Hello, we're looking to enhance our email security. Management is suggesting we look into Cisco CES since we're run basically everything else Cisco here (except NetApp). We desperately need some sort of next generation threat detection that can sandbox and detect dynamic content. I've used Proofpoint in the past, but figure I should check out Cisco since that's coming from above my head.
In my own research I've read up on AMP, but it doesn't seem like it's nothing more than a reputation service and I don't like there're limits to how many messages are uploaded to ThreatGrid. Similarly, it seems like the URL protection is weak at best. Fundamentally, it seems strange URL protect is enforced only when the TOC determines the URL seems strange. The permutations and swift changing of URL based threats is something we struggle with all the time.
We have a scheduled meeting with an SME next week, but I'd figure I'd reach out to the community in hopes of finding answers to my questions.