We performed a comparison between Cisco Secure Email and Barracuda Email Security Gateway, based on PeerSpot users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Barracuda Email Security Gateway and Cisco Secure Email both have their pros and cons, but users seem to prefer Cisco Secure Email for its reputation filtering, customizable interface, and reliable customer support. Both products are effective at anti-spamming and anti-phishing, but Barracuda Email Security Gateway offers sandboxing while Cisco Secure Email has Advanced Malware Protection.
"We find the product to be scalable."
"Barracuda Email Security Gateway is very simple to use."
"Before this solution, we didn't have any separate feature for protecting our emails. We used to only have a firewall but now we have email security. It has a graphical interface and we can see the log every time. We can see that the performance is fine."
"Great at blocking spam."
"Barracuda Email Security Gateway has a good feature of email spooling, which acts as a first line of security."
"The most valuable feature of the Barracuda Email Security Gateway is the ATP."
"I like Barracuda's cloud sandbox feature."
"Barracuda Email Security Gateway has features like identify the spam source, rules to avoid some specific spams and then reschedule. And there are some other features like the email continuity, the email server and gateway site, which can relay the mail kit. The solution is user-friendly.These kind of features are the most valuable."
"The tool has a DLP solution which we can implement. Its database is updated regularly."
"At one point, there was a zero-day attack. The Cisco appliance detected it and stopped it, helping us out. We avoided the attack and potential damage."
"It has the IMS engine, Intelligent Multi-Scan engine, and it does a good job, right out-of-the-box, of blocking the vast majority of things that should be blocked."
"It provides good IT assistance."
"What I find the most valuable about Cisco Secure Email is that the logs are not that difficult to see even if you're not used to them. The logs are reasonably readable and diagnosing the problem is not too hard with them."
"It has the ability to tell us, after an email has been delivered, where else it went, once it got inside. Maybe it's something we wanted it to stop and it didn't stop it, but it notified us later that it was something that it should have stopped. It can give us a trajectory of all the other places that it went internally and it can tell us what files were transferred as well."
"We like the in-built features, like the email filtering based on the IP and domain. Cisco has its own blacklisted domains and IPs, which is very good. This filters around 70 percent of emails from spam, and we are seeing fewer false positives with this."
"The filtering is definitely better at catching both spam and malicious messages, and there's a lot of extremely granular ability for setting up rules. You can do it the way you want to. The Microsoft solution tends to be pretty limited in how it allows some of that to be done."
"Barracuda Email Security Gateway can improve reporting and anti-spam. The anti-spam engine is not working well. We are seeing a lot of problems where spam is going through the gateway. Additionally, access privilege should be given to the IT support, because they don't have a lot of privileges. We are forced to give our IT support administrative access in order to clear and deliver emails and this should not be happening."
"My customers were sending OPT bulk emails and Barracuda Email Security Gateway was not able to handle it. We have to go with another different solution, such FortiMail for the task. We are implementing these combinations of the Barracuda and FortiGate, for email security. The FortiGate FortiMail security gateway we use to send only the bulk email, not for receiving emails."
"The DMARC security is somewhat weak and could be strengthened."
"We still have critical threats coming into our environment and delivered to our users. When we compare it with other solutions, these other solutions can already detect those threats."
"The spam filtering is a little too aggressive. You can not get granular enough to back off on what is considered spam and what is not."
"Its integration with other solutions can be improved. There should be integration for telemetry information, system information, and other types of information with other solutions. Barracuda currently doesn't have that. Barracuda has its own platform. Its integration with firewalls is quite good, and it communicates really well with firewalls, but I have not seen any other integration. Based on what I know, it does have an API at the backend, but I have not used it."
"The pricing needs improvement."
"The solution could improve by adding DomainKeys (DKIM) functionality. This is something that is essentially required nowadays for outbound security. They do not have it on their on-premise solution appliance but they have alternate arrangements for their cloud solution."
"The tool's pricing can be improved."
"The solution does not have a strong outbound service. It should also integrate DLP."
"The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations."
"The pricing needs to be reconsidered or enhanced."
"There could be additional DLP functionality for it."
"We didn't get any malware, but a few phishing emails, maybe one or two, slipped in."
"We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. We may consider going to virtual systems."
"In future releases, I would like to see two main improvements come to mind. First, the current solution requires maintaining two separate operating systems for FTD, which can be cumbersome. I'd love to see a single operating system for the FTD box."
More Barracuda Email Security Gateway Pricing and Cost Advice →
Barracuda Email Security Gateway is ranked 2nd in Secure Email Gateway (SEG) with 51 reviews while Cisco Secure Email is ranked 2nd in Email Security with 55 reviews. Barracuda Email Security Gateway is rated 8.0, while Cisco Secure Email is rated 8.4. The top reviewer of Barracuda Email Security Gateway writes "Robust email protection with advanced features such as effective spam filtering, virus and malware defense, phishing protection and high scalability". On the other hand, the top reviewer of Cisco Secure Email writes "Has effortless spam control, improves security posture, and frees up our IT department's time". Barracuda Email Security Gateway is most compared with Microsoft Defender for Office 365, Fortinet FortiMail, Microsoft Exchange Online Protection (EOP), Proofpoint Email Protection and Check Point Anti-Spam and Email Security Software Blade, whereas Cisco Secure Email is most compared with Microsoft Defender for Office 365, Trellix Collaboration Security, Microsoft Exchange Online Protection (EOP), Fortinet FortiMail and Abnormal Security. See our Barracuda Email Security Gateway vs. Cisco Secure Email report.
