Sold by: Beyond Identity
Deployed on AWS
Beyond Identity Secure Access is the first Secure-by-Design IAM solution that defends against modern threats with security guarantees.
4.3
Overview
Beyond Identity Secure Access is the first Secure-by-Design IAM solution that defends against modern threats with security guarantees.
It delivers a security-first SSO, phishing-resistant MFA, visibility and control over managed and unmanaged devices, robust integrations, and protections over generative AI fraud.
For mid-sized organizations, Secure Access provides the unified platform you need to safeguard authentication and access with robust integrations that help you get more value out of your existing tooling.
For enterprise organizations, Secure Access delivers a modular platform to support your specific needs for authentication, device security, and SSO or supplant existing solutions that fall short on their security promise.
Please reach out for custom and volume-based pricing via Private Offer at https://www.beyondidentity.com/get-demo
Highlights
- Validates a user identity and its association with a verified device that meets security policy to deliver trusted authentication and enforces continuous, risk-based authentication.
- Enables password elimination. Replaces passwords with an authentication platform rooted in asymmetric cryptography leveraging proven standards (including x.509 certificates and the TLS protocol) without any certification management required.
- Provides zero friction, secure digital access for employees, contractors, and developers. It is the 1st foundational step toward today's Zero Trust Security strategy.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
- Small Market Bundle | Customizable SMB Bundle | $10,000.00 |
- Authentication Essentials | Includes: Phishing-Resistant MFA, Access360, Device 360, Premium Support for up to 1,000 users | $36,000.00 |
- Zero Trust Identity & Device | Includes: Zero Trust Authentication, Access360, Premium Support for up to 1,000 users | $96,000.00 |
- Secure Access Complete | Includes: Secure SSO, Zero Trust Authentication, Access360, Premium Support for up to 1,000 users | $144,000.00 |
Vendor refund policy
N/A
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Beyond Identity
By BeyondTrust Corporation
By Cisco Systems, Inc.
Top
100
In IT Business Management
Top
10
In Financial Services
Top
10
In Data Analysis, Centralized Identity Management
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Identity Verification
Validates user identity and device association using security policy-based continuous, risk-based authentication mechanism
Cryptographic Authentication
Eliminates passwords by leveraging asymmetric cryptography with x.509 certificates and TLS protocol standards
Access Control
Provides unified authentication platform supporting single sign-on (SSO) with phishing-resistant multi-factor authentication
Device Security
Enables visibility and control mechanisms for both managed and unmanaged device authentication
Fraud Prevention
Implements protection mechanisms against generative AI-based authentication fraud attempts
Identity Threat Detection
Advanced discovery and intelligence system for detecting identity-based threats across infrastructure
Privileged Access Management
Comprehensive control and management of privileged passwords, accounts, credentials, and sessions for human and machine identities
Remote Access Security
Granular control, management, and auditing of privileged remote access for employees, vendors, developers, and cloud operations engineers
Endpoint Privilege Control
Dynamic least privilege enforcement across Windows, macOS, Linux, and mobile platforms to prevent malware and unauthorized access
Cloud Entitlement Management
Cross-cloud visibility of access permissions, detection of account permission anomalies, and guidance for privilege optimization
Multi-Factor Authentication
Phishing-resistant multi-factor authentication with proximity verification to prevent authentication bypass
Identity Management
Centralized identity directory serving as a single source of truth for authentication and security
Single Sign-On
Unified single sign-on mechanism providing consistent user access across multiple applications
Device Trust
Endpoint security controls to block access from unknown or unregistered devices and enforce trusted device policies
Passwordless Authentication
Complete end-to-end passwordless authentication experience without reliance on traditional password mechanisms
Standard contract
No
No
No
Customer reviews
Kartik Amin
Secure access has unified zero trust and web protection while AI assistance automates tasks
Reviewed on Dec 16, 2025
Review from a verified AWS customer
What is our primary use case?
I use Cisco Secure Access for Secure Access Service Edge (SASE) , which provides me with secure identity-based access to applications and the internet from anywhere. I don't have to rely on traditional VPN architectures. Cisco Secure Access provides Zero Trust Network Access (ZTNA ), Secure Web Gateway, Cloud Security Broker, and Firewall as a Service all into one platform, which is beneficial.
