CISCO IRONPORT SCANSAFE WEB FILT 3YR
Mfg.Part: SS-WFMS-3Y-S4 | CDW Part: 3701625
CISCO IRONPORT SCANSAFE WEB FILT 3YR
CISCO IRONPORT SCANSAFE WEB FILT 3YR is rated out of 5 by 7.
Rated 4 out of 5 by RegionalICT835j from Customized filtering has been very effective and useful for us What is our primary use case?We use it to secure our email system, to cut down on all the bad emails that we would otherwise receive.The reason for implementing the product was the huge increase in spam and junk mail which occurred when we were adopting these devices. There have been some changes in the way that email is delivered since then, and one or two of the major spam sources have been taken down or prosecuted or jailed. Today, we have less blanket-spam, but we have more targeted phishing emails or spear phishing.The combination of emails with links that encourage users to give away their user login information can cause problems. When someone's account is compromised it can result in access to our global address list and access to emails that the compromised user may have sent. Therefore, they have details of the format and the style emails that our company uses. We have communication threads that they can take advantage of because they can inject their fake emails into an existing communication thread and try to fool a supplier or client into giving more information or, worst-case, giving money to the wrong person.How has it helped my organization?When we first had Cisco hardware, we were having significant problems in that we were getting something like 10,000 emails per device per hour. We have four devices, so if we calculate that up it was like 1,000,000 emails a day, and most of those, about 99 percent, were junk mail or spam.We had a major problem with email, and introducing Cisco ESA systems was a set change for us. It reduced the number of unwanted emails by a huge factor. That has continued to be the case, from when we first got the devices, until today.Previously, we had other email security appliances, and they were overwhelmed by the volume of email that we are receiving as a company. The introduction of the ESA systems had two effects for us:* They significantly reduced the number of emails that were even considered for delivery or for being accepted into our company for internal routing.* It gave us another line of defense. We use the ESA systems as our first line of defense which we then follow up by another manufacturer's email security appliance, which gives us a second level. Subsequent to that, we've adopted another layer of email security. So we now run three layers.What is most valuable?Initially, the most valuable feature for us was the SenderBase Reputation, because that reduced the number of emails that were even considered by the system by a huge number, before we ended up processing them to get through the spam, the marketing, and the virus-attached emails.Since then, customized filtering has been very effective and useful for us.In addition, Cisco has developed the product with its Talus product. They've developed the ESA systems so that instead of just specifically stopping known spam sources and using that to stop virus-infected emails, the Talus solution which they're now providing has a lot of attraction because it helps to prevent phishing emails.Things such as Sender Domain Reputation, which is a relatively new feature, are attractive because when there's a pop-up domain, which might be a look-alike of your own company domain, or it might be a look-alike for some other company like Microsoft, it gets a bad reputation, and the ESA systems will reduce the possibility of these emails delivering to the recipient's desktop.What needs improvement?We have occasionally had hardware problems because we are using an appliance-based solution, but that might change.For how long have I used the solution?More than five years.What do I think about the stability of the solution?The system is very stable. We have had very little downtime and the system is, in general, reliable.We have occasionally had hardware problems because we are using an appliance-based solution, but that might change. We may consider going to virtual systems. In general, we have had a good experience with this product. The hardware, given occasional failures, has been very reliable. There is an upgrade process for keeping the system running with the most current, recommended version of AsyncOS. We have had very few problems where an upgrade has gone wrong. We've been very pleased with the solution.What do I think about the scalability of the solution?The scalability is good because when you have appliances such as we have, if you have the infrastructure and the available resources, you can install additional virtual appliances. From the point of view of scalability, if there were a problem with performance, it is possible to add other systems or devices, even though they are virtual, and they all fall under the same control interface. They are all a part of the same cluster so they are all relatively easy to manage.We currently have 11,000 employees and a large number of those users hold email accounts and email addresses.We have a 24-hour operation because our company is located in 62 countries, so we have to respond relatively quickly because email is important. We have a department that deals with IT security and likely, at a minimum, we would have six people who have the capability to work on these systems. But in reality, because the systems are very stable, we have three or four people who regularly work on them. All the people who maintain the system are currently in the same department as me and all of them are considered IT security officers. They deal with other systems as well as the email.How are customer service and technical