we have an exchange 2013 deployment. there is a requirement to have secure mail transfer to-and-from our sister company. we have a cisco mail gateway appliance. I am aware that you can create send/receive connectors at both the ends using certificates and can have secure mail delivery. but considering that there is a mail gateway in the middle, do we still make connectors on exchange or will the secure connection will be at the mail gateway level. I am not sure what is the setup on the other side but I have been asked to propose all options for secure mail delivery and I want to be informed about the components on my side when I talk or coordinate with the admins on the other side. will the secure connection initiate and terminate on the exchange servers or at the mail gateway is my question.
Therefore your best option is to speak to Cisco.
The way I have done it with other products is setup the appliance to accept all email from Exchange using mutual TLS, so everything is secure to the gateway, then configure each domain as required to use mutual TLS on the gateway appliance.
At the other end they do something similar, requiring mutual TLS with your appliance.
The other way round it is to bypass the gateway for those specific domains. Easily done for outbound traffic, inbound is a lot more involved and requires more cooperation from the other side.