Cisco Secure Email Room for Improvement

NS
Director General at Icdc

The pricing needs to be reconsidered or enhanced.

View full review »
FL
Information Security Specialist at City Of Hamilton

I have some frustrations with the user experience in the interface, specifically with regard to making a list of people for whom I want to allow email access. Let's say I have ten people, all of them being VIPs. I allow emails for them because they frequently communicate important information. However, working with these lists is quite challenging. It's difficult to rearrange or manipulate the entries once they are added to the list. The interface could definitely benefit from some improvements.

View full review »
PC
Sr Infrastructure Engineer at Delta Plastics of the South

When it comes to phishing, I would not give this appliance a perfect score by any means. It's hard to get a perfect score on phishing with any solution. But typically, in a phishing email, they try to use a name everybody's going to recognize, like the CEO's name or the CFO's name. They might spell it wrong, but they will try to get your attention so that you'll do something.

With this appliance, the way it's designed at the moment, for us to really stop that with any level of confidence, we have to build a dictionary of all the names of the people we want it to check, and all the ways they could be spelled. My name would be in there as Phillip Collins, Phillip D. Collins, Phillip Dean Collins, Phil Collins, Phil D. Collins. There could be eight or 10 variations of my name that we'd have to put in the dictionary. There's no artificial intelligence to say "Phil Collins" could be all these other things, and to stop phishing from coming through in that way. It is stopping a lot of phishing when we do use that dictionary. We essentially let the email come in, but we put a header at the top, in red, telling the user to be very careful, this may not be a real email, and let the user decide at that point, because it's looking at whether or not it came from a domain outside our domains.

If I have to send myself an email from my personal domain at home, it has my name in it, Phillip Collins. We want it to notice that Phillip Collins is a name that's in the company directory, but it's not coming from one of our domains. We want the user to understand that that is how they get around it. Phishing emails will come from the attacker's own email address, but they will set the display name, what you'll see, as something familiar. That's why I wouldn't give it anywhere near a perfect score, because the artificial intelligence just isn't there yet. You have to manually put these things. As you have people come and go in your organizations, you have to decide if you want these people in that dictionary or not. If they leave then you've got to take them out. There's a lot of work to doing that with this solution at the moment.

Another minor thing is the interface that you work with as an administrator. It is not as intuitive as I would like it to be. It's all there, if you understand what you're doing; what email is doing and how you detect certain things. It is not difficult at all to work with, but it could be more intuitive for somebody starting out.

Finally, they separate the email security appliance from the reporting appliance. It's the Cisco Secure Email Gateway and the SMA; they are two separate appliances. The reporting appliance just gets information from the email security appliance and helps you formulate reports. To me, that should all be one. It doesn't bother me that it's not, but sometimes I have to think, "Do I need to go to this appliance or this appliance to get that information?" It should all be in one place, but those are minor things.

View full review »
Buyer's Guide
Cisco Secure Email
March 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Muhammad Naeemuddoja - PeerSpot reviewer
Team Lead Networks & Security Operation Centre at Central Depository Company

Many smaller businesses opt for more cost-effective solutions, such as Gmail or Hotmail accounts, instead of investing in Cisco Secure Email, given its higher cost. While theoretical knowledge, especially in terms of POC and PNA technology, is commendable, the challenge lies in the practical application.

View full review »
TirutHawoldar - PeerSpot reviewer
Senior operations manager at Orange

The tool's pricing can be improved. 

View full review »
JoseSilva - PeerSpot reviewer
Manager of Partner Solutions at S21sec

Cisco has already improved this solution with some add-ons to the basic product. Cisco is already providing a very good environment with the IronPort solution, but there could be some more integration with other products. For instance, an integration with the EDR solution could be there to raise an alert.

