Overview:
Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate communications. Each day, more than 100 billion corporate email messages are exchanged. As the level of use rises, security becomes a greater priority. Mass spam campaigns are no longer the only concern. Today, spam and malware are just part of a complex picture that includes inbound threats and outbound risks.
Cisco Email Security solutions defend mission-critical email systems with appliance, virtual, cloud, and hybrid solutions. The industry leader in email security solutions, according to an Infonetics Research 2013 study, Cisco delivers:
- Fast, comprehensive email protection that blocks spam, malware and other threats while providing protection before, during, and after an attack
- Flexible cloud, virtual, and physical deployment options to meet your ever-changing business needs
- Outbound message control through on-device data loss prevention (DLP), email encryption, and optional integration with the RSA enterprise DLP solution
- One of the lowest total cost of ownership (TCO) email security solutions available
Cisco’s all-in-one solution offers simple, fast deployment, with few maintenance requirements, low latency, and low operating costs. Our set-and-forget technology frees your staff after the automated policy settings go live. The solution then automatically forwards security updates to Cisco’s cloud-based threat intelligence solution. This threat intelligence data is pulled by the Cisco Email Security Appliances (ESAs) every three to five minutes, providing you with industry-leading threat defense hours or days before other vendors. Flexible deployment options and smooth integration with your existing security infrastructure make Cisco Email Security an excellent fit for your business needs.
Real-Time Threat Intelligence
The Cisco Email Security Appliance (ESA) is powered by Cisco Security Intelligence Operations (SIO), our industry-leading threat intelligence organization.
Cisco SIO detects and correlates threats in real time using the largest threat detection network in the world. It monitors 100 TB of daily security intelligence, 1.6 million deployed security devices, 13 billion daily web requests, and 35 percent of worldwide email traffic.
Cisco SIO prevents zero-hour attacks by continually generating new rules that feed updates to the Cisco ESA. These updates occur every three to five minutes to provide industry-leading threat defense hours and even days ahead of competitors.
Advanced Malware Protection
ESA now includes Advanced Malware Protection (AMP), a malware defeating solution that takes full advantage of the vast cloud security intelligence network of Sourcefire (now a part of Cisco).
ESA delivers protection across the attack continuum—before, during, and after an attack—with malware detection and blocking, continuous analysis, and retrospective alerting. Users can block more attacks, track suspicious files, mitigate the scope of an outbreak and remediate faster.
Industry-Leading Performance
- Fast blocking of new email transported viruses
- Best-in-class performance at stopping or encrypting sensitive outbound email
- A superior spam capture rate (more than 99 percent) and few false positives (less than one in one million)
- The industry's only proven zero-hour antivirus solution to date
Low Total Cost of Ownership
- Easy installation and management
- Low network impact
- Minimal ongoing administration
- 10 JD Powers award-winning security support centers globally, with 24-hour support available
Long-Term Focus
- Cisco financial commitment to security investment and innovation
- Flexible deployments: on premises, cloud, hybrid, and virtual deployments
- Superior ability to scale threat analysis as global data explodes
Features and Benefits:
Cisco Email Security defends your mission-critical email systems with appliance, virtual, cloud, and hybrid solutions. Cisco Email Security is recognized by third parties as the best source of email security.
Global Threat Intelligence
Get fast, complete email protection backed by one of the largest threat detection networks in the world. Cisco Email Security provides broad visibility and a large footprint, including:
- 100 terabytes (TB) of security intelligence daily
- 1.6 million deployed security devices including firewalls, Cisco Intrusion Prevention System (IPS) sensors, and web and email appliances
- 150 million endpoints
- 13 billion web requests per day
- 35 percent of the world's enterprise email traffic
Cisco SIO provides a 24-hour view into global traffic activity. It analyzes anomalies, uncovers new threats, and monitors traffic trends. Cisco SIO helps prevent zero-hour attacks by continually generating new rules that feed updates to the Cisco ESAs. These updates occur every three to five minutes, providing industry-leading threat defense.
