Thanks, this is helpful however not making much sense to me...

I guess I am following the mindset why Cisco selling a UTM solution without SPAM filter feature. Not many SMB would buy two devices from Cisco for the tasks handled by one unit from other vendors.

That is not something only Cisco can answer =) However, my guesses are:

- Different business unit

- Different type of solution

- Different budgets

I have used the Iron Port / Email Security Appliance and it is a very good product. My guess is that there will be tighter integration between the two but I doubt the products would ever merge. It is hard to put everything in a single box/solution. 

Thank you for rating helpful posts!

I guess I might asked question incorrectly...

I was not looking for a full featured spam/email protection solution on ASA 5508-x but just a basic spam filter that fed by cloud updates against, signature, URL, IP addresses. Basically the CSC module replacement...

Hi Shuai,

the only "antispam" feature included in ASA/Sourcefire is to blacklist different type of malicious sites, hosts etc. through the SIO feed.

I'm quite confident almost all UTM vendors provide really limited antispam/antivirus feature bundled with their appliances.

Cisco Email Security Appliance offers much more in-depth solution for email security: cloud/on premise sandboxing, retrospective analysis, filtering based on url category, full blown email encryption, DLP etc).

You can run it on a dedicated C series appliance, on a virtual machine or even in the cloud if you don't want to run it on a premise.

For a very acceptable price for what it offers to you.

Ask your favourite Cisco partner or Cisco sales rep for more information. They can provide you demo equipment (try&buy) or eval licenses to run the virtual machine for 45 days.

It's really worth try it. It would be great complementary product for your ASA5508

That makes sense. This customer is budget sensitive and they uses MS Hyper-V...

If my understanding is correct, the anti spam provided by 5508-x with firepower is more generic other than email targeted, right? So even other UTM provides basic but that is for email specifically.

5508 doesn't offer antispam. SIO feed is the closest match but it's not antispam engine.

You'll need ESA for that. 

If customers have 500+ users you can look at ESA in the cloud.

If customers have less than 500 users (which probably does) look at ESa on premise solution. Basic ESI (antispam, antivirus and outbreak filters)  bundle along with C170 box would be perfect solution even for many customers with limited budget. Ask Cisco sales rep to help you prepare demo for the customer. They'll love it.

Just in case someone is looking for similar solution please have a look here - https://supportforums.cisco.com/t5/firewalling/fighting-against-spam-and-bruteforce-with-firepower-security/m-p/3403235#M169983