We monitor all Secure Email Gateway (SEG) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi Kamal,
Firstly, you would have to recognize that there is/are no fast and hard rules to choosing a final preferred product, what works well for company A may not work extensively well for company B. Reason being that: the efficiency of the Security capabilities provided by one tool can be amplified by another tool, particularly for secure email gateway. Hence, if you have an XDR that you intend to leverage with your final product of choice, you will notice that you could experience a greater ROI than having a bare SEG tool.
However, I will advise based on a few realities of today's market in Q3 2022.
1. From my perspective, It will make sense if you take advantage of the built-in protection capabilities from your cloud email provider (I assume you are using O365 or Google mail) rather than investing in a secure email gateway (SEG).
2. Most forward-thinking organizations are shifting away from traditional SEG tools and moving towards ICES, in my opinion, you should ideally be looking for an email security solutions that use ML / AI-based anti-phishing technology for BEC protection to analyze conversation history to detect anomalies, as well as computer vision to analyze suspect links within emails.
3. Should you still choose to pursue SEG asides from an ICES, or you choose to go for an ICES, bear in mind that nothing beats doing a POC as it clearly should consider the security apparatus/investments you have already made in times past.
4. it will be best that you look for solutions that integrate directly into your cloud email via an API, rather than as a gateway, this will ease your evaluation and eventual deployment, besides it improving your detection accuracy, while still taking advantage of the integration of the bulk of phishing protection with the core platform
5. Without having an insight into your current email provider (cloud/on-prem) or other tools in your organization or budget, it will be difficult to give you a bit of precise advice.
Either way, all the best with your selection process, and wishing you a cyber-safe organization.
Tunde is absolutely right and is what I was trying to say in my first answer, Tunde did a better job though. AI based tools without a gateway can be installed in minutes, will pick up more malicious attachments, more content related bad stuff, provide better visibility and introduce controls for you staff to further improve the effectiveness. Typically these tools learn over time and therefore get better as you use them.
Don't forget to consider 3rd party risk by looking at DMARC, SPF & DKIM as well as domain impersonation
Have you considered Proofpoint Email Protection? It’s not one of the options you listed, but I recommend Proofpoint for advanced email security to everyone.
Proofpoint Email Protection defends organizations against advanced email-borne threats, including spear phishing and business email compromise (BEC) attacks. Proofpoint provides inbound and outbound email filtering with industry-leading accuracy to protect users from email-based malware, ransomware, and other sophisticated threats. Proofpoint also helps organizations defend against targeted attacks that use spear phishing emails to bypass traditional security defenses. Proofpoint's Email Protection solution is powered by the Proofpoint Global Intelligence Network (GIN), which processes billions of threat indicators every day to deliver real-time protection against the latest email threats. This combination of technology and intelligence makes Proofpoint Email Protection the most effective way to defend against advanced email-borne threats.
I highly recommend Proofpoint Email Security. My organization has had a great experience so far. The solution completely lives up to its price point.
Proofpoint is an industry-leading email gateway, which can be deployed as a cloud service or on-premises. Apart from providing essential encryption and spam filtering, Proofpoint Email Security solutions also have specific controls to stop BEC attacks. That’s what impressed me because Business Email Compromise attacks have devastating consequences for businesses. Proofpoint has an in-built Advanced BEC Defense engine that’s powered by AI and machine learning. It analyzes multiple message attributes, like header data, sender’s IP address, and message body for red flags and urgency.
We use Managed Proofpoint Security. Managed email security providers like ACE MSS provide Proofpoint Email Security solutions in an end-to-end managed service. With managed email security, you no longer have to worry about managing encryption keys or sudden email attacks. You’ll have a dedicated team of security experts monitoring and analyzing all incoming and outgoing email traffic.
Between the two? I prefer Cisco over Forcepoint. If budget is not a problem a hybrid Cisco Forcepoint multilayer. Or a hybrid Cloud + on-premises.
Bur someone asked about three options...? Which was the third? Why was intentionally avoided Proofpoint and compared "Sharks" with "Piranhas" or Barracudas?
I only can recommend Cisco because it´s the only one with which I'd worked enough. I think it is powerful enough and has a lot of possibilities. In addition, to a great support team.
Top brands don't mean best or most cost-effective. My advice is to look a bit further before you make a decision.
Evidence suggests that most top brands are pretty good at detecting and blocking malicious attachments, best case letting through 1%, but can be worse than 50% when it comes to detecting malicious links in the text of the email.
There are numerous less well-known vendors with lower-cost AI-based solutions that have a far better success rate, also providing employees the ability to report on suspect emails which auto-removes them from other staff members' inboxes until they have been properly assessed. Some will provide a visual risk score to the recipient to give them advance warning to be more cautious.
Combining this kind of capability with staff awareness products keeps your vendor list lower and further improves efficiency.
For around £2 GBP per user per month (less than $3) we provide different vendors depending upon the customer's environment but provided as a managed service. This allows our customers to outsource some of the monitoring and day-to-day management, spread the cost on a monthly basis, and flex how many licences they need on a monthly basis too i.e. if you drop 20 users don't pay for them but if you increase by 20 you don't need complex co-termination and pro rata discussions.