I use it for firewalling, security, and Zero Trust Network Access.
What is most valuable?
I have worked with Cisco AI Defense product and Cisco AI Access, focusing on control access and data protection for data in transport and stationary states.
I have used the AI Assistant, which is a Cisco feature where AI helps to automate redundant tasks so that I don't have to configure each small detail manually. It is a bulk configuration feature.
I have used Cisco Identity Intelligence, which provides User-ID and Content-ID based network access control. It uses protocols such as LDAP to authenticate with products such as Active Directory to authenticate users. It is a good feature and is already integrated.
What needs improvement?
From a feature perspective, I have not experienced any issues, drawbacks, or shortcomings. However, the cost of Cisco's products and licensing is high. My clients usually prefer cheaper options if possible. Mid-size or smaller businesses typically cannot afford Cisco Secure Access. Additionally, there is a steep learning curve, as it is very intensive. Someone with significant knowledge can work on it, but a new professional would have to spend considerable time to get accustomed to it. It is hard to find engineers who can work on it. Overall, we get what we pay for, as it is a pretty good feature and service.
The pricing of Cisco's products and licensing is higher than competitors. If they could be more reasonable, that would help. The support offered for two years also has higher costs. Overall, the client's IT budget gets affected.
For how long have I used the solution?
I started using Cisco Secure Access when I was in the US, which was approximately five years ago.
What do I think about the stability of the solution?
From my experience, Cisco Secure Access is very stable and has not crashed. Cisco is renowned for their reliability, and their products perform well under high data usage. It is very resilient, and I have not seen it go down, crash, hang, or experience any other issues.
What do I think about the scalability of the solution?
Cisco Secure Access is very scalable. It has high availability, so it can be deployed in pairs and scaled quickly.
How are customer service and support?
The quality and speed of the support are very good. Cisco is excellent with their support. When I create a TAC case for any issue, they respond quickly and schedule a call. They help resolve issues as soon as possible through screen sharing. Cisco TAC is very competent.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not worked on the same offering from Palo Alto, so I cannot compare what is better there or here. What I appreciate about Cisco is that everything they do is precise and works well without any issues. I found that there are not many bugs. I have heard that Palo Alto has many bugs that need to be fixed and require a TAC case to resolve. In my experience with Cisco, I haven't had issues with bugs that I had to escalate. On the few occasions when there was a bug, the solution and patch usually fixed the issue, which they had already posted on their website indicating which patch version would resolve it. That is the advantage, as it works flawlessly.
I have not used Palo Alto's offering, so I cannot make a comparison. I have only used Cisco's.
How was the initial setup?
Deploying Cisco Secure Access on the machine is very easy. If we follow the steps, they are seamless and run smoothly.
Policy verification is done before deploying, similar to Juniper's approach. With Cisco switches, if we put a command, it applies immediately without asking for confirmation. With Juniper, we have to put the command and then only after we hit commit does the command apply. Cisco Secure Access has the same feature where before applying the configuration, it verifies and checks if it would cause any issues and provides results based on that.
What about the implementation team?
One person can complete the deployment.
What was our ROI?
It was challenging to learn because, as mentioned, it has a significant learning curve and requires considerable training to become proficient.
What's my experience with pricing, setup cost, and licensing?
Cisco Secure Access regularly requires patches that need to be installed. During downtime or after hours, patches need to be applied. The system gets rebooted occasionally to clear caches and improve CPU performance.
Which other solutions did I evaluate?
I am not certain what VPN as a Service or VPNAaS means. I have not heard of this term.
What other advice do I have?
Multi-organization might be a feature on Cisco Secure Access, but my clients are private companies that haven't merged with any other organizations, so they have their own devices and networks. I haven't used those features.
I would rate this product an 8 overall.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Ajinkya Mohod
Provides conditional and application-level access while enabling seamless threat visibility
Reviewed on Nov 21, 2025
Review provided by PeerSpot
What is our primary use case?
Cisco Secure Access is used as a security tool within the tenant as a firewall and serves as a cloud-delivered Zero Trust access platform. It is used for Microsoft Intune as conditional access, Global Secure Access, and from Defender for Cloud Apps, working behind before it.
Cisco Secure Access provides application-level access. Usually, it's full network access, but with this tool, application-level access can be given. It removes the dependency of VPN, and then user authentications are continuously based on identity, device, and risk, which is an add-on there.
