good. Also the Cisco support was there, so anything that we felt uncomfortable with, or when we could not understand policy, we just raised the case, and they helped us with it.

From our end, three to four people were involved in the deployment.

We are also using Sophos Email Appliance in conjunction with Cisco Email Security. We use them both together as a solution.

Overall, it is a very good product, and I'm very happy with it.

We use it for email filtering, spam filtering, for phishing attacks, malware, and forged-email detection. We also use it for outbound message control, to filter attachments that are allowed to be sent and attachments that are not allowed to be sent. It's for data loss protection.

It saves a lot of time wasting. For example, phishing attacks distract a user's attention, and forged emails waste a lot of time. A user can lose data. This solution helps protect user data.

It blocks

• bulk marketing messages
• graymail
• spam

and provides advanced malware protection.

I would like to see sandboxing for email, where suspicious emails received by the system are analyzed through online services. Some vendors, like Fortinet, have this feature in their firewalls, the FortiSandbox.

It's a very stable product. We hardly have any issues. Issues are mostly around license activation and the like. It's a reliable product and very popular here in the Middle East.

It's scalable. A medium-sized business would go with a C370 while a small business would use a C190. We are able to migrate users from lower-level to higher-level products. Scalability is not a big issue for this product. The same configuration can run 500 users and 3,000 users.

The few times we have contacted technical support we have received very good performance from them. This is one of the strong points. They have very good technical support. They provide timely responses. Technical support is very good from Cisco for every product.

The setup is very straightforward. It's very simple to install. It hardly takes 30 minutes.

There is a strategy for deploying, like determining how many users' emails do you want to pass through it. There is a long document, we call it High-level/Low-level deployment. And after that we, pass emails through from the Exchange Server, incoming and outgoing, to configure the kinds of emails the product should filter.

A deployment requires a maximum of two people: One is a network engineer and one is an Exchange system administrator, so if he wants to he can configure rules according to his requirements.

Pricing depends on your environment and which model you want to buy.

You need redundancy. If you have a standalone setup there is a risk of failure. If that goes down you lose email communication.

We have deployed this product for multiple customers in the Middle East, in the UAE, particularly in Dubai. We have many customers using this product, mostly medium-sized enterprises.

We are using two security appliances. One is a web security appliance, IronPort, as well as the Cisco Secure Email Gateway. They are used for web surfing.

We need to differentiate among users with specific boundaries. Some users have full access and some users only have limited access. That is what we are using it for.

It integrates with Active Directory and we can limit specific users to using specific applications. 

I would like to see a cloud service implemented for IronPort with specific domains which companies register to blacklist. Emails or anything coming from those domains should be automatically blocked or automatically scanned. Cisco should implement a cloud service for IronPort. It should scan automatically, without our needing to say, "Scan this," or "Scan that." It should be done from their side.

Also, the hardware is not up to the mark. Two to three times a year we have complete downtime. There must be an issue with the hardware itself. The software is very good. It works really well, but when it comes to the hardware it's not good enough because of the downtime. That hasn't happened with any Cisco device until now.

Three to five years.

The scalability is really good for multiple users. There is no issue with the scale. We have 300 to 400 users.

Technical support is really good. As far as I know, whenever we need it, they help us very well. Within half an hour or an hour of our call, we get technical support to WebEx us, depending on the situation or the issue. That's pretty quick.

The initial setup was straightforward. There was nothing complicated. It doesn't take more than two engineers. When it comes to the software, if there is good coordination between a Cisco guy and an email-server guy, the two of them would be enough to implement it.

It was really easy to implement. Even a newcomer joining the company could easily implement it. There is nothing complicated in the device. It can be easily implemented without headaches.

We took a three-year license. In addition to the standard licensing, there is a cost for SMARTnet as well. That is necessary because the hardware device is not stable at all. So if anything goes wrong we have two appliances to use. With SMARTnet, Cisco will send a new device within a week.

We are looking for a solution. We are in communication with other vendors to integrate with Email Security or to provide us a new solution.

The Cisco Secure Email Gateway, in my opinion, is a really good device. In terms of configuration of the software, it's just click, click, and you are done. If you have redundancy then you are in safe hands. It's a very good solution for email security.