View full review »
AF
Digital Program Manager at a healthcare company with 10,001+ employees

I would like more functionality and how to use it for Level 2 type staff. The biggest issue is it needs to be easier to use and navigate. I know there are a lot more documents in the later versions about how to do things. This is a great improvement from a few years ago when you would have to call a tech to get them to assist you, which they're more than happy to do, but now there are a lot more how-to guides. If they could continue to do that, then it would make the product even more usable. Also, it needs more detail/documentation around what different features do. That would be valuable for the product. That way, when you do have lower level staff who are using it, they will actually know what it can do, e.g., having help icons for each section, and even each setting, does make it easier for the users. As they can click on the question mark for that setting, then they can then see what it does or have it take them to a how-to page on what it does.

The reporting could be improved, especially at a senior management level. The reporting side of things is a big component of what people, especially executives, want to see. In that way, it can justify its use ongoing. The executives want to know the volume of traffic that it's stopping. While users have to deal with the potential loss of income and hours. With reporting, it becomes a no-brainer. It's one of those things on an IT budget that you need to have.

View full review »
Dipak M - PeerSpot reviewer
Associate Network Engineer at Allied Digital Services Ltd.

There are some drawbacks, like the pricing. It's not a default version, and the cost can be prohibitive. If you're working on projects where winning the bid is crucial, then the high price tag can be a major obstacle. Partnerships are required to use the solution. So it can be more affordable.

In future releases, I would like to see two main improvements come to mind. First, the current solution requires maintaining two separate operating systems for FTD, which can be cumbersome. I'd love to see a single operating system for the FTD box. 

Second, some improvements could be made in the documentation and reporting.

View full review »
PaulGiles - PeerSpot reviewer
Principal Consultant at a computer software company with 1,001-5,000 employees

It's not just the firewalls themselves, but one thing I think, where certainly firewalls and other products could actually improve, is in the licensing. Licensing is quite complicated for a number of customers, including ourselves. The licensing appears to be changing on a regular basis depending on the product and the software versions, so we are constantly having to keep up to speed with the different licensing types.

View full review »
Joshua Boat - PeerSpot reviewer
Network Engineer at a retailer with 10,001+ employees

Cisco Secure Email could rename features in the menus. They could also show a flow of how things go and where the policies sit in conjunction with the actual application.

View full review »
ChrisWanyoike - PeerSpot reviewer
Network Infrastructure Specialist at Central-Bank-Kenya

Cisco Secure Email focuses on cloud-based threat intelligence and endpoint security. The current version improves on the on-premises version by integrating Threat Grid and Advanced Malware Protection, which helps users quickly identify malicious emails.

View full review »
Yonas Abebe - PeerSpot reviewer
Security Engineer at Symbol Technologies PLC

While Cisco offers excellent solutions and innovations, the pricing may not be suitable for everyone. The cost of the software is relatively high. In the current market, there are numerous competitive alternatives that focus on security, enterprise networks, and various other aspects. Cisco, being a comprehensive provider, extends its expertise across data, servers, storage, and security, making them a preferred choice for many enterprises. However, when it comes specifically to security solutions, there are other vendors that specialize solely in this domain, offering competitive options.

View full review »
ED
Owner at Jolly Security Inc

You can consolidate on SMA if you want to spam or threats quarantined for multiple devices. It is not advisable for a single device, because if it fails, you are left without any email.

I would like to see a few changes to the UX. 

There is space for improvement with data loss prevention, particularly with third-parties integration. Data loss prevention is quite important, though most customers have some third-party or other elements in their network doing data loss prevention, specifically for email. However, if it could be possible to integrate with other solutions, not only on the email flow, but on analysis for a connector or something like that, then that would be ideal.

The Forged Email Detection feature needs improvement, particularly with domain. The sensors are not that good and the rules sets are unclear.

View full review »
DM
Security Technician at Mercadona

They can do it better with web links, with the URLs. They have a technology called Outbreak but it doesn't work as well as we would like. It does have a new feature called Cloud URL Analysis, but we can see enough information about detection, information that helps us to properly configure the technology.