support?Cisco's technical support is, perhaps, taking a different approach to the way that IronPort ( /products/cisco-email-security-reviews ) managed systems. Cisco tends to try and answer questions or problems by email more, initially, rather than talking to someone on the telephone. Sometimes that's not quite as good as IronPort ( /products/cisco-email-security-reviews ) was.But, in general, Cisco is good in that when we have a question they will respond quickly. But equally, because we've had these systems for several years, there is a good pool of experience in our security team so that we don't regularly have to ask questions of Cisco support.If you previously used a different solution, which one did you use and why did you switch?We switched to using IronPort because it gives us a second line of defense from spam, phishing, and all the other problem emails. One of the reasons was that there was a major spike in the number of spam and junk emails that people were sending from when we first got these systems.The other system that we had was suffering from performance problems because it was being overwhelmed by the volume of emails that were being delivered to Fugro. The other product was still a good product, but it didn't have the performance to handle the volume of email. With the IronPort system being used as a first line of defense, it probably would have done everything that our previous system did, and we could have just removed it from our email processing.However, we wanted to retain the old system because it had some nice features to do with additional email filtering. Having IronPort as a first line of defense was really good, and then, it was possible to do special filtering and other email reaping on this other system. The other system could then perform at a good level because it was not being overwhelmed by the huge volume of spam, junk, etc.How was the initial setup?The initial setup was very straight forward. Having said that, we had a lot of experience in email systems before we set up these devices. But to get the most out of the functionality of the devices it took us some time to implement custom email filters. These were detecting targeted phishing email, although they weren't called that back in the days when we first got this type of hardware.This was in the days before it was common to have virtualized systems. The systems we had at the time were probably the type that might have been considered by a small ISP. At the time it might have been Cisco ESA 310 or 320 systems. It was a long time ago. We have had those systems on contract since then. We've regularly upgraded the systems when the contract has been renewed.We've had the systems configured in a cluster where the cluster spans more than one email gateway. Email gateways are located in different countries, so although we have different places where the email can be delivered to Fugro and from where Fugro sends email, the systems are all managed from the same interface and console, even though the systems are in different countries.What about the implementation team?Because we had the systems before Cisco bought IronPort, we used some assistance from the then-IronPort company for the initial set up. But our own personnel were involved in training courses, so most of the configuration was done by Fugro people.The IronPort consultants were very good. Because the company was keen for business, they were keen to assist us. At the time, we were, perhaps, one of the more unusual cases because of the quantity of junk, spam, and other types of emails that were being sent to Fugro recipients. IronPort, at that time, was very responsive, very helpful, easy to deal with and, usually, very knowledgeable about the product.What was our ROI?It would be fair to say we have seen return on investment using this solution, but I'm not the person who spends the m...Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2019-05-02
Rated 3 out of 5 by HeadOfSe948f from While the tool does a good job of blocking malicious emails, it does have limitations with its sandboxing What is our primary use case?It is an anti-spam solution, and we primarily use it for email anti-spam. It removes the spam emails, and we have our own manual filters to remove unnecessary or unwanted emails. So, it is working just fine.We have been using the solution for more than three years. We started on version 9 and are currently on version 11.1.How has it helped my organization?In regards to what we filter out, we don't have a lot of information. We have a small team who handles most of the software, including the email filtering and email security.The solution drops bad email, like the spam or emails with viruses. We are not currently doing further analysis to indicate what was really targeted, or determining if something else with generated, malicious or spam. The filtering is okay, and we don't have complaints from our customers or users, so we aren't doing any further steps.The email processing and event logging are very detailed and valuable. They are also helpful when we troubleshoot email issues and perform email analysis, even though the logs are not structured properly.What is most valuable?We like the in-built features, like the email filtering based on the IP and domain. Cisco has its own blacklisted domains and IPs, which is very good. This filters around 70 percent of emails from spam, and we are seeing fewer false positives with this.The notifications about why the emails were blocked is a good feature.What needs improvement?Having Cisco Email Security as a standalone solution is not good enough. It needs to be combined with another solution. For example, it will not stop all phishing and malware. We tried having only Cisco Email Security (IronPort) and faced