Cisco Email ATP

Powered with Talos Inteligence.

Comprehensive protection against the latest email-borne threats

Email is the number one threat vector for organizations and an entry point for the maximum number of cyber threats. Attackers are constantly innovating different techniques to illegally access important files, credentials, or sensitive data. Advanced email security is more important than ever before.

Cisco Email Advanced Threat Protection (ATP) provides the best-in-class email security against cyber threats. It is a comprehensive and cloud-native email security solution.

  • Protection against Business Email Compromise (BEC), spoofing, phishing, zero-day attacks, malware, ransomware, and other modern threats.

  • Automatic scans of every inbound/outbound email for proactive detection of potentially dangerous attachments.

  • Robust email data loss prevention and email content encryption capabilities.

Graphic Cisco Email Atp
Email Atp.png

Cisco IronPort

Logix offers Cisco IronPort email security Advanced Threat Protection (ATP) as a service to protect your business and users from any form of email threats.

A dedicated Cisco Email Advanced Threat Protection (ATP) is hosted and supported by Logix at its multiple data centers across India. Our setup assists you with logging, reporting, and stringent threat policy implementation as per your organization’s needs.

Highlights

Cisco Email ATP uses Cisco Talos intelligence to quickly identify threats and actively combat them.

It provides comprehensive email protection for Microsoft 365.

Business email compromise
  • Cisco Email ATP provides BEC detection capabilities using real-time behavior analysis and advanced machine learning to prevent breaches. It provides enhanced protection against CEO fraud/whaling and similar attacks.
  • Behaviour analysis – Advanced Malware Protection (AMP) analyzes emails for threats such as zero-day exploits hidden in malicious attachments.
  • Cisco Email ATP gives you advanced protection against spear phishing, ransomware, and other sophisticated attacks.
  • AMP continues to watch, analyze, and record email attachments, regardless of the file’s disposition.
URL rewriting
  • The URL filtering service “rewrites” and performs checks on certain URLs in inbound emails.
  • Rewriting allows Cisco to access the URL destination to validate that it is non-threatening.
  • Any URL that is rewritten is checked every time an end-user clicks on it, to ensure the URL destination is not hosting malware, phishing, or spam threats.
  • Threat detection also auto-adjusts based on URL reputation and URL category.
Domain fraud detection
  • Cousin domain – A security feature to identify cousin domain spoofing instances for the domain name which could be easily misspeled to make it look like an authorized/original domain.
  • Domain age – Cisco Email ATP will also identify lookalike domains which are registered recently and are trying to launch an attack.
  • Domain reputation – provides a reputation verdict for inbound emails based on the sender’s domain.
Safe print
  • Cisco Email ATP provides a safe view (safe-printed PDF version) of a message attachment (Microsoft documents) that is flagged as malicious or suspicious.
  • The safe view of such a message attachment is delivered to the end-user and the original attachment is stripped from the message.
  • This way, malicious attachments never get into your system.
Email data loss prevention
  • Cisco’s advanced security ensures it controls, monitors, detects, and blocks unauthorized flow of information from the organization.
User registration
  • Seamless integration using on-premise Active Directory / LDAP / SMTP Call-Ahead and Azure Active Directory Domain Services (AD DS).
Reports
  • Insight discovery and customized reports to track messages or view quarantine information.

Cisco Email Security Features

With the substantial enhancement, Cisco Email ATP uses Cisco Talos intelligence and Machine learning to quickly identify threats and take the required actions.

Cisco Email ATP security solution provides comprehensive email protection for Microsoft 365.

  • Cisco Email ATP provides BEC detection capabilities using real-time behavior analysis and advanced machine learning to prevent breaches and provide enhanced protection against CEO fraud/ Whaling like attacks.
  • Behaviour Analysis – Advanced Malware Protection (Sandboxing)AMP analyzes emails for threats such as zero-day exploits hidden in malicious attachments.
  • It gives you advanced protection against spear phishing, ransomware, and other sophisticated attacks.
  • AMP continues to watch, analyze, and record its activity, regardless of the file’s disposition.
  • The URL Filtering service “rewrites” and performs checks on certain URLs in emails that are delivered to your organization’s end users.
  • The process of rewriting allows the service to manage access to the URL to ensure the destination is innocuous.
  • Any URL that is rewritten is checked every time the end-user clicks on it, to ensure the URL destination is not hosting malware, phishing, or spam threats.
  • Detection is available based on URL reputation & URL category.
  • Cousin Domain – A security feature to identify cousin domain spoofing instances for the domain name which could be easily misspelled to make it look like the authorized/original domain.
  • Domain Age – It will also identify lookalike domains that have registered recently and are trying to launch an attack.
  • Domain Reputation – provides a reputation verdict for email messages based on a sender’s domain.
  • It provides a safe view (safe-printed PDF version) of a message attachment (Microsoft Documents) detected as malicious or suspicious.
  • The safe view of the message attachment is delivered to the end user and the original attachment is stripped from the message.
  • The ability to safely print message attachments in the email gateway helps an organization prevent message attachments with malicious or suspicious content from entering an organization’s network.

