Cisco Email Security (ESA) Room for Improvement

Information Security Analyst at a healthcare company
We find bugs, just like anyone else. We bring them to Cisco's attention. If there was one area I would like to see improved it might be having someone who can help us when Cisco comes out with a new product. Let's say I'm going to be purchasing and utilizing version two of this product. They assign me an account specialist and a technical specialist to help with the bring-up. It would be nice if the specialist would be able to help foresee some of the issues we might run into, specific to the version we're implementing. I know that's a bit of a loaded issue because sometimes it depends on your particular environment. I know that's very difficult. But, there have been some instances where particular hiccups could have been avoided if the individual assisting us was slightly more versed in the version that we were going with. Maybe he could have told us that it wasn't the version we should have gone with. Maybe we should have gone with a previous version and then skipped over this version until they came out with a more upgraded version of it. The version we first chose might be a stable version in general, or it might be stable for other environments, but not for our particular environment. There's one other thing I would like to see. It would be nice to have an easier way to check on the health of the system, how stressed these appliances are. Sure, you can do it, but it would be helpful to have an easier way to do it, maybe even at a glance. That was something that Proofpoint had that I wish I had here. That would be very useful. View full review »
Regional ICT Security Officer EMEA at a energy/utilities company with 10,001+ employees
We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. View full review »
Security Engineer at a energy/utilities company with 201-500 employees
Having Cisco Email Security as a standalone solution is not good enough. It needs to be combined with another solution. For example, it will not stop all phishing and malware. We tried having only Cisco Email Security (IronPort) and faced multiple issues due to the sandboxing. The sandboxing for this solution is not up to mark and needs improvement. It does not detect much at the moment, just the set criteria that it already has designated. The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working. While the tool does a good job of blocking malicious emails, it does have limitations. For example, it sometimes cannot identity file extensions and sends through files that we don't want, like OneNote. We can filter by file name extension, but it is too easy to change the file name extension by adding numerical characters, etc. View full review »
Find out what your peers are saying about Cisco, Proofpoint, Fortinet and others in Messaging Security. Updated: February 2020.
398,259 professionals have used our research since 2012.
John Agunbiade
Network Security Engineer at a tech services company with 11-50 employees
There were a couple of access issues. Also, they need to keep their intelligence top-notch. I remember a particular phishing email that came through to my then-CEO. So they could improve on their intelligence. View full review »
Gaurav Shakya
Information Security Administrator at a tech vendor
They could improve the filters. In my time at the company, there were several times we had to contact support to update the filters. They can definitely work more on that. They can also work on the updating of the appliance. We had to do it once, when I was part of the engineering team. We had to update to a later version. It was complicated for me. I had to follow the instructions without understanding anything. Maybe there was pressure that caused me to not and understand them properly, but it was still complicated. The documentation was not there when we tried to update it. It may also have been due to my lack of experience. If I had done it twice or three times, I might have become accustomed to it and have done it more easily. View full review »
Network Security Engineer at Konga Online Shopping Ltd
One of the things that Cisco could improve on with IronPort is the support. Cisco doesn't really have enough engineers who have full, hands-on knowledge of IronPort. Knowledge of it is not something you can find easily compared to other security appliances. They could also share more technical resources on how to do conversions. I did a video tutorial while I was training on CISSP and on CCIE security. There was a series that had the ESA in it and also the WSA. I was able to follow most of the configuration and explanation from the instructor. Also, if ESA and WSA could be brought together, it would make a better appliance, one wholesome appliance. View full review »
Ed Dallal
Founder, CEO, & President at Krystal Sekurity
The user interface needs some improvement to become more user-friendly. The graphics could be better. It's designed more for a technical user rather than a business user. The solution has flexibility. I think they are working on improving it as we speak. They're responsive to the feedback we give. View full review »
Keith Kroslow
Senior Email Engineer at a legal firm with 1,001-5,000 employees
On their roapmap, they are looking to integrate with different cloud features, like Office 365. I would like them to add some clustering or high availability features. View full review »
Mir Mustafa Ali
Network Engineer at a hospitality company with 10,001+ employees
I would like to see a cloud service implemented for IronPort with specific domains which companies register to blacklist. Emails or anything coming from those domains should be automatically blocked or automatically scanned. Cisco should implement a cloud service for IronPort. It should scan automatically, without our needing to say, "Scan this," or "Scan that." It should be done from their side. Also, the hardware is not up to the mark. Two to three times a year we have complete downtime. There must be an issue with the hardware itself. The software is very good. It works really well, but when it comes to the hardware it's not good enough because of the downtime. That hasn't happened with any Cisco device until now. View full review »
Muhammad Qureshi
Network Security Consulting Engineer at a manufacturing company
We would like to see more options for the customization of content filters. View full review »
Rizwan Siddiqi
Network Security Consultant at a tech services company with 51-200 employees
I would like to see sandboxing for email, where suspicious emails received by the system are analyzed through online services. Some vendors, like Fortinet, have this feature in their firewalls, the FortiSandbox. View full review »
Syed A. Raheem
Group Head of Cyber Security at a transportation company with 10,001+ employees
The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations. In terms additional features, I would like to see customization of reports and dashboards. View full review »
Sofiane Medhkour
Head System /Solution Architect at sorfert
With each product release since 2012, they have continuously fixed our issues or complaints. In the beginning, it needed a lot of work. Now, we are happy with it. View full review »
Setu Bandhan Saha
System Administrator at a financial services firm with 1,001-5,000 employees
There should be some type of help section that can help us configure clients' emails. Sometimes, we just need to customize the quality. The graphical user interface is not user-friendly like other vendors. I find it very difficult at times to find some options on the UI. It's very difficult to configure at that time. View full review »
Wouter Hindriks
Senior Network Administrator at a tech services company
The user interface could be updated. Better dashboards and more interactive overviews would be nice, but the current functionality is sufficient. View full review »
Enrique Diaz Jolly
Principal Consultant, Engineer, Owner at a tech company with 1-10 employees
The reporting functionality needs to be improved. View full review »
Find out what your peers are saying about Cisco, Proofpoint, Fortinet and others in Messaging Security. Updated: February 2020.
398,259 professionals have used our research since 2012.