All Collections
Integration Guide
Cisco Secure Email
Cisco Secure Email
Muhammad Omar Khan avatar
Written by Muhammad Omar Khan
Updated over a week ago

About Cisco Secure Email

Cisco Secure Email Appliance is a virtual, all-in-one appliance that provides protection against spam, malware, viruses, and other inbound and outbound email threats and annoyances.

Together, SIRP and Cisco Secure Email deliver advanced email security. SIRP’s integration with Cisco Secure Email allows security teams to execute response actions right from SIRP.

Supported Actions

SIRP’s Cisco Secure Email integration app allows you to execute the following actions:

S.no

Action

Description

1

Add recipient to blocklist

Add recipient's email address to the blocklist

2

Add recipient to safelist

Add recipient email address to the safelist

3

Add sender to blocklist

Add sender's email address to the blocklist

4

Add sender to safelist

Add sender email address to the safelist

5

Release message from quarantine

Release a quarantined message

6

Lookup IP in messages (last 24 hours)

Lookup last 24 hours' email messages against the given IP address

7

Lookup recipient messages (last 24 hours)

Lookup last 24 hours' email messages against the given recipient's email address

8

Lookup sender messages (last 24 hours)

Lookup last 24 hours' email messages against the given sender's email address

9

Lookup subject messages (last 24 hours)

Lookup last 24 hours' email messages with the given IP address

10

Lookup domain messages (last 24 hours)

Lookup last 24 hours' email messages against the given domain

11

Lookup hash messages (last 24 hours)

Lookup last 24 hours' email messages against the given hash

Enable and Configure Cisco Secure Email

Enabling AsyncOS API

Before You Begin

Make sure that you are authorized to access the IP Interfaces page on the web interface or the interfaceconfig command on CLI. Only administrators, email administrators, cloud administrators, and operators are authorized.

Procedure

  • Log in to the web interface.

  • Choose Network > IP Interfaces.

  • Edit the Management interface.

Note:	
You can enable AsyncOS API on any IP interface. However, Cisco recommends that you enable AsyncOS API on the Management interface.

You must not enable APIs on multiple management interfaces.

  • Under the AsyncOS API (Monitoring) section, depending on your requirements, select HTTP, HTTPS, or both and the ports to use.

Note:	
AsyncOS API communicates using HTTP / 1.1.
If you have selected HTTPS and you want to use your own certificate for secure communication, see Securely Communicating with AsyncOS API.

  • Submit and commit your changes.

Create a new user on the Cisco Secure Email

  1. Open your Cisco SE instance.

  2. In the Settings tab from the dashboard, go to Users.

  3. Create a New user and assign a name to them.

  4. Also, assign a minimum operator role to this new user.

Authorization

The AsyncOS API is a role-based system, the scope of API queries is defined by the role of the user. The email gateway users with the following roles can access the AsyncOS API:

  • Administrator

  • Operator

  • Technician

  • Read-Only Operator

  • Guest

  • URL Filtering Administrator

  • Email Administrator

  • Help Desk User

Enable the Cisco Secure Email app in SIRP

  1. First, log in to SIRP, then go to Apps from the left navigation bar.

  2. Locate the app named Secure Email.

  3. Enable the Email Security app by clicking on the toggle button under the Status Column.

Once you enable the App, click the configure option to integrate SIRP with Cisco ESA.

  1. Add the following details and click Save:

    1. URL: <URL from the Cisco ESA Instance>

    2. Username: <User ID from Cisco Secure Email>

    3. Password: <Assigned by the User>

Did this answer your question?