We could be changing the appliance. I have heard from someone that Cisco has released some appliances for email security. I believe we need to try this. We may change our existing device and move to a new Cisco technology. We would keep the software. We usually upgrade it based on the newest versions.

Until now, I haven't seen any breach or any attack on the Cisco Secure Email Gateway.

Overall, I would rate this solution at nine out of ten. I could give it a ten if the hardware was better.

i'm usining it as frontal gateway for controlling and securing the mails flows to my on-premises exchange servers

This product has made my messaging platform more secure. it contain and extended security feature ,policy rules for filtering , and multiple engine for scaning add to that encription , security is very important for critical business with data inhouse.

after doing a third party pentesting, they found the security at a high level regarding the messaging security part testing,and the only recommendation they gave and need improvement is adding the sendboxing, for those attack ranked at zero day attack, which can't be detected.

knowing i'm using premium licensing, i checked the Advanced Malware Protection (AMP), which is on-demand feature, i found that, this feature act like a sendboxing

With each product release since 2012, they have continuously fixed our issues or complaints. In the beginning, it needed a lot of work. Now, we are happy with it.

More than five years.

It is currently stable. I will upgrading next year, but the current version has been working great for six year.

We have two people (system administrators) performing maintenance for the system and security part for the company.

Everything is fine with the scalability.

We have 400 users on this product, with two site, 2 physical appliance in one site and one physical appliance in the second site the three working as a cluster, and next year, we plan to increase our usage and move to the newer physical appliance version. because those we're using , are arriving to them end of life soon.

The technical support is good.

Right now, I am paying for it, but I don't use it because the solution is stable.

I have previously used McAfee, Kaspersky, TrendMicro, barracuda, websense.

The initial setup was complex because I have two sites with physical clusters. and i made it alone during the working hour without interruption.

The length of deployment will depend on the complexity of your infrastructure and your knowledge.

This product is the complete solution and the real deal.

I am using the on-premise version.

It is just another level of protection that we use, as far as email is concerned. We use it for different policies or as another scanning engine, e.g., on the desktop or for data coming through another email gateway.

At one point, there was a zero-day attack. The Cisco appliance detected it and stopped it, helping us out. We avoided the attack and potential damage.

The most valuable feature is the policies or rules that you can put on it. This definitely helps with routing specific things to different destinations within our organization, or even potentially blocking when something is coming in and out, to where you can't do this on an email server or on our other email gateway. It's just not possible.

On their roapmap, they are looking to integrate with different cloud features, like Office 365.

I would like them to add some clustering or high availability features.

More than five years.

It is very stable. I haven't had any issues with memory or CPU. I haven't had any unstable performances from any of the appliances. Initially, we had physical appliances, then we went and upgraded to virtual appliances at some point. However, even the physical appliances were pretty stable.

I did run into one issue at one time where I had to shut something off. It was a bug, but being down for an hour or two is just two costly for our firm.

Deployment and maintenance is handled by two people (email engineers).

Scalability is good. We have four appliances total clustered, two in one data center and two in the other. The ability to increase is definitely doable, and it's helpful if you need to do that.

We are a legal firm with close to 2000 employees.

Technical support is definitely good. The turnaround time to speak to someone is very good, as well.

We had another appliance (Axway MailGate) and switched because it was outdated. Also, their support model wasn't that great. They were difficult to get a hold of after six or seven in the evening.

The initial product setup was easy. However, it was a bit more complex on our side because of some of the rules that we had set up on a previous appliance, which was not Cisco. Trying to match some of those to Cisco was a little complex. We had some consultants help us out with that. Overall, it wasn't too bad.

The deployment took three to five days.

We worked with a partner consulting firm, Presidio, who very useful and helpful.

We did a proof of concept first off, then did a hard cut over on the weekend.

For what you get for the product, the support, and the overall stability, it is definitely a good return on investment.

We do annual licensing for Cisco Secure Email Gateway and SMA together, and possibly SmartNet support. Packaged together, the cost is just under $38,000.

We looked at two or three different vendors. One of the solutions that we looked at was a virtual Linux-based appliance. We did evaluate that and a proof of concept around it. However, it wasn't as robust as Cisco, as far as features and high availability.

Give it a chance. If you can do a proof of concept somehow to rate it against other competitors which are out there, look into it because it is a good product.

I haven't upgraded to version 12 yet.