Accelerating Email Threats
Modern corporate email systems such as Gmail and Microsoft Exchange and come with a measure of built-in security. Some see these built-in protections as adequate. They shouldn't.
Mobility, cloud and sophisticated blended attacks are expanding the number, range, and velocity of email- transported threats. Inbound threat defense that lags by hours or days, and sometimes even weeks, leaves email environments and businesses exposed.
Failure to secure sensitive data can also result in severe consequences. From fulfilling mandated compliance requirements to protecting intellectual property, email confidentiality is critical.
Threat Defense
Receive fast and comprehensive email protection backed by the largest threat detection network in the world. Cloud-based intelligence, combined with information from industry partnerships and the analysis of a dedicated threat research team, is essential for providing zero-day responses.
At Cisco, defense starts with our Security Intelligence Operations (SIO) service.
Cisco SIO provides a 24x7 view into global traffic activity, enabling Cisco to analyze anomalies, uncover new threats, and monitor traffic trends. Automatic policy updates are pushed to network devices every three to five minutes.
Cisco Anti-Spam
Secure your network with the highest spam capture rate and an industry-low false positive rate.
Spam is a complex problem that demands a sophisticated solution. Cisco makes it easy. To stop spam from reaching your inbox, a multilayered defense combines an outer layer of filtering based on the reputation of the sender and an inner layer of filtering that performs a deep analysis of the message.
With reputation filtering, over 80% of spam is blocked before it even hits your network.
Cisco Anti-Virus
Protect your email with the industry's only proven zero-hour antivirus solution that defends you from brand new viruses hours ahead of others.
Cisco Virus Outbreak Filters provide a critical first layer of defense against new outbreaks hours before signatures used by traditional antivirus solutions are in place.
Cisco's global Threat Operations Center analyzes SIO data and issues rules to quarantine suspicious messages. It can issue rules on any combination of six parameters, including file type, file name, file size, and URLs in a message. As the Threat Operations Center learns more about an outbreak, it continually updates rules to appropriately deal with quarantined messages. Messages are held in quarantine until Sophos or McAfee releases an updated signature.
Data Security
Protect your sensitive data-simply, effectively, and accurately.
Ensure your most important messages are compliant with industry standards and protected in transit. Protect outbound messages with Cisco Email Security Data Loss Prevention integration with RSA and email encryption.
Data Loss Protection (DLP)
Prevent leaks, enforce compliance, and protect your brand.
Ensure compliance with industry and government regulations worldwide and help prevent confidential data from leaving your networks. Cisco Email Security Data Loss Protection offers simplified management, comprehensive protection, and unparalleled accuracy.
Choose from an extensive policy library of more than 100 expert policies with the push-of-a-button interface to activate compliance requirements.
Encryption
Satisfy compliance requirements secure messaging.
Meet encryption requirements for regulatory requirements such as PCI, HIPAA, SOX, and GLBA — as well as state privacy regulations and European directives — without burdening the senders, recipients, or email administrators. Offer encryption not as a mandate, but as a service that's easy to use.
Give the sender complete control of their content, even after it's been sent. With Cisco's email encryption, senders don't fear mistyped recipient addresses, mistakes in content, or time-sensitive emails because the sender always has the option to lock the message.
Take advantage of the most advanced cloud-based encryption key service available today. Manage recipient registration, authentication, and per-message/per-recipient encryption keys with Cisco Registered Envelope Service.
Cisco Registered Envelope Service provides all user registration and authentication as a highly available managed service. There's no additional infrastructure to deploy. For enhanced security and reduced risk, message content goes straight from your gateway to the recipient.
Cisco Registered Envelope Service
Flexible Deployment
All Cisco Email Security solutions share a simple approach to implementation. The system setup wizard can handle even complex environments and will have you up and protected in just minutes, making you safer, fast. Licensing is user based, not device based, so you can apply it per user instead of per device to provide inbound as well as outbound email gateway protection at no additional cost. This capability lets you scan outbound messages with antispam and antivirus engines to fully support your business needs.