Cisco’s advanced security ensures it controls, monitors, detects, and blocks the unauthorized flow of information from the organization.

Seamless Integration using On-premise Active Directory / LDAP / SMTP Call-Ahead & Azure Active Directory Domain Services (AD DS).

Get insight discovery and customize reports to track messages, and view quarantine information.

Key features

  • Robust security: outbound message control

    Cisco Email ATP controls outbound messages through Data Loss Prevention (DLP) and email encryption. This is an optional feature to ensure that your most important messages comply with industry standards and are protected in transit.

  • Data Loss Prevention

    DLP secures your organization’s proprietary information and intellectual property. You define the types of data that your employees are not allowed to email by creating DLP policies against which Cisco Email ATP scans all outgoing messages. This exposes any outbound data that may violate laws or corporate policies.

  • Email encryption

    Email encryption secures inbound and outbound emails. To use this feature, you create an encryption profile that specifies the characteristics of the encrypted message and connectivity information for the key server.

Comparison of Cisco Email ATP with other brands

Talos: Access to the world’s largest threat database at no additional fee

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

External threat feeds (STIX and TAXII)

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email Security Limited 1

Cross-enterprise threat investigation and response

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5) – Limited 1

FireEye Cloud Email SecurityYes

Symantec Cloud Email Security Limited 1

Advanced phishing protection

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityNo

Domain protection

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityLimited 1

Web interaction tracking

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityYes

Scanning URLs in attachments

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Limited 1

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityNo

Shortened URL scanning

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

DMARC

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

Bulk Mail

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

DMARC, DKIM, and SPF analysis

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityYes

Sender domain reputation filtering

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

DNS-based authentication of named entities (DANE)

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityNo

File retrospection

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityYes

Retrospective message remediation in a cloud-based service

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityYes

Macro and file-type filtering

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityYes

Data loss prevention policy solution integrated into email gateway

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityLimited 1

Symantec Cloud Email SecurityYes

Sender control of encrypted envelopes via the sender portal

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityYes

Vendors that provide user awareness training

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Yes

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityLimited 1

Dedicated cloud instance service per customer with dedicated IP addresses

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityNo

Dedicated Office 365 and hybrid solution

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)Na

FireEye Cloud Email SecurityYes

Symantec Cloud Email SecurityYes

Redundant secure email gateways in different data centers for each customer

Cisco Email SecurityYes

Microsoft Exchange Online Protection (E3 – E5)No

FireEye Cloud Email SecurityNo

Symantec Cloud Email SecurityYes

Comparison of Cisco Email ATP with other brands

Cisco Email Security

Microsoft Exchange Online Protection (E3 - E5)

FireEye Cloud Email Security

Symantec Cloud Email Security

Talos: Access to the world's largest threat database at no additional fee

Yes No No No

External threat feeds (STIX and TAXII)

Yes No

STIX and TAXII are not available for customer implementation.

No

Limited


Only if SEG is licensed to participate in the Integrated Cyber Defense Exchange.

Cross-enterprise threat investigation and response

Yes

Limited


Only cloud-based forensics is available with E5 licensing.

Yes

Limited

Symantec Deep Insight is a separate subscription service with restrictions on usage link

Advanced phishing protection

Yes No Yes No

Domain protection

Yes No No

Limited

Email Fraud Protection does not offer the same level of service.

Web interaction tracking

Yes No No Yes

Scanning URLs in attachments

Yes

Limited

No scanning for non-Microsoft documents.

Yes No

Shortened URL scanning

Yes No No No

Anti-phishing, malicious URL detection, and AMP (in base offering)

Yes No Yes No

DMARC

Yes No No No

Bulk Mail

Yes No No No

DMARC, DKIM, and SPF analysis

Yes Yes Yes Yes

Sender domain reputation filtering

Yes No No No

Symantec only offers Ironport HAT-like functionality.

DNS-based authentication of named entities (DANE)

Yes No No No

File retrospection

Yes Yes Yes Yes

Retrospective message remediation in a cloud-based service

Yes Yes Yes Yes

Macro and file-type filtering

Yes Yes Yes Yes

Data loss prevention policy solution integrated into email gateway

Yes Yes

Limited

No DLP templates, only REGEX.

Yes

Sender control of encrypted envelopes via the sender portal

Yes No No Yes

Dedicated cloud instance service per customer with dedicated IP addresses

Yes No Yes No

Dedicated Office 365 and hybrid solution

Yes

N/A

Yes Yes

Redundant secure email gateways in different data centers for each customer

Yes No No Yes

Vendors that provide user awareness training

Yes Yes No

Limited


No simulated phishing of employees. Only a CBT system.

Need more information?

If you would like to know about this service or need any other assistance, please get in touch with us.
Contact us
Continue to chat
Hello 👋
Let us know how we can help you!