multiple issues due to the sandboxing. The sandboxing for this solution is not up to mark and needs improvement. It does not detect much at the moment, just the set criteria that it already has designated.The solution needs to improve its advanced phishing filters. It is very good at filtering things which have bad reputations. However, when phishing or malicious emails are new or coming from a legitimate source, we don't feel that the solution is working.While the tool does a good job of blocking malicious emails, it does have limitations. For example, it sometimes cannot identity file extensions and sends through files that we don't want, like OneNote. We can filter by file name extension, but it is too easy to change the file name extension by adding numerical characters, etc.For how long have I used the solution?Three to five years.What do I think about the stability of the solution?We expect 95 to 98 stability (perfection) in the product.We have one person doing maintenance, which is me. I handle this product along with three other security products.What do I think about the scalability of the solution?We are currently utilizing all the features in the product.We have 1100 users.How are customer service and technical support?The support is great. They are very fast with their responses and are very knowledgeable. Its support is available 24 hours. These things are very good.If you previously used a different solution, which one did you use and why did you switch?We did not use a solution prior to this one.We were looking to automate most of the stuff related to email filtering, so the solution bought from IronPort (now a part of Cisco) was to reduce our workload.How was the initial setup?The initial setup was straightforward, but very lengthy, because it powers up most of the options from the email filtering solutions. While it is good, it will take some time to implement all the features, compared to other solutions.It is very simple to set up, but we decided to set it up with exceptional cases. Cisco is more flexible compared to other solution, but it could still improve, especially in the area of ruling logic and enhanced communications. With some other email security products, we can have very complex conditions which we can filter out. This is still not available with Cisco Email Security.It takes a minimum of a month to build the setup. However, for a good set-up, it will require one year to put in place all the options in place. We had to understand how the emails flowed.What about the implementation team?An implementation partner, SecureLink, helped with the setup. They did a good job and were knowledgeable in the product. But, as an implementation partner, they do not take responsibility for any failures of the product.Cisco helps with the day-to-day.We set up the filtering options ourselves.What was our ROI?We have seen ROI. Only 70 percent of phishing and bad emails are getting through. There are very few solutions that boast this percentage of filtering. This level of filtering helps our company.What's my experience with pricing, setup cost, and licensing?It is not that costly. We pay for the solution through a contractor and pay an annual fee.Which other solutions did I evaluate?We are currently using two different email security products, which is how we are able to identify the pros and cons of Cisco Email Security. We use a similar product called FireEye. It can detect based on sandboxing. Anything bad that it sees, it will detect. It is not based on file extension or file types. Recently, we have been able to block with it using some type of file extensions or hash.What other advice do I have?I would recommend to use Cisco Email Security first as your email filtering solution, but do not rely on it as your only solution.I like the product because it is very easy to work with or we can make it complex if we want.Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2019-05-02
Rated 4 out of 5 by Informate83d from Black-listing and white-listing are highly intuitive and easy to do What is our primary use case?It's our primary enterprise email gateway. It's the first stop for edge email security.How has it helped my organization?One of the things that I like most is that, since we do have a Cisco Enterprise agreement - we have a lot of Cisco products - we're able to consolidate reporting a lot better. Reportability is a lot more end-user accessible, or easier to acquire. The solution overall does what it does, but being able to quantify that, put it into reports that are easy to analyze, is probably the best and the largest gain that we acquired in switching.What is most valuable?One of the nicest things is that parts of it are highly intuitive. For instance, black-listing, white-listing, and things of that nature are very easy to do and they're very intuitive. You wouldn't even need any training to be able to perform those actions straight out-of-the-box.Even though it's not perfect, it has the IMS engine, Intelligent Multi-Scan engine, and it does a good job, right out-of-the-box, of blocking the vast majority of things that should be blocked. Again, it's not 100 percent, but out-of-the-box I didn't have to touch it, I didn't have to tune it, I didn't have to tweak it. I believe it leverages the threat-intelligence database and does what it needs to do in making sure that the bad stuff stays out and virtually all of the good stuff makes it through.What needs improvement?We find bugs, just like anyone else. We bring them to Cisco's attention.If there was one area I would like to see improved it might be having someone who can help us when Cisco comes out with a new product. Let's say I'm going to be purchasing and utilizing version two of this product. They assign me an account specialist