The Cisco Email Security Appliance (ESA) enables users to communicate securely via email and helps organizations combat email security threats with a multilayered approach across the attack continuum. For business organizations, email is the most essential business communication tool, and at the same time, it is one of the top attack vectors for security breaches. Hence, Cisco secure email is the best protection provider against email threats.
Cisco Email Security Advanced Threat Protection
The following are the capabilities of Cisco secure email that allow it to detect, block, and remediate threats across the attack continuum:
- Global threat intelligence: It leverages real-time threat intelligence from Cisco Talos and Cisco AMP Threat Grid.
- Reputation filtering: Cisco secure email blocks unwanted emails or message with reputation filtering, which is based on threat intelligence from Talos.
- Spam protection: Cisco secure email uses the Cisco Context Adaptive Scanning Engine (CASE) to block spam emails; it delivers a spam catch rate greater than 99%, with a false-positive rate of less than 1 in 1 million.
- Forged email detection: Cisco secure email can has a forged email detection which protects high-value targets such as executives against business email compromise (BEC) attacks.
- Cisco Advanced Phishing Protection (CAPP): CAPP combines Cisco Talos threat intelligence with local email intelligence and advanced machine learning techniques to model trusted email behavior on the Internet, within organizations, and between individuals. It uses this intelligence to stop identity deception–based attacks such as fraudulent senders, social engineering, and BEC attacks.
- Cisco Domain Protection (CDP): CDP for external email helps prevent phishing emails from being sent using a customer domain.
- Malware defense: Cisco secure email protects against malware with Cisco AMP for Email.
- Graymail detection and Safe Unsubscribe: ESA detects and classifies graymail for an administrator to take action on it if necessary. Graymail consists of marketing products and services, social networking, and bulk messages (that is, mailing list emails). This type of email typically comes with an unsubscribe link, which may be used for phishing. Safe Unsubscribe protects against this type of phishing technique
- URL-related protection and control: ESA protects against malicious URLs with URL filtering and scanning of URLs in attachments and shortened URLs.
- Outbreak filters: Outbreak filters defend against emerging threats and blended attacks by leveraging security intelligence information from Cisco Talos. Outbreak filters can rewrite URLs included in suspicious email messages. When clicked, the new rewritten URLs redirect the email recipient to the WSA. The website content is then actively scanned, and outbreak filters display a block screen to the user if the site contains malware.
- Web interaction tracking: ESA generates reports that track the end users who click on URLs that the outbreak filters have rewritten. The reports include the following information:
- Top users who clicked on malicious URLs
- The top malicious URLs clicked by end users
- Date and time, rewrite reason, and action was taken on the URLs
- Data security for sensitive content in outgoing emails: Confidential outbound messages that match one of the more than 100 expert policies included with ESA are automatically protected by Cisco secure email encryption service, footers and disclaimers, blind carbon copies (BCCs), data loss prevention notifications, and quarantining.
Download our Free CCNA Study Guide PDF for complete notes on all the CCNA 200-301 exam topics in one book.
We recommend the Cisco CCNA Gold Bootcamp as your main CCNA training course. It’s the highest rated Cisco course online with an average rating of 4.8 from over 30,000 public reviews and is the gold standard in CCNA training:
