Cisco Secure Email Cloud Gateway

  • Published on Aug 21, 2025
  • 2 minute(s) read
Prev Next

Cisco Secure Email Gateway enables users to communicate securely and helps organizations combat Business Email Compromise (BEC), ransomware, advanced malware, phishing, spam, and data loss with a multilayered approach. For detailed information refer to the Cisco Secure Email Gateway’s official documentation.

Integration Method: API 

Tables: Network Activity (4001), Email Activity (4009), Detection Finding (2004), Data Security Finding (2006). 

This integration supports the following events.  

Event  

Description  

Message Tracking

Search for messages that match criteria that you specify.

Quarantine Spams

Details of messages in the spam quarantine.

Quarantine PVOs

Details of messages in the other Policy, Virus and Outbreak quarantines.

Rejected Connections

Details of rejected connections

This integration supports the following versions.  

  Cisco Secure Email API Version 

v2

  Cisco Secure Email Version 

16.0.2-088

Prerequisites  

  • The user should have access to the Cisco Secure Email portal with their respective login credentials.

  • The user should have access to the DataBee console. 

Configuration Overview 

  1. Get the Username and Password for Cisco Secure Email Cloud Gateway portal. The user role must have the following permissions to access the APIs:

    • e_message_tracking_messages

    • e_message_tracking_detail

    • e_message_tracking_dlp_details

    • e_message_tracking_amp_details

    • e_quarantine_messages_quarantine_type_spam_search

    • e_quarantine_message_details_quarantine_type_spam

    • e_quarantine_messages_quarantine_type_pvo_search

    • e_quarantine_message_details_quarantine_type_pvo

  2. Create Cisco Secure Email Cloud Gateway Data Feed in the DataBee console with the required Client credentials.

    DataBee Parameter

    Cisco Secure Email Parameter

    Username

    Username

    Password

    Password

    Quarantines

    User-Defined Quarantines

     

Cisco Secure Email Configuration 

  1. Log in to Cisco secure email console using Username and Password.
     

  2. (Optional) Identify User-Defined Quarantines

    1. Navigate to Options > Account Privileges and click on Manage messages in assigned Policy, Virus, or Outbreak Quarantines in the Cisco Secure Email Console.
       

    2. Identify and note down the names of any user-defined quarantines you wish to fetch data for.
       

DataBee Configuration 

  1. Log in to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for Cisco secure email cloud gateway and click on it.
     

  3. Click on API Ingest.
     

  4. Enter the required details in the form and click Next.
     

  5. In the configuration page, add the following details:

    • API Base URL: the URL used to access the Cisco Secure Email Console.

    • Authorization Method: Basic Authentication

    • Username: the Cisco Secure Email account username used to authenticate.

    • Password: the corresponding passphrase for the username.

    • Quarantines (Optional): comma-separated user-defined quarantine names.
       

      Note:

      Only include user-defined quarantine names. Do not include default quarantine names such as: File+Analysis, Unclassified, Virus, Outbreak, Policy.

  6. Click on Submit.

Troubleshooting Tips

  • Ensure the Username and Password are entered correctly. Make sure that no spaces or unexpected characters are included, user has the proper permissions required and reconfigure the DataBee feed.

  • Ensure the user-defined quarantines entered are configured. Only include user-defined quarantine names. Do not enter any default quarantine names such as File+Analysis, Unclassified, Virus, Outbreak, or Policy.

  • Ensure that all the required API permissions (scopes) listed in the Configuration Overview are assigned to the user role.