and a technical specialist to help with the bring-up. It would be nice if the specialist would be able to help foresee some of the issues we might run into, specific to the version we're implementing. I know that's a bit of a loaded issue because sometimes it depends on your particular environment. I know that's very difficult.But, there have been some instances where particular hiccups could have been avoided if the individual assisting us was slightly more versed in the version that we were going with. Maybe he could have told us that it wasn't the version we should have gone with. Maybe we should have gone with a previous version and then skipped over this version until they came out with a more upgraded version of it. The version we first chose might be a stable version in general, or it might be stable for other environments, but not for our particular environment.There's one other thing I would like to see. It would be nice to have an easier way to check on the health of the system, how stressed these appliances are. Sure, you can do it, but it would be helpful to have an easier way to do it, maybe even at a glance. That was something that Proofpoint had that I wish I had here. That would be very useful.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's been stable. I don't have to do anything with my email gateways. They chug along and they do what they do. They don't always get it perfect, but I have never had one fail on me. And I've never had a problematic appliance that I'm aware of. We had Proofpoint for a lot longer, but if I were to compare the percentages, I would have to say that the stability of Cisco appliances is superior to that of our previous Proofpoint environment.What do I think about the scalability of the solution?We haven't had to address scalability. The umbrella IronPort is broken down into two halves: email security and web security. I haven't had to deal with the scalability of the email security at all. But since they're both under IronPort, I have had to deal with scalability on the web security end. Relying on some of that experience, my assumption is that the way it worked for the Web Security Appliances is probably pretty similar to how it works for the Email Security Appliances. With that in mind, I can say that scalability is not an issue. It's as easy as just bringing another ESA into the cluster.In terms of plans to increase usage, if you ask any enterprise they're going to tell you, "Yes, of course, we're going to grow, and as we grow we're going to use more." And the reality is, any growing enterprise is going to utilize email more and more. As the landscape morphs and changes, so do your rule sets and the features available to you on these appliances. Will we be using it more and more? Absolutely. Will it be a daily thing? Absolutely. I'm in these appliances every single day, taking a look and tuning where necessary and trying to find more efficient ways to handle the email traffic flow. It's safe to say that for any enterprise that's going to be the case.If you previously used a different solution, which one did you use and why did you switch?We were using Proofpoint and then we switched to Cisco. As I mentioned above, reportability was one of the main reasons we switched, but the biggest one was cost. If you can get an equivalent functionality for a better price it's wise to do so. That's what our primary decision came down to: We could get equivalent functionality at a lower price point.How was the initial setup?There were definitely parts that were straightforward. The initial bring-up of the gateways was actually cloud-hosted and was done primarily by Cisco. There were definitely aspects of it that I didn't even have to touch and it was wonderful. They just did it for me and that was great.When I took over administration there were aspects that were definitely easy and intuitive like the basics of being able to set blocks and set allowances when you have false-positives and false-negatives. It kept the basics simple.Of course, just like with any enterprise technology product, it can get as complicated as you want it to. There are a lot of granular controls that you have the ability to tune, but doing so requires more in-depth knowledge and more in-depth training and making sure you know what you're doing. Otherwise, you can end up doing things you never intended to do.The initial bring-up, the initial switch from Proofpoint to Cisco, was pretty quick. We had a little bit of redundancy but the overlap was a couple of weeks at most. I would condense it down to about a week, because there was one week where it was mainly status updates. As far as tuning the appliances and tuning the filters go, that's an ongoing process for me. I still do that today.In terms of implementation strategy, you want to minimize downtime, so it's important tor run in parallel for a little while. Thankfully, we had the ability to point some test traffic to the new appliances before moving the rest of the enterprise over. So it was:* run in parallel* send test traffic to the new Cisco gateway appliances, to make sure that things are flowing the way we'd expect them to* and then we staged it a little bit more.We accept emails from multiple domains and we moved our primary domain last. We started by moving over some of the lesser-used domains to verify things were okay and then moved over the primary domain last. It was a typical implementation that most people have: Run in parallel until you verify, and then move everything over.Regarding staff for deployment and maintenance, right now it's just me, but it's unwise to have just one. What happens if I get hit by a bus? To do this properly you would need at least two.In an enterprise you end up with a myriad of email hiccups. Email hiccups