Flex and scale to meet the demands of your business with your choice of appliance-based, cloud-based, and hybrid solutions:
- SaaS: Reduce on-site data center footprint with little administrative overhead
- Hybrid SaaS: Benefit from the cloud and control sensitive data on-site
- Managed: Free your resources to focus on other strategic IT initiatives
Specifications:
Performance |
Disk Space |
1.8 TB (600 x 3) |
RAID Mirroring |
Yes (RAID 10) |
Memory |
32 GB |
CPUs |
2 x 6 (2 hexa cores) |
Hardware |
Rack units (RU) |
2RU |
Dimensions
(H x W x D) |
3.5 x 19 x 29 in. (8.9 x 48.3 x 73.7 cm.) |
DC power option |
Yes |
Remote power cycling |
Yes |
Redundant power supply |
Yes |
Hot-swappable hard disk |
Yes |
Ethernet interfaces |
4 Gigabit NICs, RJ-45 |
Speed (Mbps) |
10/100/1000, autonegotiate |
10 Gigabit Ethernet fiber option |
Yes (accessory) |
Where to Deploy:
You can deploy Cisco Email Security solutions:
- On premises: The Cisco ESA is an email gateway typically deployed in a firewall demilitarized zone. Incoming Simple Mail Transfer Protocol (SMTP) traffic is directed to the Cisco ESA data interface according to specifications set by your mail exchange records. The Cisco ESA filters it and redelivers it to your network mail server. Your mail server also directs outgoing mail to the Cisco ESA data interface, where it is filtered according to outgoing policies and then delivered to external destinations.
- Virtual: With Cisco UCS running in your small branch office, you could host the Cisco ESAV with other Cisco products such as the Cisco Web Security Virtual Appliance (WSAV). Together, they provide the same level of protection as their hardware equivalents but save you money on space and power resources. You can centrally manage this custom deployment with the Cisco SMA.
Email Security Technology:
Email has become the primary communication method for organizations of all sizes. Whether private information is deliberately or accidentally leaked, the ramifications of data loss are severe: violation of compliance regulations, erosion of customer trust, and destruction of brand equity. As a result, executives are focused more than ever on rapidly deploying solutions to address data loss – and to do it in an easy-to-administer, unobtrusive manner.
Cisco has partnered with RSA – the leader in data loss prevention (DLP) technology – to provide an integrated DLP solution, RSA Email DLP, on Cisco IronPort email security appliances. To ensure compliance with industry and government regulations worldwide and help prevent confidential data from leaving customer networks, RSA Email DLP offers easy management, comprehensive protection, and unparalleled accuracy.
Features
Comprehensive Policy Creation and Modification
RSA Email DLP has more than 100 predefined polices. These policies not only cover government regulations such as US focused HIPAA and UK focused Data Protection Act, but also include non-government regulations such as the Payment Card Industry Data Security Standards (PCI DSS). Administrators can also build custom policies to look for company-specific information. Additionally, they can choose from numerous remediation actions, such as BCC, notify, quarantine, and encrypt.
Simple Management
RSA DLP data classification technology and policies are fully integrated into Cisco IronPort email security appliances. In a single user interface, administrators can configure anti-spam, anti-virus, content filtering, encryption, and RSA Email DLP actions on a per-user basis. Administrators can access real-time and scheduled reports to view the top DLP email violations by policy, severity, and senders. The appliances' message tracking capabilities enable administrators to search for messages with certain DLP violations.
Unparalleled Accuracy
A common complaint about DLP solutions is the high rate of false positives. RSA Email DLP's pre-defined policies are created by RSA's Information Policy and Classification Research Team. This team has a proven methodology to develop policies with best-in-class accuracy. These policies leverage sophisticated content analysis techniques and are specifically tuned to virtually eliminate false positives and maximize catch rate. Administrators can set four different severity rankings, based on the amount of offending content, and apply different action depending on severity
Cisco IronPort solutions simplify the complexity of protecting sensitive communications.
