While the tool does a good job of blocking malicious emails, it does have limitations with its sandboxing
What is our primary use case?
It is an anti-spam solution, and we primarily use it for email anti-spam. It removes the spam emails, and we have our own manual filters to remove unnecessary or unwanted emails. So, it is working just fine. We have been using the solution for more than three years. We started on version 9 and are currently on version 11.1.
Pros and Cons
"We like the in-built features, like the email filtering based on the IP and domain. Cisco has its own blacklisted domains and IPs, which is very good. This filters around 70 percent of emails from spam, and we are seeing fewer false positives with this."
"The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working."
What other advice do I have?
I would recommend to use Cisco Email Security first as your email filtering solution, but do not rely on it as your only solution. I like the product because it is very easy to work with or we can make it complex if we want.