About Cisco Secure Email
Cisco Secure Email Appliance is a virtual, all-in-one appliance that provides protection against spam, malware, viruses, and other inbound and outbound email threats and annoyances.
Together, SIRP and Cisco Secure Email deliver advanced email security. SIRP’s integration with Cisco Secure Email allows security teams to execute response actions right from SIRP.
SIRP’s Cisco Secure Email integration app allows you to execute the following actions:
Add recipient to blocklist
Add recipient's email address to the blocklist
Add recipient to safelist
Add recipient email address to the safelist
Add sender to blocklist
Add sender's email address to the blocklist
Add sender to safelist
Add sender email address to the safelist
Release message from quarantine
Release a quarantined message
Lookup IP in messages (last 24 hours)
Lookup last 24 hours' email messages against the given IP address
Lookup recipient messages (last 24 hours)
Lookup last 24 hours' email messages against the given recipient's email address
Lookup sender messages (last 24 hours)
Lookup last 24 hours' email messages against the given sender's email address
Lookup subject messages (last 24 hours)
Lookup last 24 hours' email messages with the given IP address
Lookup domain messages (last 24 hours)
Lookup last 24 hours' email messages against the given domain
Lookup hash messages (last 24 hours)
Lookup last 24 hours' email messages against the given hash
Enable and Configure Cisco Secure Email
Enabling AsyncOS API
Before You Begin
Make sure that you are authorized to access the IP Interfaces page on the web interface or the
interfaceconfig command on CLI. Only administrators, email administrators, cloud administrators, and operators are authorized.
Log in to the web interface.
Choose Network > IP Interfaces.
Edit the Management interface.
You can enable AsyncOS API on any IP interface. However, Cisco recommends that you enable AsyncOS API on the Management interface.
You must not enable APIs on multiple management interfaces.
Under the AsyncOS API (Monitoring) section, depending on your requirements, select HTTP, HTTPS, or both and the ports to use.
AsyncOS API communicates using HTTP / 1.1.
If you have selected HTTPS and you want to use your own certificate for secure communication, see Securely Communicating with AsyncOS API.
Submit and commit your changes.
Create a new user on the Cisco Secure Email
Open your Cisco SE instance.
In the Settings tab from the dashboard, go to Users.
Create a New user and assign a name to them.
Also, assign a minimum operator role to this new user.
The AsyncOS API is a role-based system, the scope of API queries is defined by the role of the user. The email gateway users with the following roles can access the AsyncOS API:
URL Filtering Administrator
Help Desk User
Enable the Cisco Secure Email app in SIRP
First, log in to SIRP, then go to Apps from the left navigation bar.
Locate the app named Secure Email.
Enable the Email Security app by clicking on the toggle button under the Status Column.
Once you enable the App, click the configure option to integrate SIRP with Cisco ESA.
Add the following details and click Save:
URL: <URL from the Cisco ESA Instance>
Username: <User ID from Cisco Secure Email>
Password: <Assigned by the User>