View full review »
YusufAhmed - PeerSpot reviewer
Information Security Specialist at IHV-Nigeria

There are some concerns in the way the architecture is set up, making it an area where improvements are required. When you set up the tool, the way you put your SMTP routes should be possible through an easier process.

View full review »
PN
Technical Presales Consultant : Cisco Security at Inflow Technologies

Cross-platform is one major pain point. Many of our clients use an open-source Linux system. These components cannot provide for any Ubuntu or any Linux open-source system, and that's where we get stuck most of the time. Previously, we were doing a POC for Cisco Umbrella, and we got stuck at the point where the customer had almost 200 to 300 of his endpoints, almost 80% of his workforce, working on Linux. This was both on the server and roaming user sides, and Cisco has no solution for Ubuntu. We have raised this suggestion many times when interacting with Cisco during seminars and webinars we've attended. However, we only got feedback from them that they will introduce that feature very soon with their Cisco AnyConnect agent. But it's still only available for Windows and Mac.

View full review »
KK
Pre Sales Manager at Logix

Scalability has certain shortcomings and needs to be improved because there are service providers who provide better scalability.

Our company constantly checks out what the solution needs to improve. We need to be updated with what is available in the market and which application performs better.

The solution's UI needs little tweaking because most customers find it to be a very detailed and technically designed UI. If a person does not know email security or how Cisco devices work, he cannot manage it.

Other solutions are user-friendly. Even if the admin has a basic knowledge of managing the services, he can use them.

Cisco Secure Email needs to work on the security part, but it also needs to work on UI since it makes part of the entire solution.

View full review »
Ahmed  Helmy - PeerSpot reviewer
Sr. Director, Business Development & Sales Operations at Connect professional services

The scalability must be improved. The product is a bit traditional. There are many vendors in the market. A customer might not always choose Cisco.

View full review »
CN
Network Security Engineer at Galaxy Backbone Ltd

The area of license renewal should be improved. We normally renew our license every year. There is a feature called smart licensing, and I switched from the legacy mode to the smart licensing mode because of what I thought smart licensing does. I thought it would make licensing renewal seamless and very swift, but ever since I've switched to smart licensing, each time I want to renew my license, it is a whole lot of headache. The process is not smooth, and I had to keep calling Cisco TAC to see how the issue can be resolved. At one point, I wanted to revert back to the legacy mode, but I can't revert. Once you switch from the legacy mode to the smart licensing mode, you can't revert. They should improve on the visibility of the smart licensing mode so that it can indeed be smart and easier to use for the license renewal every year. That is one challenge.

Another challenge is that there is no way for me to know my level of utilization. For example, if I have a subscription of 2,000, there should be a way for me to know my level of utilization. Currently, I don't know my level of utilization. So, if my license is renewed on 20,000 subscribers and I'm using less than 20,000, I wouldn't know. It doesn't improve my ROI. If I'm using less than the subscription I've applied for, there should be a way the system should tell me, rather than me going to find out manually. When I go to the smart licensing profile, I should be able to see my utilization. I should be able to see that I've subscribed for 20,000 but I'm only using 12,000. This means that if I'm going to renew, I should reduce my licensing mode from 20,000 to maybe 15,000. This kind of information should be given to the customers, but right now, we don't have that.

View full review »
MR
IT Admin / Manager at a retailer with 501-1,000 employees

The UI is definitely one area of improvement because it doesn't match other interfaces and the navigation can be a little clunky. Generally speaking, it is just dated, and I know that they're working on enhancing it for later versions.

They should continue to develop their integration with Office 365 or Hosted Exchange since a lot of organizations, ours included, are moving primary Exchange services to the Microsoft Cloud. Being able to integrate tighter with that environment is important.

View full review »
Hannes Johnsson - PeerSpot reviewer
Network Architect at a transportation company with 501-1,000 employees

Cisco Secure Email can be improved from the administrator's point of view. Usually, you have to work with different areas, and they can try to make it easy for the administrator to use different functions.

