Hi there,

I wanted to get a collection of missing or nice to have features started for ESA and SMA and hopefully we come up with a good list and get some attention and momentum from product management. Please feel free to comment on any of my features listed and comment with new or missing ones. I will consolidate the list and sent them to the usual suspects.

a) GUI, nice to have the new sexy look out there but we still need feature parity in the GUI for content filters with the CLI interface. Multiple and/or conditions are still missing.

b) X-headers, allow the possibility to compare the content of x-headers and take action based on results. Common use cases are comparing ENV-FROM , sent-by and reply-to fields and display end user notifications when there is a mismatch.

c) ARC support, with MS O365 supporting ARC since January 2020 for all their tenants and Ironports ESA very often being used as SMG we absolutely need ARC support for in- and outbound asap. We are loosing on security posture because of this.

d) DKIM , alternate DKIM key support. To make yearly or 1/2 yearly as recommended DKIM key rollover a less painfull operation we would need the support of at least 2 DKIM keys so the ESA can still sign outbound messages while a DKIM key is updated for a new key.

e) Workqueue and Deliveryqueue message management - we are no longer in the 80's, we want a graphical user interface so we can see, edit and manipulate messages on the ESA and SMA.

f) Configuration Checker. It would very handy to have a configuration checker for admins. Cisco TAC does some config parsing to identify major issues, why not make such a tool available to admin so that major config errors can be identified and configuration tuning be performed.

g) Copy and Paste of message filters. We need a feature to be able to import/export or copy and paste specific filters across environments. This would allow a message filter to be tested in QA and then be copied into production once running as expected.

h) Deployment server. It is year 2000+ and most complexer infrastructures support a software deployment server for central upgrade and user management.

i) User management. We need the option to import/export complete user lists across clusters. There must be an option to create a recovery user (backup admin) which does not expire without using TAC for this. The SAML implementation must be upgraded from entry level to "enterprise ready".

j) There must be an option to test LDAP accept, group filter in test mode. Building complex LDAP accept filters in a multi forest environment with specific rules can not be easily tested. Make this easier please.

k) High Availability. We can no longer rely on single point of failures like workqueue corruption impacting mail deliveries, SMA File Analysis Queue corruption impacting all of AMP analysis, message tracking corruption bringing everything to a standstill. Services becoming unreliable when under high CPU load etc.

l) Being able to rollback a software version on ESA and SMA without loosing some of the configuration.

m) Restore a single member of a cluster from scratch without needing to have a PhD in Ironport XML config file editing.

n) CLI and GUI based message remediation in O365. With AMP/MAR the first steps of message remediation were implemented and recently upgraded to the use of the Graph API. Make this feature more usable so an Ironport Admin can directly remove messages based on a message ID or simple rule from the backend email systems.

o) Make Ironport virtual images available so they can be hosted in a hybrid cloud in either Azure , AWS and Google Cloud. This is critical.

What did I miss ?

I will keep editing once we have a good list of missing features, then we will try to rank them amongst our group to make sure Cisco is focusing on what is really important to all of us.

Happy commenting and adding.

-Marc