are one of the most common. Being on the information security team, you have to look at it in a multi-faceted way. That means I'm not just looking at the flow of data. I'm also having to analyze the contents of the data and then start to determine whether I need to dig further into it to see if this particular message possibly went to multiple recipients. That's the investigative piece. The administrative piece is a given, but then you also have an investigative piece on top of that. That can be a lot to do, it could be an overwhelming amount for a single person to try to do. That's especially true when something does happen.One person is probably going to be consumed with trying to do all that. Is it doable? Sure. Is it advisable? No.What about the implementation team?Since we are using Cisco cloud appliances, we had to have Cisco's involvement. They brought up the cloud appliances, where the initial configuration is done, and then we were the ones who started doing the final configurations, the moves and the migrations, as we entered the testing phase. We then moved more toward the final production move.In terms of our experience with Cisco reps, I can speak on it more broadly as well, not just from a shear email-security perspective. When implementing a Cisco product, they're great in those initial stages. You get that expert help and it's a relatively smooth bring-up. For the things that go wrong, you have a Cisco person working with you who has the answer or knows who to go ping to get the answer. It's really nice.That changes a little bit as time goes on. Once that expert is no longer helping you with your initial bring-up, then you rely more on the vendor's support matrix to get your solutions further tuned and to work out the little wrinkles as you experience them. Of course, it is universal - I haven't seen an example where this is exception - that th...Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2019-05-01
Rated 4 out of 5 by Syed A Raheem from Efficient and fast, the solution is almost transparent in its operation What is our primary use case?Protection against external email threats is our primary use case.How has it helped my organization?Less spam means more productivity; less time is wasted, helping both users and the security team.What is most valuable?Anti-Spam and Advanced Malware Protection are the most valuable features. They provide protection from most email threats and we also have the option to block Zero-day attacks.What needs improvement?The configuration UI should be made more intuitive. Currently, it takes a while to understand how to do the basic configurations.In terms additional features, I would like to see customization of reports and dashboards.For how long have I used the solution?One to three years.What do I think about the stability of the solution?IronPort is indeed a very stable solution, including both software and hardware.What do I think about the scalability of the solution?Scalability is very good. We have not faced any hiccups over the years with a 15 percent increase per year in the number of users. We currently have 3,000-plus users in our organization. It is one of the main security controls we have and is used extensively. We don't have any plans at the moment to increase usage, but that might change.How are customer service and technical support?We connect through a local/regional partner. Cisco is not good in dealing proactively or even reactively, so we end up relying on partners.How was the initial setup?I cannot answer in detail about the initial setup because it was done before my tenure began. In general, it is a complex configuration.Regarding an implementation strategy, it is best to define basic policies that deal with malware and spam-blocking which apply to the whole organization and then configure specific policies for individual and departmental needs.Deployment shouldn't take more than a couple of hours for a team of two engineers.What was our ROI?We have seen ROI in the processing time. It processes efficiently and fast. It is almost transparent in its operation. We only need to worry about our email infrastructure. Security and performance-wise, it does not add any overhead or latency.Which other solutions did I evaluate?I am familiar with McAfee and Symantec to some extent. But we have not used those solutions in our production environment. I can't say much about specific differences between the solutions, but Cisco is more stable and we have not faced any issues with its detection capabilities that would make us look at other solutions.What other advice do I have?My advice would be to have a very good partner because Cisco will not be proactive in helping and educating you.It has a complex UI and configuration menu but the product works well, both in terms of security and performance.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-04-29
Rated 4 out of 5 by MichaelLawrence from Helped with mail filtering and load balancing between Exchange servers What is our primary use case?The primary use case was for email security and load balancing between Exchange mail servers.How has it helped my organization?From a security standpoint, IronPort really helped with the mail filtering and load balancing between the Exchange servers they had. IronPort enabled us to blockade domains that send these emails. IronPort gave us fantastic service.By the time I administered it, I was able to block some 25 or more domains.What is most valuable?The filtering is something I found very valuable.Also, the users were able to do a check by themselves on quarantined emails. They could check if a valid email had been stopped, if it matched up with the SPF certification. The kind of environment we ran was a kind of complex environment. For us to be in compliance