View full review »
NA
IT Manger at Dubai precast LLc

The management features of the product are not up to date. It does not match the features provided by the new vendors in the market. The solution does not offer features to protect workloads on the cloud.

View full review »
KhurramShahzad - PeerSpot reviewer
Network security manager at Cyber Vision

It is not user-friendly, and it is quite complicated. So, it should be more user-friendly. The GUI is difficult to understand. 

View full review »
Mohamed Elshayeb - PeerSpot reviewer
Cyber Security Presales Engineer at Orixcom

The product's GUI for the dashboard needs improvement.

View full review »
Mohankannan Ramadoss - PeerSpot reviewer
Regional Manager at Digitaltrack

It would be beneficial to have additional DLP functionality, particularly in the email DLP aspect. It could be included in the next release of the product.

View full review »
SA
Network Team Lead at ASYAD

If you are not a technical guy, it is hard to maneuver, but as soon as you work on it, it gets better and better. If there was a better way to know how to do things or how to find things, it would be good.

View full review »
SD
Senior Infrastructure Engineer at a financial services firm with 201-500 employees

The interface is dated. It has looked pretty much the same for 15 years or so. It would be helpful to be able to do everything from one spot. The centralized quarantine and reporting are completely separate from policy administration.

View full review »
RL
Email Adminstrator at Merchants Capital Resources, Inc.

I use the search all the time. Sometimes, it is hard to search for things and things are hard to find. People come to me all the time, saying, "This email didn't get through." Then, I go searching and don't find it on the first search. You have to think about alternative searches. I don't know if there is an easier way that they could help to find things. I don't know how they could simplify it, because now everybody else is using the cloud and everything is coming from Office 365, or whatever. It is just not the same environment from years ago where everybody had their own server and you could search easier.

When you run a trace and you are in the cloud, it's harder. You run a trace and it generates trace results. I haven't figured out how to get those off of the cloud. I don't know if there is a path to open up a ticket on that.

View full review »
SanjeevKumar19 - PeerSpot reviewer
Technical Support Engineer at AlgoSec

The Cisco database is more bug-prone and less accurate than the databases of other email security solutions. Whenever we get a phishing email, Microsoft email server, TruePoint, or Barracuda, they have a much better database. Because Cisco is using Talos, which is not a good database, they do not have much information in the database. So that is really lagging very much behind.

So that is not much recommended by the customers. Every time, customers get frustrated by using them.

There's room for improvement in the DevOps database. It has many spam emails. Usually, we have to report to the Telos team for samples, whether it's spam or a legitimate email. If that is done, then the customer environment won't get compromised easily because more than 80% of cyber-attacks are through emails. So email is like sanitizer it was used in hospitals before COVID, but after, it's provided widely to users.

View full review »
KK
Senior Email Engineer at a legal firm with 1,001-5,000 employees

On their roapmap, they are looking to integrate with different cloud features, like Office 365.

I would like them to add some clustering or high availability features.

View full review »
MZ
Consultant at Skye AS

Cisco Email Secure's pricing needs to be less. We have vendors who provide cheaper solutions with the same features. 

View full review »
AD
Information Security Analyst at a healthcare company

We find bugs, just like anyone else. We bring them to Cisco's attention. 

If there was one area I would like to see improved it might be having someone who can help us when Cisco comes out with a new product. Let's say I'm going to be purchasing and utilizing version two of this product. They assign me an account specialist and a technical specialist to help with the bring-up. It would be nice if the specialist would be able to help foresee some of the issues we might run into, specific to the version we're implementing. I know that's a bit of a loaded issue because sometimes it depends on your particular environment. I know that's very difficult.

