Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3775
Views
6
Helpful
9
Replies

Cisco Secure Email VS Email Threat defense?

chenchen40
Level 1
Level 1

‎03-19-2023 11:31 PM

Hi

I have recently purchased both Cisco Secure Email and Email Threat defense to protect my 100 users 365 emails.

From what i see, Email Threat defense actualy can do the whole process of protection (inbound+outbound+internal) without fighting with SMA and mx records.

Am i right?

1 person had this problem
Labels:
0 Helpful
9 Replies 9

Ken Stieers
VIP
VIP

‎03-20-2023 03:39 AM

Yes.

Cisco Secure Email is the ironport ESA, hosted by Cisco or on prem. You point inbound MX records at it so it can process mail before it hits your mailboxes.

Email Theat Defense doesn't require any mailflow changes. You journal all mail to ETD, and if its bad, it pulls it from the mailbox.

A lot of effort is being put into ETD with lots of new, interesting detections.

ETD is only usable if you have mail in the cloud.



chenchen40
Level 1
Level 1
In response to Ken Stieers

‎03-20-2023 03:52 AM

thanks.

As an enterprise (using 365 mail) - does it make sense to implement both of them?

This is what the local integrator sold me, and I would like to make sure and double-check that.

 

 

Ken Stieers
VIP
VIP
In response to chenchen40

‎03-20-2023 04:13 AM

You could... there's are reasons to do it, but you could legitimately deploy only one of them.

In my opinion, your integrator over sold you. If a customer KNOWS what the products are doing and how they work and ASKS for both, then sell them both.


nloverin
Cisco Employee
Cisco Employee
In response to Ken Stieers

‎07-13-2023 10:51 AM

only O365 cloud email, correct?

0 Helpful

Ken Stieers
VIP
VIP
In response to nloverin

‎07-13-2023 10:55 AM

Yes. GCP is in the "want list" but I don't know when it might come.

0 Helpful

José L. Dávila
Cisco Employee
Cisco Employee

‎03-21-2023 09:37 PM

Hello there,

One of the main use cases for ETD is internal email analysis, which is not typically done by email gateways. 

If , for any reason, an internal email is deemed malicious, ETD can help you remediate it.

Hope it helps. 

José L. Dávila

saliyev
Cisco Employee
Cisco Employee

‎03-26-2023 11:53 PM

Hello there.
Using only one of them or both depends on the requirements.

Cisco Secure Email (ESA) is a Security Gateway for emails. It is deployed inline mode, provides more features with granular settings, scans messages in flow and takes an action on the messages before delivery. So this is in prevention mode.

Email Threat Defense is rather email threat Detection solution than prevention. It doesn't sit inline and act on messages in flow. It scans the copy of messages received by journaling or forwarded from ESA, provides detection visibility and is able to perform remediation from mailboxes by using an API.

We've seen Customers using both solutions as follows:
   ESA - main Security Gateway for incoming-outgoing emails.

   ETD - advanced integrated Email Threat Detection and Remediation for already delivered incoming emails/emails in mailboxes.

fatalXerror
Level 5
Level 5
In response to saliyev

‎11-20-2023 07:21 AM

Hi @saliyev , may I know how what do you mean by Advanced Integrated Email Threat Detection and Remediation? Can you provide specific use cases for this like how will ETD remediate? Thank you

0 Helpful

Ken Stieers
VIP
VIP
In response to fatalXerror

‎11-20-2023 07:58 AM

ETD and CES (and ESA) all remediate the same way... if something is determined to be bad, they call MS graph APIs and delete the mail from the mailbox. 

 

0 Helpful
Customers Also Viewed These Support Documents