Currently we have implemented IEA appliance in the Websafe mode. However, Cisco has abandoned this product line and we are evaluatiing alternatives to this secure mail product. Of course one option would be to convert to using CRES, we are looking for feedback from current CRES users on what they like /dislike about CRES.
So far some testing has pointed out that attachment size will be an issue - we send several emails daily with larger than 10 MB attachments. Another surprise has been a large number of messages that are delivered to the recipients Junk/SPAM folder instead of the inbox. Has anyone experienced these same issues and how have you worked around them?
Also any additional feedback would be beneficial in our decision process.
I'm consulting one of my clients on a POC using CRES and so far we have been satisfied with the results. As you may see some of my earlier questions on this forum, we have been mostly discoverying and resolving configuration questions. But so far everything has worked out to our satisfaction.
Regarding the attachment sizes, yes I have seen the reference to 10MB limit, but as Ken indicated, I think the limit has been extended. I have tested up to 15 MB of attachment and successfully encrypted and transmitted. It does take a while (up to 15 minutes) which I believe is due to IronPort throttling the bandwith (which is a good thing). We are in the midst of confirming this but so far we see smaller messages in both direction flowing nicely as couple of big ones are crancking on the background.
The management of CRES could be imporved, but it offers the basics we need. The UI is sometimes confusing, but we got over it after awhile.
We are also testing the support for mobile devices which requires signed activation files for BCE apps to be generated from the CRES admin console. It works fine. Unrelated to CRES, but just be aware that BCE native app on iPad is not available yet. We are using iPhone BCE app on iPad and works fine.
So in short, assuming that you are OK with your keys being managed in the cloud, CRES has been fine for us based on current testing.
As discussed in the earlier threads here, there are areas for improving the security which I'm hoping will some about as this service matures:
1) I would really like to see some "easy-to-deploy-use" two-factor auth such as one-time SMS passcode or software OTP token being added to CRES (for both users and admins) to enhance the security of access to the cloud-based service. I've been told that is being considered for future releases.
2) The external recipients need to log into CRES portal and reply or initiate a secure message (i.e. their message payload is visible to CRES). Would be nice to have better solutions for the privacy of the external users (outside the org) when using CRES to send secure messages.
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to leverage Microsoft Single Sign-On for multiple ISE Portals (for example Sponsor and Guest/BYOD Portals).
At the time of this writing, ISE cann...
With the enhancements in ISE 3.0 for integrating with Azure AD via SAML IdP, it is now possible to create a BYOD Flow to provide Wireless network access using an employee’s Azure AD credentials.
The table below shows the whole Cisco Security solutions + Splunk integrations add-ons. Kindly let me know if I have missed some add-ons or if there are any new updates. Thank you!
Hope this will be helpful for everyone who is looking for Splunk in...
A python based script to generate report if there are disabled rules under an Access Control Policy and an option to delete those rules in bulk.
Step 1 Download the script on PCStep 2 Make sure python3 is installed on PC and have reach...
A python based script to generate report if there are double logging on FMC ACP (logging at beginning and end), having rule action "Allow" or "Trust". (Option1 )
Also, the logging at the begging will be disabled if logging is detected for both beginning ...