Benefits
Fast Setup
With the click of a button, administrators can enable pre-defined RSA Email DLP policies. They can also quickly create their own policies, or modify policies, to best suit their environment.
Low Administrative Overhead
RSA Email DLP is specifically designed to virtually eliminate false positives, which means that administrators do not need to constantly monitor and manage violations. If examining quarantined messages is required, offending content is highlighted in each message. Administrators can also schedule DLP-related reports to be sent to them on a regular basis.
Simplified Regulatory Compliance
With RSA Email DLP, administrators don't need to be legal experts to ensure that their organizations are in compliance. With a single click, administrators can choose any one of the more than 100 pre-defined RSA Email DLP policies to ensure compliance with U.S. and international regulations.
Safeguard Proprietary Information
In addition to regulatory compliance, RSA Email DLP policies help ensure that intellectual property information and company confidential information does not leave the network. Administrators can choose from preloaded policies, or can customize them to scan for company-specific information.
Summary
RSA Email DLP is fully integrated into Cisco IronPort email security appliances – enabling administrators to manage all gateway-related tasks from a single user interface. This powerful DLP solution provides a comprehensive, easy-to-manage, and accurate DLP solution to protect companies from sensitive data loss.
Licenses:
A Cisco ESAV license is included for all Cisco Email Security software bundles: the Cisco Email Security Inbound, Cisco Email Security Outbound, or Cisco Email Security Premium bundle. This license has the same term as the other software services in the bundle and can be used for as many virtual instances as needed, as long as you stick to the purchased user count. The Cisco ESA licenses are included in all Cisco Email Security software bundles. Just purchase the appropriate licenses for the number of mailboxes you need to support, then buy the appropriate on-premises appliances. For virtual appliances, simply order the software licenses to get entitlement.
Term-Based Subscription Licenses
Licenses are term-based subscriptions of one, three, or five years.
Quantity-Based Subscription Licenses
The Cisco Email Security portfolio uses tiered pricing based on the number of mailboxes. Sales and partner representatives will help to determine the correct customer deployment.
Email Security Software Licenses
Three Cisco Email Security software license bundles are available, as well as one à la carte offering: Cisco Email Security Inbound, Cisco Email Security Outbound, Cisco Email Security Premium, and Advanced Malware Protection. The major components of each software offering are provided below.
Bundles |
Description |
Cisco Email Security Inbound Essentials |
The Cisco Email Security Inbound Essentials bundle delivers protection against email-based threats, including antispam, Sophos antivirus solution, virus outbreak filters, and clustering. |
Cisco Email Security Outbound Essentials |
The Cisco Email Security Outbound Essentials bundle guards against data loss with DLP compliance, email encryption, and clustering. |
Cisco Email Security Premium |
The Cisco Email Security Premium bundle combines both inbound and outbound protections included in the two Cisco Email Security Essentials licenses noted above, for protection against email-based threats and essential data loss prevention. |
A la Carte Offerings |
Description |
Advanced Malware Protection |
Advanced Malware Protection (AMP) can be purchased à la carte along with any Cisco Email Security Software bundle. AMP is a comprehensive malware-defeating solution that enables malware detection and blocking, continuous analysis, and retrospective alerting.
AMP augments the antimalware detection and blocking capabilities already offered in Cisco Email Security with file reputation scoring and blocking, file sandboxing, and file retrospection for continuous analysis of threats, even after they have traversed the email gateway. |
Software License Agreements
The Cisco End-User License Agreement (EULA) and the Cisco Web Security Supplemental End-User License Agreement (SEULA) are provided with each software license purchase.
Software Subscription Support
All Cisco Email Security licenses include software subscription support essential to keeping business-critical applications available, highly secure, and operating at peak performance. This support entitles you to the services listed below for the full term of the purchased software subscription.
- Software updates and major upgrades keep applications performing at their best, with the most current features.
- The Cisco Technical Assistance Center (TAC) provides fast, specialized support.
- Online tools build and expand in-house expertise and boost business agility.
- Collaborative learning provides additional knowledge and training opportunities.