The Zero Trust Network Access feature is being used.
What is most valuable?
Cisco AnyConnect is used as a VPN tool for SASE purposes.
The integration of CASB functionality for exposing shadow IT within the company is smooth. Technical skill and knowledge are needed to evaluate, analyze, and deep dive on those things. From the tool's response, it is very good, and there is visibility on everything that is needed or necessary.
The integration of Cisco Talos influences threat detection and response capabilities. The integration of Cisco Talos is similar to every Cisco Umbrella , and the experience has been smooth. The knowledge, their KB, and FAQs are very good, and their support is very good. When in trouble, readily available documents or information are accessible.
What needs improvement?
Managing Cisco Secure Access in a single cloud management console is moderate in difficulty. Technical skills or an understanding at a base level or moderate level are needed to make it work, configure, and integrate it. The difficulty level is somewhere between easy and difficult.
For how long have I used the solution?
Cisco Secure Access has been used for one and a half years.
What do I think about the stability of the solution?
The product has been stable with no crashes or downtime so far, and the SLA is good.
What do I think about the scalability of the solution?
Cisco Secure Access is scalable.
How are customer service and support?
The technical support of Cisco is good and up to the mark.
How would you rate customer service and support?
Positive
How was the initial setup?
Regarding deployment and installation, it is straightforward, but having basics is necessary.
What other advice do I have?
No negative aspects have been observed so far; everything seems good. The review rating for this product is 9 out of 10.
Hamilton McClain
Top-rate support, good pricing, and easy setup
Reviewed on Sep 08, 2025
Review provided by PeerSpot
What is our primary use case?
I support the US government. From a customer perspective, the use cases tend to be where we are guarding edge devices that we don't have necessarily 100% positive command and control. The devices have data transport that traverses in some cases ISPs, so we can't really control who's adjacent to those networks. We often deploy in those types of environments. Where we can use dark fiber, we prefer to, but that's not always an option.
What is most valuable?
I'm probably pretty agnostic with respect to that. We have a federal mandate to reach these next-generation firewall requirements. Stateful packet inspection and things of that nature are the things that we're interested in. We have some programs adjacent to us that definitely do that, but my programs don't require that.
We get a significant discount with Cisco, and their support is definitely top-rate.
What needs improvement?
Cisco does a decent job with logging. Sometimes you may need to tweak a few settings, but with their more recent products that support Python and Java among others, you now have more programmatic control in the latest versions of IOS.
If the FTD devices themselves, the Firepower Threat Detection system, those are the firewalls themselves, the individual appliances, weren't so tightly coupled to FMC, I'd probably appreciate them as a product more. The learning curve was a little higher just because it's a large departure from their original ASA devices. If they could be managed individually as easily as they can be managed through FMC, I'd probably be a bigger fan.
For how long have I used the solution?
I have used Cisco products for decades at this point. With respect to ASAs and FTDs, FTDs are fairly new, but I have used ASAs for the better part of a decade.
How are customer service and support?
It is definitely top-rate. In fact, I know that my particular group didn't even have a service agreement in place for the better part of a year and those guys were still very responsive to emails and communications.
How would you rate customer service and support?
Positive
How was the initial setup?
We've been using them so long, it's hard to remember being a newbie, but I don't find their products particularly hard to set up. They have great documentation.
In our deployments, all of our web-based access to any of those devices is actually cut off. We do everything through a secure socket. The only situation where we are compelled to use a web interface is for the FMC, specifically for configuration; however, our management is primarily conducted at the console level whenever possible.
We don't find them hard to manage, especially as a group. The bigger challenge was managing them outside of their FMC product. They prefer to be federated to some extent, and they really weren't designed to be individually managed. They prefer to be managed from a central location. But if you have an environment that lends itself to central management, for the most part, it's not an issue.
What about the implementation team?
We acquire through an organization, and we are the ones that implement.
What's my experience with pricing, setup cost, and licensing?
Price-wise, we get a significant discount with Cisco. I actually prefer Juniper products. From a professional perspective, I prefer Palo Alto and Juniper probably more than I do anybody else. But I can't make the argument when we get 50% and 60% discounts, which we don't get from Juniper or Palo Alto.
What other advice do I have?
