Cisco Email Security (ESA) Review

Enabled us to set rules to block spam, and the user interface was easy to use


What is our primary use case?

My primary use case was email security, to protect against phishing mails, spam, malware, and viruses. 

How has it helped my organization?

We used to get emails with viruses that would impact the business or we would get emails with malware. We were able to scan the email and clear it or block emails with viruses. That was the business justification. On a weekly basis, it was blocking about 2,000 or 2,500 emails.

It protects you, it protects your network, it protects you from phishing emails and malicious content and the like.

What is most valuable?

The most valuable feature was the anti-spam feature. You could set rules to block emails based on specific words like "pornography," "sex," "guns," "violence." That was one thing I liked about it. With the anti-spam, we didn't get all those emails.

Also, Cisco was scanning our emails with their own intelligence. I liked that.

Finally, the user interface was quite friendly, it was quite easy to use, unlike some other Cisco products. Anybody could use it. You don't have to be familiar with IT to be able to handle navigating it.

What needs improvement?

There were a couple of access issues.

Also, they need to keep their intelligence top-notch. I remember a particular phishing email that came through to my then-CEO. So they could improve on their intelligence.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's quite stable. We didn't have issues because, when I think about the issues, they were from us. The two boxes were in cluster, so when the guys at the other site would start without telling us, we would get cluster error messages. Apart from that, it was fine.

What do I think about the scalability of the solution?

In terms of scalability, I'm pretty much sure we could go as high as 1,500 users.

How are customer service and technical support?

The support is great. It's one of the best, if not the best. If you have a particular issue, Cisco can SSH tunnel into your box and help you fix it. As long as we had a running contract, their response time was five minutes, tops. 

If you don't have a running contract but there is a security issue, say malware, for example, they'll respond. But if it has to do with hardware, they don't respond. They'll tell you to get a contract before they'll respond. It depends on what the issue is.

How was the initial setup?

The deployment was quite easy. We wanted it with high-availability. It wasn't a greenfield, it was just an upgrade. The initial deployment had been done before.

The GUI is self-explanatory: If you want to block emails, you want to erase emails, you do the IP address configuration and what your DNS is. It's pretty simple, a very easy-to-use GUI. If you want to buy licenses, you want to check the status of your licenses, you want to check the status of your box, you want to check the environment, it's very simple.

The upgrade took me about 30 minutes for each box. It was just me involved in the upgrade.

What was our ROI?

The ROI is about business continuity. If you get hit by malware through an email, you'll understand. Email security is a must-have; not necessarily ESA, but email security. It can come from any vendor, as far as I'm concerned.

What's my experience with pricing, setup cost, and licensing?

The licensing was not per user, the licensing model was per feature. You could choose anti-virus, anti-spam, etc. It was feature-based and charged yearly. Aside from the standard licensing fees, you have to pay for support.

Which other solutions did I evaluate?

After using ESA we used Trend Micro. The difference between them is just the vendor. There's really no difference. Same approach. It's the same technology. I would say Trend Micro is more granular. But overall, It's the same technology. I don't think one is better than the other. Who you buy from depends on marketing.

What other advice do I have?

Email security is a must-have, and as much as the cloud providers will tell you they have security, from our own experience, the vendors' security products are a bit superior. The reasons I chose ESA are the interface is - it's easy to use - and the support is great. Also, it's nice to have another gateway, not just the cloud email security because it has proven not to be enough.

The organization I was working in where ESA was implemented had about 700 staff members, roughly 700 email boxes. There were no plans to increase usage of ESA at that organization. The reality now is that if your emails are on O365, O365 offers you some form of cloud email security. For most organizations, they're looking for business justification to keep ESA when Microsoft, for example, is offering cloud protection for your mailboxes on O365. In a case like that, you really don't expand business on ESA. Now that mailboxes are no longer on-prem, and the cloud provider is offering you email security, the way they sell is that you cannot say have your email on the cloud without paying for cloud security. There is really not much expansion on ESA from a business standpoint, if your mailbox is with a cloud provider.

I would give ESA an eight out of ten. We didn't get any malware, but a few phishing emails, maybe one or two, slipped in. There is really no vendor, in my experience, that I would rate at ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email