with PCI DSS and ISO 27001, the users needed to implement this and we needed to know how often we got unsolicited emails and how to mitigate users being victims of spear-phishing or phishing attacks.What needs improvement?One of the things that Cisco could improve on with IronPort is the support. Cisco doesn't really have enough engineers who have full, hands-on knowledge of IronPort. Knowledge of it is not something you can find easily compared to other security appliances. They could also share more technical resources on how to do conversions.I did a video tutorial while I was training on CISSP and on CCIE security. There was a series that had the ESA in it and also the WSA. I was able to follow most of the configuration and explanation from the instructor.Also, if ESA and WSA could be brought together, it would make a better appliance, one wholesome appliance.For how long have I used the solution?One to three years.What do I think about the stability of the solution?From my perspective, it's pretty stable. We didn't have any issues.What do I think about the scalability of the solution?It's scalable. In the enterprise in which I had to deploy it, there were between 500 and 1,000 users, so the scalability is quite okay. We had two ESA boxes and there was load balancing using Cisco ACE. The scalability is okay.There weren't any plans to increase usage, as far as I can remember. It was used very well and they're still using it. I do interact with the current engineer now, and I don't think there has been a serious issue of late. The only issue he told me about is some outside mail is being trapped by the current site.How are customer service and technical support?I did contact support once or twice before I left and that was during the license regeneration. We had an issue which was more like a wrong configuration. There were some steps that needed to be taken to correct it. Support was awesome, although it took a while.How was the initial setup?Because I had a video walkthrough that I made use of, I found the configuration pretty easy, not so difficult. Also, the prior knowledge of my then-line manager gave me an edge, helping me with using and administrating it.The deployment I did last was done within five to ten days.IronPort has been in production before I got the job. They had issues because the configuration was not suited to the business. What I had to do was a clean configuration, reload it, and start the configuration all over again.I and my line-manager were the ones who were involved. I did a larger chunk of the job. I was the only one maintaining it until I handed it over to the network engineer who took over from me. Maintenance takes one person or two.What was our ROI?It reduced the costs resulting from phishing attacks on the organization. That was one of the major reasons for deploying Cisco IronPort.What's my experience with pricing, setup cost, and licensing?There were no other costs in addition to the standard licensing fees.What other advice do I have?So far, so good. IronPort was fantastic. It's an awesome solution, but I don't think it's something for a small-sized organization due to the licensing cost. I think it's a great solution for email security.I would rate Cisco ESA at eight out of ten because of the awesome functionality and features. The only downside with it is the knowledge about it. When I was trying to enable cloud encryption services on it, allowing you to encrypt emails to send confidential emails to a third-party, the resources on that were not that grounded and the technology was somewhat difficult to configure. The way the technology works for email encryption services is not ideal because once you send an email to someone, he has to click on a link and be redirected to a web portal, rather than having everything done on his email platform.Disclaimer: I am a real user, and this review is based on my own experience and opinions.
Date published: 2019-04-23
Rated 4 out of 5 by Anonymous from Adds another security layer without slowing down the business or network performance What is our primary use case?Our main deployment is for a shipping company. We're protecting their local Exchange Server and their online Exchange email.How has it helped my organization?It means less malicious email, fewer interruptions, and less risk. It actually circumvents malicious emails; rather than getting to the users, the users don't see them. End of story. There's a risk without it. The user might get the email and might click on the link. Once that happens, they are toast, as is the network.The number of malicious emails it blocks differs from one company to another. It depends on the volume of email they get. I would say on average, depending on how many users there are, it could block 1,000 emails a day.What is most valuable?The most valuable features are protection against ransomware and spam. Those are the main two features. It also adds an additional layer to your networks. Cybersecurity isn't a comprehensive solution. You have to keep on adding layers without disrupting the flow of the business. The Cisco Email Security ( /products/cisco-email-security-reviews ) appliance does that, where it adds another layer without slowing down the business or the performance of the network.What needs improvement?The user interface needs some improvement to become more user-friendly. The graphics could be better. It's designed more for a technical user rather than a business user.The solution has flexibility. I think they are working on improving it as we speak. They're responsive to the feedback we give.For how long have I used the solution?One to three years.What do I think about the stability of the solution?It's very stable. We haven't had any issues or downtime.What do I think about the