Cisco Secure Access Resource Connector

I have been using Cisco Secure Access  since the company started, and I have had enough exposure to evaluate both its strengths and areas of improvement.

I mainly use Cisco Secure Access  to secure remote access and provide zero-trust access for employees who are working remotely.

Securing remote access and providing zero-trust access helps us give employees secure access from anywhere without relying on traditional VPNs, and it also improved visibility and reduced security risk, especially for remote and hybrid workers.

About my main use case, it was especially helpful during our shift to hybrid work since we needed secure and reliable access for users across different locations and devices.

The best features Cisco Secure Access offers are its zero-trust access controls, easy integration with Cisco products, strong visibility into user activity, and cloud-based management.

Cloud-based management or visibility into user activity makes monitoring and managing access much simpler since everything is centralized, and we can quickly see user activity and respond to issues without digging through multiple systems.

Cisco Secure Access has positively impacted my organization by improving our security posture, reducing reliance on VPNs, and making remote access faster and more reliable for users.

The main area for improvement with Cisco Secure Access would be simplifying initial setup and policy configuration, as some parts can feel complex for new admins.

Better onboarding guidance and more intuitive dashboards would make it easier for new users to get started and manage policies more efficiently.

I have been working in my current field for 1.5 years.

I find Cisco Secure Access to be very stable overall, with minimal downtime, and performance has been consistent for users even with remote access. Any issues we have seen have been minor and resolved quickly.

Customer support for Cisco Secure Access is pretty good and responsive and knowledgeable, with most issues resolved quickly, especially when escalated through Cisco support channels.

We previously relied on a traditional VPN solution, but it was a standard option at the time for remote access before we moved to a Zero-Trusted model.

My experience with pricing, setup cost, and licensing is that pricing is on the higher side and licensing can be a bit complex; the setup cost was manageable, but initial configuration required some effort and expertise.

We have seen a return on investment from Cisco Secure Access, mainly through reduced VPN usage, lower support overhead, and time saved on access management, which has overall improved efficiency for the IT team and reduced operational costs.

There has been a clear ROI with Cisco Secure Access as we have reduced VPN-related support workload significantly. We have also seen a 25% improvement in troubleshooting resolution time and lower overhead from not maintaining legacy VPN infrastructure, which translated into both time and cost savings.

We evaluated a few alternatives such as Zscaler and Palo Alto Networks Prisma Access  before choosing Cisco Secure Access.

We are using the Experience Insights feature, Digital Experience Monitoring powered by ThousandEyes , with Cisco Secure Access, and I'm not sure of the incident resolution time, but it is faster.

We have started using the AI Assistant feature in Cisco Secure Access, but still in a limited way for basic queries and troubleshooting.

We use ZTNA  in Cisco Secure Access, and it's both client-based and clientless depending on the use case, which has positively affected our transition to Zero Trust and least privilege principles.

We use Cisco Identity Intelligence with Cisco Secure Access to improve user visibility and strengthen identity-based access controls.

I evaluate the AI Access feature of Cisco Secure Access for providing deep visibility and control over AI applications, tools, and large language models as very useful for visibility into AI usage, but still evolving, as it helps us monitor access to AI tools and enforce basic controls. However, we would like more granular policy options and reporting.

My advice to others looking into using Cisco Secure Access is to plan the rollout carefully and invest time in learning the policy configuration, as it's powerful but getting the setup right early makes a big difference in long-term success. I would rate this product an 8 out of 10.

All types of companies are a good fit for Cisco Secure Access , including manufacturing, education, finance, and all different types of customers we are having.

The majority of cases come on the regular switching and routing for Cisco Secure Access , and some cases do come on security aspects also when the network gets added features of security.

Some of our customers use VPN in Cisco Secure Access, VPN as a Service.

They are looking forward, definitely, in their transition from VPN to ZTNA .

Our customers have integrated Cisco Identity Intelligence with Cisco Secure Access.

The AI Access feature is quite important for providing deep visibility and control over AI applications, particularly considering these days AI is supporting the technologies. I feel it is important.

Identity management plays an important role wherever we are going for implementation of security measures influenced by this integration.

That should be very important for evaluation of the effectiveness of AI supply chain risk management.

Regarding the Experience Insights feature of Cisco Secure Access, I won't be able to tell you exactly because that is what my team usually handles.

There is nothing that I can exactly tell you for improvement for Cisco Secure Access.

Right now, I won't be able to really suggest additional features because that is something our implementation team will be able to tell better.

Improvement on the pricing will help in expanding the market for Cisco Secure Access and then it can be affordable to much more number of companies than what it is right now.

That is good. We have always valued Cisco for its good support.

That is good, definitely good when it comes to response time and first level support quality.

My team is there. They are doing it.

It has definitely made life easier, but again, security is something which is never close-ended. It has always evolved, and we have to keep evolving when we are considering security. What is security posture today which is okay, another year on, maybe that posture is not enough. And we have to be more reactive.

The pricing also always helps because the market is very competitive here, and it always plays a very major role. And quite often to remain competitive, we have to go into very deep discount mode, and then we can at least be in consideration. So price is always a consideration that way.

Improvement on the pricing will help in expanding the market for Cisco Secure Access and then it can be affordable to much more number of companies than what it is right now.

It is definitely one of the best options in the market for Cisco Secure Access, but there are competitions, definitely.

Cisco is very well poised and it helps us to build up cases with Cisco that way, because having its brand strength and its facilities and all, they could learn a lot from their competitors.

Our team has had some experience with Cisco Secure Access.

We are using it in our company and we recommend it to our customers.

We are offering that to our customers.

From that point of view, our guys are okay with deployments of Cisco Secure Access.