But, there have been some instances where particular hiccups could have been avoided if the individual assisting us was slightly more versed in the version that we were going with. Maybe he could have told us that it wasn't the version we should have gone with. Maybe we should have gone with a previous version and then skipped over this version until they came out with a more upgraded version of it. The version we first chose might be a stable version in general, or it might be stable for other environments, but not for our particular environment.

There's one other thing I would like to see. It would be nice to have an easier way to check on the health of the system, how stressed these appliances are. Sure, you can do it, but it would be helpful to have an easier way to do it, maybe even at a glance. That was something that Proofpoint had that I wish I had here. That would be very useful.

View full review »
TO
Security / Solution Architect at a insurance company with 1,001-5,000 employees

We have Microsoft and we have the E5 licenses, they have more EDR responses on certain emails. That's something that Cisco ESA on the cloud doesn't have. They don't do anything about MITRE attacks. They only detect if there is a malicious email or a threat and they remove it.

If there is an email that has passed through, there is no way to have a global system delete that email from every mailbox. You have to look up the malicious files yourself.

With Microsoft, you can look it up, you can hunt for that in their compliance dashboard. You can hunt that email and then delete that email in one step. That's something that Cisco doesn't have.

View full review »
MM
Senior IT System Administrator at ScanPlus GmbH

We have been struggling in the last month with Cisco encryption and with the S/MIME encryption. I don't know if it is an issue on our side or if these features of the solution are not working very well. The documentation is good but I'm not sure if the functionality in these areas of the solution is implemented very well. We are evaluating the situation.

View full review »
GS
Information Security Administrator at a tech vendor

They could improve the filters. In my time at the company, there were several times we had to contact support to update the filters. They can definitely work more on that.

They can also work on the updating of the appliance. We had to do it once, when I was part of the engineering team. We had to update to a later version. It was complicated for me. I had to follow the instructions without understanding anything. Maybe there was pressure that caused me to not and understand them properly, but it was still complicated. The documentation was not there when we tried to update it. It may also have been due to my lack of experience. If I had done it twice or three times, I might have become accustomed to it and have done it more easily.

View full review »
SS
Information Security Analyst at a energy/utilities company with 501-1,000 employees

Having Cisco Email Security as a standalone solution is not good enough. It needs to be combined with another solution. For example, it will not stop all phishing and malware. We tried having only Cisco Email Security (IronPort) and faced multiple issues due to the sandboxing. The sandboxing for this solution is not up to mark and needs improvement. It does not detect much at the moment, just the set criteria that it already has designated.

The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working.

While the tool does a good job of blocking malicious emails, it does have limitations. For example, it sometimes cannot identity file extensions and sends through files that we don't want, like OneNote. We can filter by file name extension, but it is too easy to change the file name extension by adding numerical characters, etc.

View full review »
VJ
M365 Team Lead at a media company with 5,001-10,000 employees

The user interface is a bit complex. It is not very easy to learn the product. It is not very intuitive.

View full review »
Pramod Sharda - PeerSpot reviewer
Chief Executive Officer at IceWarp Technologies Pvt Ltd

The solution does not have a strong outbound service. It should also integrate DLP. 

View full review »
SA
Group Head of Cyber Security at a manufacturing company with 5,001-10,000 employees

The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations.

In terms additional features, I would like to see customization of reports and dashboards. 

There should be separately module for Phishing and Fraudulent emails

View full review »
ED
Founder, CEO, & President at Krystal Sekurity

The user interface needs some improvement to become more user-friendly. The graphics could be better. It's designed more for a technical user rather than a business user.

The solution has flexibility. I think they are working on improving it as we speak. They're responsive to the feedback we give.

View full review »
SM
Head System /Solution Architect at sorfert

With each product release since 2012, they have continuously fixed our issues or complaints. In the beginning, it needed a lot of work. Now, we are happy with it.

View full review »
KK
RPA Manager at a tech services company with 11-50 employees

When we use multiple Cisco devices, we cannot manage the servers with a single UI. We must log in to each server for the management. We cannot manage multiple devices from a single UI. The solution has some inhibitions. They need to be finetuned.

