Email is the leading attack vector for security breaches, becoming the top priority of businesses all around the world. Threat actors send out an estimated 3.4 billion phishing emails and malicious content per day targeting end users and organizations of all sizes.
But that is not all, since businesses face additional advanced threats that will challenge their email security. From sophisticated malware to highly targeted Business Email Compromise (BEC) a, their inbox is in constant danger of a possible breach.
Specialized cloud based email solutions, like Cisco Secure Email, combine traditional security features such as malware blocking, with advanced email security protections to counter existing and emerging attack vectors before they have a chance to do harm.
Our review of Cisco Secure Email highlights the main features of the service, potential shortcomings, and how it compares to major competitors.
Cisco Secure Email Core Features
Here’s an overview on its main features:
Phishing and Anti-Spam Defense
Cisco combines several protections to block phishing emails before they reach a user’s inbox.
- Sender authentication: Cisco supports Sender Policy Framework (SPF), DomainKeys Identified Email (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC),
- Domain reputation: uses signals such as domain age or the date of registration to determine legitimacy.
- URL filtering: scans links in emails using Talos Intelligence to categorize them. Supports real-time URL rewriting.
Regarding its spam protection, Cisco relies on Talos SenderBase for blocking emails from known malicious or low-reputation senders. It uses machine learning and heuristics to analyze emails and detect spam based on content and other factors.
Antivirus
Sophos provides anti-virus and anti-malware technologies for Cisco’s email security products. Businesses may book McAfee antivirus as an add-on to get scan results from two independent solutions instead of just one.
All plans include dynamic analysis capabilities to detect and deter advanced malware threats. The service uses a virtual sandboxed environment to detect and isolate 0-day malware. The number of file samples that may be tested is limited in the Essentials plan though.
File reputation relies on Talos Intelligence to block files based on their hashes if they are known to be malicious.
Cisco Secure Email Encryption
Secure Email encryption provides advanced options and controls to protect sensitive emails. A core difference to solutions that require the same technology on the sender’s and recipient’s side, is that Cisco encrypted emails can be opened by the recipient on any endpoint without the need for special software or applications.
Data Loss Prevention (DLP)
Data Loss Prevention’s main goal is to prevent the leaking of sensitive information in emails. The security feature is rules-based and designed to stop accidental or intentional leaks of information via email.
Business Email Compromise (BEC) Protection
Business Email Compromise aims for high-value targets in an organization and its losses continue to increase year over year. Cisco offers protections against impersonation attacks using a combination of analysing email headers, patterns and display name spoofing mitigations.
Reporting and Analytics
Reporting and analytics are one of Cisco’s strongest features. It allows administrators to track spam and malware detection and remediation rates, gain visibility on user activity, generate compliance reports, or monitor and analyze data loss to prevent incidents.
Cisco Secure Email License Comparison
| Secure Email Essentials | Secure Email Advantage | Secure Email Premier |
|---|---|---|
| Anti-spam, Sender Domain Reputation and URL-filtering | Yes | Yes |
| Outbreak filters | Yes | Yes |
| Antivirus | Yes | Yes |
| Secure Email malware defense and analytics | Yes (limited) | Yes |
| Graymail detection | Yes | Yes |
| Data loss prevention | Add-on | Yes |
| Secure Email Encryption Service | Add-on | Yes |
| Safe unsubscribe | Add-on | Yes |
| Secure Awareness Training | Add-on | Add-on |
| Secure Email Threat Defense | Add-on | Add-on |
| Secure Email domain protection | Add-on | Add-on |
| Intelligent multi-scan | Add-on | Add-on |
| Image analyzer | Add-on | Add-on |
| McAfee anti-malware | Add-on | Add-on |
| Cisco Secure Email management | Add-on | Add-on |
Secure Email Threat Defense is only included as part of the Premier subscription. Essentials and Advantage subscribers may book it as an add-on.
Cisco Secure Email Pricing
Like most of its competitors, Cisco does not highlight pricing information on its website. Price is determined by several factors, including the selected product and number of user licenses.
While there do not appear to be free trials for the entire package, prospective customers may sign-up for a 30-day free trial of Cisco Secure Email Threat Defense, which is compatible with Microsoft 365.
Security Features and Compliance
Cisco Secure Email complies with the following standards and certifications:
- Health Insurance Portability and Accountability (HIPPA).
- Payment Card Industry Data Security Standard (PCI DSS).
- General Data Protection Regulation (GDPR).
- Gramm-Leach-Biley Act (GLBA).
- Sarbanes-Oxley Act (SOX)
- Common Criteria Evaluation Assurance Level 2+ (EAL2+)
- FIPS 140-2 Compliance.
- ISO 27001.
- SOC 2 Type II.
- FedRAMP.
Customer Support and Help
Cisco maintains a knowledge base for customers, which acts as a self-help portal. Customers may also join the Cisco Community to interact with other members of the community directly.
Cisco offers secure awareness training, but it is only included as part of the Premier package. Businesses who subscribe to another tier need to purchase it as an add-on.
What We Liked Most About Cisco Secure Email Threat Defense
Cisco supports cloud-based, hybrid, and on-premises deployments, including hardware options via Cisco Secure Email Gateway. This gives organizations flexibility, as virtually any setup is supported in one way or another.
What Cisco Secure Email Threat Defense Could Do Better
While Cisco offers impressive real-time protection capabilities for virtually all email ecosystems, it integrates best within Cisco’s own ecosystem and may limit environments that use multiple solutions.
Pricing can be high, especially for on-premises or hybrid solutions that may require higher tiers. This, along with complex, but highly detailed, configurations, make Cisco Secure Email less of an option for smaller businesses.
Finally, post-delivery threat detection and remediation is lacking when compared to its main competitors, especially for its on-premises and hybrid solutions.
Cisco Secure Email Alternatives
Cisco Secure Email’s main competitors include Proofpoint Email Protection, Mimecast Advanced Email Security, and to a degree, also Microsoft Defender for Office 365.
Cisco Secure Email vs. Mimecast
Mimecast offers strong cloud-based security features that are powered by AI and machine learning, and it extends protection to Microsoft collaboration tools. Mimecast’s solution, while offering a similar feature set, has a lower complexity.
Proofpoint vs. Cisco Email Security
Proofpoint’s solution has a strong focus on protecting high-risk users in addition to taking care of general types of threats such as phishing. Its Very Attacked People feature protects VIPs, such as the company CEO or Chief Finance Officer, from attacks.
Microsoft Defender for Office 365 vs. Cisco Email Security
Microsoft Defender for Office 365 integrates with Microsoft’s ecosystem only. It may be an option for companies that use Microsoft products exclusively, but it falls short when that is not the case. The service lacks some of the advanced features of its main competitors on top of that.
Final Thoughts
Taken all into consideration, Cisco Secure Email’s service is a strong email security product that is well suited for medium to large businesses that are ideally already using other Cisco products. These are the prime sales targets since its complexity and pricing make it less ideal for smaller businesses.
Security features, especially the integration of Talos Intelligence for threat detection, is one of the strongest points of Cisco’s offering. Apart from threat prevention, it is also supporting cloud, hybrid, and on-premises scenarios, and interesting add-on services that extend the core service at a price.
On the downside, some common security features, like DMARC, are only available as add-ons. The competition has an advantage here, as these are included in all plans.