Because we operate with what could only be called a skeleton crew, a monitoring solution to the extent possible is dependent heavily on logging, which these applications allow. We do a heavy amount of logging and we do a great deal of log parsing through ELK stack and SolarWinds and Splunk. Any tool that provides telemetry through logging is a particularly good fit for us because we have to really automate our monitoring. We don't have the manpower to sit there and look at multiple applications and things on a regular basis. It all has to come to a central location and has to be pretty automated, red light, green light type stuff.
If you have the budget, make sure to get a solid understanding of what's out there. There might be some other products that you might prefer, but if your budget is constrained, you can make it work with Cisco products for sure.
I would rate the solution a 10 out of 10.
Ahmad Kamarul Zaman Zakaria
Experience shows promise in security and integration, while setup and UI need refinement
Reviewed on Aug 12, 2025
Review provided by PeerSpot
What is most valuable?
Managing Cisco Secure Access through the single cloud management console will not be difficult if you experience it once. This means once you have hands-on experience, you know how to operate it. In the first time, you might have a challenge because you need to understand the system. However, once you understand it, it will not be difficult anymore.
I find the zero trust approach helpful and beneficial in securing standard applications, which means you are accessing the applications directly instead of giving privilege to access the network itself. This is very beneficial in the context of security and is very effective.
Regarding the threat detection and response capabilities, because it's integrated in the cloud, users don't have to configure it to integrate with Talos. The feed that it has is already there, detecting malware and blocking it by itself from the Cisco Secure Access . The Intel is there, and we do not need to manually integrate with Talos.
What needs improvement?
My personal thinking about Cisco Secure Access is that because I'm also catching up on this solutioning, I'm not really seeing any improvement because I'm still learning. So far, it's good; I do not have any comment on this.
Regarding features about the UI, the pricing, and the learning curve of Cisco Secure Access that can be improved, the AI is already embedded in the solution. Because I haven't explored much and am not an expert, the features might be there, but I haven't tested them out.
When it comes to thoughts on the pricing, setup cost, and licensing cost of Cisco Secure Access, I cannot comment as I only did SSE for Cisco and did not have experience with other products. In terms of price comparisons, I cannot provide much insight.
The more competitive the pricing for Cisco Secure Access becomes, the better it would be for customers.
What do I think about the stability of the solution?
Throughout my experience with Cisco Secure Access, I have had some stability and reliability issues, including lagging when accessing the portal. Sometimes the response is fast, and sometimes it's slow, with response information that can be either correct or wrong. However, I consider these minor issues because they recover in a few minutes afterwards, though there are still glitches present.
How are customer service and support?
In evaluating my experience with the technical support and customer service of Cisco Secure Access, during the POC, we did not leverage tech support at that particular moment; instead, we engaged directly with the SE team, the Cisco System Engineer teams.
How would you rate customer service and support?
Positive
How was the initial setup?
Regarding the experience with the initial setup of Cisco Secure Access, it is important to communicate with the customers on the requirements, so they understand and prepare whatever we need to set up the POC. We need to communicate effectively with them and let them know what we need. Once our requirement is fulfilled, we can proceed. The key point is that communication with the customer must be maintained.
Once we have all of the requirements, the setup of the product itself is not that difficult. The first time requires understanding many things, but after the deployment and gaining experience, it becomes quite straightforward.
Which other solutions did I evaluate?
I give Cisco Secure Access a seven because I did study other products as well. While I haven't deployed any other SSE product, I went for the training. The way of deploying and the solution is quite seamless, but that's my current assessment without hands-on experience with the other products.
What other advice do I have?
As a partner with Cisco, this relationship is more related to the partners agreements, which is why we are selling Cisco Secure Access.
My impressions of Cisco Secure Access on protecting organizations from threats such as phishing or ransomware attacks are based on my recent POC. There aren't many use cases I have shown to the customer, but I can confirm that the solution is effective.
I would evaluate my experience with the Cisco team as an eight on a scale of one to 10, where 10 is the best.
My advice for other users who would like to start working with Cisco Secure Access is to find a good service integrator. As I come from the service integrator background, my advice to end users is to collaborate with a reliable SI that has the expected expertise on the solutions they are going to purchase and enroll.
The overall rating for Cisco Secure Access is 7 out of 10.