scalability of the solution?It's very scalable, especially the cloud version. You can get up to about 100,000 users on the appliance but the cloud version is more flexible. When you do scale it up you don't see slower performance.In the largest environment in which we've implemented it, there are 200-plus users. It's utilized by 100 percent of the users. It's not at 100 percent capacity.How are customer service and technical support?Their technical support is very good. We haven't had any issues. Their response is very prompt and they are very knowledgeable.How was the initial setup?The initial setup is straightforward. There are two flavors. There's the cloud-based and the appliance. With the cloud-based solution you just point your email server to the IP address in the cloud. With the appliance, you just install it into your rack and connect it to the Exchange Server. The cloud deployment takes about ten to 15 minutes, and the appliance, because you have to install it, takes about 60 minutes.It requires just one person for deployment. It doesn't require anybody for maintenance. You just set it and go.What was our ROI?The return here is more security and fewer interruptions. It's more stability and productivity versus less productivity, although I'm not sure how you can quantify it.It's a time-saver. If you get interrupted by ransomware or a hack, it could be costly. Every breach, just the cybersecurity breach, on average costs at least $65,000 to fix, let alone the interruption in work and retrieving data, according to industry sources. You could say that you're minimizing your costs by $65,000.What's my experience with pricing, setup cost, and licensing?Licensing costs depend on how many users there are. It could range between $5 and $7 per month, per user. There are no costs other than the standard licensing fees.What other advice do I have?There is no totally comprehensive solution in cybersecurity. I find Cisco Email Security ( /products/cisco-email-security-reviews ) to be comprehensive, but it's not 100 percent. There is no silver-bullet solution when it comes to cybersecurity. You better keep on adding protection layers to your network. Don't think you're not going to be a target. As a small or medium business, you will be targeted. It's so easy to get through a firewall nowadays. One layer of cybersecurity is not going to do it. You need to add two, three, four layers.It's just like going to the airport. The first thing you see is the check-in desk. They check who you are, that you have valid credentials, where you're going and why. Then you go through the scanners. Then you go through another layer of security. Once you get through, you're also being watched to make sure that you don't become "malicious." There are a lot of layers.I would rate the solution at nine out of ten. What comes to mind when giving it that rating is ease of use. Just set it and go. A better UI would make it a ten.Disclaimer: My company has a business relationship with this vendor other than being a customer:Partner.
Date published: 2019-04-21
Rated 4 out of 5 by Sofiane Medhkour from This product has made my on-premise messaging platform more secure What is our primary use case?i'm usining it as frontal gateway for controlling and securing the mails flows to my on-premises exchange serversHow has it helped my organization?This product has made my messaging platform more secure. it contain and extended security feature ,policy rules for filtering , and multiple engine for scaning add to that encription , security is very important for critical business with data inhouse.What is most valuable?after doing a third party pentesting, they found the security at a high level regarding the messaging security part testing,and the only recommendation they gave and need improvement is adding the sendboxing, for those attack ranked at zero day attack, which can't be detected.knowing i'm using premium licensing, i checked the Advanced Malware Protection (AMP), which is on-demand feature, i found that, this feature act like a sendboxingWhat needs improvement?With each product release since 2012, they have continuously fixed our issues or complaints. In the beginning, it needed a lot of work. Now, we are happy with it.For how long have I used the solution?More than five years.What do I think about the stability of the solution?It is currently stable. I will upgrading next year, but the current version has been working great for six year.We have two people (system administrators) performing maintenance for the system and security part for the company.What do I think about the scalability of the solution?Everything is fine with the scalability.We have 400 users on this product, with two site, 2 physical appliance in one site and one physical appliance in the second site the three working as a cluster, and next year, we plan to increase our usage and move to the newer physical appliance version. because those we're using , are arriving to them end of life soon.How are customer service and technical support?The technical support is good.Right now, I am paying for it, but I don't use it because the solution is stable.If you previously used a different solution, which one did you use and why did you switch?I have previously used McAfee, Kaspersky, TrendMicro, barracuda, websense.How was the initial setup?The initial setup was complex because I have two sites with physical clusters. and i made it alone during the working hour without interruption.The length of deployment will depend on the complexity of your infrastructure and your knowledge.What other advice do I have?This product is the complete solution and the real deal.I am using the on-premise version.Disclaimer: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Date published: 2019-04-08