View full review »
MQ
Network Security Consulting Engineer at a manufacturing company

We would like to see more options for the customization of content filters.

View full review »
AS
Regional ICT Security Officer EMEA at a energy/utilities company with 10,001+ employees

We have occasionally had hardware problems because we are using an appliance-based solution, but that might change.

View full review »
ML
Network Security Engineer at Konga Online Shopping Ltd

One of the things that Cisco could improve on with IronPort is the support. Cisco doesn't really have enough engineers who have full, hands-on knowledge of IronPort. Knowledge of it is not something you can find easily compared to other security appliances. They could also share more technical resources on how to do conversions.

I did a video tutorial while I was training on CISSP and on CCIE security. There was a series that had the Cisco Secure Email Gateway in it and also the WSA. I was able to follow most of the configuration and explanation from the instructor.

Also, if Cisco Secure Email Gateway and WSA could be brought together, it would make a better appliance, one wholesome appliance.

View full review »
SB
System Administrator at a financial services firm with 1,001-5,000 employees

There should be some type of help section that can help us configure clients' emails. Sometimes, we just need to customize the quality. 

The graphical user interface is not user-friendly like other vendors. I find it very difficult at times to find some options on the UI. 

It's very difficult to configure at that time. 

View full review »
it_user404388 - PeerSpot reviewer
Head of Department IT Security & Network at a energy/utilities company with 1,001-5,000 employees

We use the CLI for management, but it's not very good. It's based on Java and it's very difficult to use.

View full review »
MM
Network Engineer at a hospitality company with 10,001+ employees

I would like to see a cloud service implemented for IronPort with specific domains which companies register to blacklist. Emails or anything coming from those domains should be automatically blocked or automatically scanned. Cisco should implement a cloud service for IronPort. It should scan automatically, without our needing to say, "Scan this," or "Scan that." It should be done from their side.

Also, the hardware is not up to the mark. Two to three times a year we have complete downtime. There must be an issue with the hardware itself. The software is very good. It works really well, but when it comes to the hardware it's not good enough because of the downtime. That hasn't happened with any Cisco device until now.

View full review »
RS
Network Security Consultant at a tech services company with 51-200 employees

I would like to see sandboxing for email, where suspicious emails received by the system are analyzed through online services. Some vendors, like Fortinet, have this feature in their firewalls, the FortiSandbox.

View full review »
it_user817158 - PeerSpot reviewer
Senior Network Administrator at a tech services company

The user interface could be updated. Better dashboards and more interactive overviews would be nice, but the current functionality is sufficient.

View full review »
it_user6381 - PeerSpot reviewer
Manager of Infrastructure at a manufacturing company with 51-200 employees
More than a few steps are required to apply rules and these are not essentially intuitive. Even though we were able to get real-time event information from the email logs, it would be nice if the higher-level journalism tools could synchronize more quickly. Price might be an obstacle for smaller networks. Need to reduce the price so that small organizations can use this product. View full review »
ED
Owner at Jolly Security Inc

The reporting functionality needs to be improved.

View full review »
JA
Network Security Engineer at a tech services company with 11-50 employees

There were a couple of access issues.

Also, they need to keep their intelligence top-notch. I remember a particular phishing email that came through to my then-CEO. So they could improve on their intelligence.

View full review »
it_user2871 - PeerSpot reviewer
Network Engineer at a university with 51-200 employees
-Added cost and delay to the network traffic, but performance did remain stable. -Requires knowledge and operation time to manage an added security device to the network devices besides IPS and ASA. View full review »
it_user3882 - PeerSpot reviewer
IT Administrator at a tech services company with 501-1,000 employees
• Requires several actions to employ rules • It takes time to harmonize information from the email log events with higher level reporting tools View full review »
Buyer's Guide
Cisco Secure Email
March 2024
Learn what your peers think about Cisco Secure Email. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.