Wallace Serafim
Integrating multiple security solutions on a single platform enhances threat protection
Reviewed on Jun 11, 2025
Review from a verified AWS customer
What is our primary use case?
For Cisco Secure Access , my main use cases are the DNS functionality. Previously, we used Umbrella in the DNS stack functionality, and currently, we are using Cisco Secure Access .
How has it helped my organization?
Cisco Secure Access benefits my company by being a platform that integrates more than one solution, making it possible for us to have other solutions in the same platform, allowing us to manage SWG, the DNS part, and firewall.
What is most valuable?
The feature of Cisco Secure Access I appreciate the most is the DNS functionality. It's the main function that we are using currently.
The impact Cisco Secure Access has on protecting my company from threats such as phishing and ransomware is significant.
We utilize it extensively, especially the DNS part, which is very important. Even when we educate our users, the attackers become more advanced each day. They sometimes can use emails and other methods to attempt to attack our company, and Cisco Secure Access can help us protect our users, especially with the incredible DNS part.
The best part of managing Cisco Secure Access through its single cloud management console is that we can purchase as needed and add more products to this platform as necessary, within our budget.
My perception of Cisco Secure Access's ability to provide secure access via standard HTTP2, and optionally the QUIC protocol, is that the platform is very complete, and the objective is to deliver a full stack of resources regarding security. We are offering this solution to our clients, and the adoption rate is incredibly high. They are very satisfied.
I have noticed that in recent years, particularly over the last year, Cisco has significantly improved the platform by consolidating more solutions within the Cisco Secure Access ecosystem. It is important for Cisco to bring more products. For us and our clients, it is easier to have a single pane of glass to manage all the solutions when discussing security. The platform being in the cloud also makes it easier as we don't have to have something on-premise in our environment for the solution.
We have numerous integrations, including Splunk and other solutions that can be integrated into the same platform. This is particularly beneficial when discussing the solution's benefits.
What needs improvement?
The worst part was the migration from Umbrella to Cisco Secure Access; we experienced some difficulties during that process.
Improving Cisco Secure Access is difficult for me to discuss in detail as I'm not the administrator of the platform.
For how long have I used the solution?
I have been using Cisco Secure Access for more than two years, since it was launched.
What do I think about the stability of the solution?
Regarding the stability and reliability of Cisco Secure Access, at least in Brazil, we don't hear about availability or stability problems. If a client has issues with the internet connection, it might not be the best way to deliver the solutions, however, this is a worldwide situation. We don't have problems with internet connections, especially in the offices, so it is not a problem.
What do I think about the scalability of the solution?
Cisco Secure Access scales effectively with the growing needs of my company because we are talking about a cloud solution. It is easy to scale as necessary, especially when we discuss the DNS functionalities.
We turn the traffic to the Cisco Secure Access cloud, and we can manage and apply the policies that are necessary, making it very easy to scale the solution.
How are customer service and support?
I don't have direct experience with customer service and technical support, as I don't work in the administration of the solution. TAC is a worldwide service recognized as fantastic. We also have experience with other hardware and software, and my understanding of it is good. It provides good service.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
My company did not consider other solutions before choosing Cisco Secure Access. We are a Cisco partner.
However, our clients always evaluate other solutions. We work extensively to show the value of the solution since we have competitors, however, Cisco Secure Access has the advantage of delivering multiple solutions in the same single pane of glass.
How was the initial setup?
We had a migration from Cisco Umbrella. There were some problems. However, the process now is easier as the solution is in the cloud and we can add more solutions and activate them in the portal. It's easy now.
What was our ROI?
The biggest return on investment when using Cisco Secure Access is consolidating multiple solutions into a single pane of glass. We have competitors offering alternative solutions; however, they don't deliver the same level of integration as Cisco, which consolidates all solutions simultaneously through a single console.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, the setup cost, and the licensing of Cisco Secure Access, being from Brazil, the cost for us is a very important point. Sometimes we show the solution for our clients, but the price can be problematic.
We try to overcome this challenge by presenting the value and importance, especially for today's infrastructure to have more security, avoiding downtime, loss of data, and similar issues. The Cisco products are amazing, but especially in Brazil, when discussing the price, it remains a challenge.
What other advice do I have?
We're a Cisco partner.
On a scale of one to ten, I rate Cisco Secure Access a nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)