I will rate Cisco Secure Access at nine, definitely. I will keep some room to keep a challenge for oneself.

The awareness of Cisco Secure Access should be slightly more because Cisco is a default standard in the top-level companies or even banks and all. Cisco is the first choice. You can lower down, the presence is less because of the pricing factor and things like that.

Mostly through distribution, our customers buy Cisco Secure Access. We have got a good distribution channel here and we work quite closely that way.

I will give nine to Cisco Secure Access from my perspective.

They already are a market leader when it comes to the functionalities and the interface.

My overall review rating for Cisco Secure Access is nine out of ten.

Our customers use VPN as a Service (VPNasS) in Cisco Secure Access , as we are providing POC and offering that solution to some customers. It is new for them, particularly in India, where they are launching and promoting it now. We are trying to explain and educate customers on the differences between traditional VPN and Secure Access, and what the advantages are. We are doing all these initiatives while completing the POC as well.

The features mostly used in Cisco Secure Access by our customers include roaming clients, which is the major aspect because the clients are roaming around and accessing from anywhere. They need secure access to their private applications as well as public applications. Some applications are hosted in their own on-premises data center, others in their private cloud, and some in the public cloud. Therefore, they need to access all parts of their portfolio securely, and this is the main use case we propose.

Our customers use VPN as a Service (VPNasS) in Cisco Secure Access, as we are providing POC and offering that solution to some customers. It is new for them, particularly in India, where they are launching and promoting it now. We are trying to explain and educate customers on the differences between traditional VPN and Secure Access, and what the advantages are. We are doing all these initiatives while completing the POC as well.

For future releases, I would like to see improvements in IDP  integration, particularly regarding local user integration. There are some limitations because it is a cloud-based platform, and we need enhancements in the area of on-premises user integration.

On average, I would rate the technical service around seven, or perhaps seven point five out of ten.

There is indeed room for improvement regarding first-level support; they need to ensure that knowledgeable people are available.

I have integrated Cisco Identity Intelligence with Cisco Secure Access, where the IDP-related functionalities play a role. ISE is for centralized policy management, and within that context, it is not a major component; however, IDP  integration is a significant part of Secure Access specifically for roaming clients.

The policy verification in Cisco Secure Access is very effective; since Secure Access is a cloud platform, we configure policies based on requirements and deploy them accordingly.

I would like to add that while the integration into one platform is important, security-wise, Cisco Secure Access is a good product. The complexity I see primarily relates to management, and they are gradually integrating towards a single platform, which is the only concern I have.

I believe Cisco Secure Access is the best option on the market at the moment; it is the right and recommended choice. I would rate this solution an eight out of ten overall.

In my previous role, we managed the IT infrastructure for U.S. military base schools worldwide. We implemented Cisco Secure Access  primarily as a cloud-based firewall replacement. Previously, we utilized a centralized architecture with Palo Alto firewalls in a U.S. data center, which meant all of our global traffic had to be backhauled to the U.S. before going out to the internet. We rearchitected the network to enable local internet breakouts at every individual base. Instead of deploying expensive physical firewalls at each local site, we deployed Cisco Secure Access  as our cloud firewall solution. Now, local traffic routes directly up to Cisco's cloud for filtering before reaching the internet, ensuring our users are secured regardless of their geographical location. I still closely support customers utilizing this architecture.

Cisco Secure Access has definitely helped our organization. All our users are now basically VPN users, and it has made things much smoother compared to the old way we had things set up. I would say it is a big plus.

It has cut incident response time at least in half. The extra analytics allow me to make more informed decisions. For example, I have users who are sometimes children because we have military bases across the world that are schools. When a child brings a Nintendo Switch to school and it joins the network, it looks to our cybersecurity team like a rogue device. Having the analytics to track that down and identify the exact device and the user it is assigned to really helps incident response time go down much faster. Now, from headquarters pinging the base, pinging the tech on site, and the tech walking into the classroom to remove that device from the network, everything is much quicker.

The actual technology itself is valuable. Cisco Secure Access functions as a cloud firewall where there is no real need for on-premises firewalls for many client devices. This feature is excellent because I no longer need million-dollar Palo Alto firewalls sitting at a data center where I would be forced to route all traffic through an MPLS circuit to those firewalls for filtering before getting to the internet.

Cisco Secure Access takes on the responsibility of filtering traffic, and I do not have to deal with hardware anymore. When hosting my own firewalls, I had to worry about upgrades, maintenance, and license costs for physical Palos. With Cisco Secure Access, I do have license costs, but they are very streamlined with their new smart licensing features.

From a network perspective, it makes management easier for my network operations team. Previously, I had complicated, complex, high availability meshed firewalls. Now I can have a single pane of glass solution where I can still get all URL filtering and content filtering done through web access. I no longer have to worry about hardware and setting up high availability pairs for physical firewalls. I am just focused on putting a client on the user's machine. Even if I do not want to put a client on a machine from an operational perspective, I can pair Cisco Secure Access with other Cisco products like SD-WAN. Even without the Cisco Secure Access client on actual laptops for the organization, I can still filter that traffic from the router level by telling my Cisco router that its next hop is the Cisco Secure Access cloud for filtering.

Coming from an environment primarily using Ruckus and Brocade at the Department of Defense, then switching to Cisco Secure Access to meet the zero trust requirements set forth by the Pentagon has been tremendous. It checks most of the boxes. I would say it is probably a little weak in the area of IPv6 still. I have actually gotten the chance to talk with the actual developers developing Cisco Secure Access at Cisco. There is still a lot to be desired in the IPv6 realm, but from what the developers are telling me, it is coming in the near future.

As I left the organization, we were getting into using more of the policy verification feature to help us since we have our hands in a lot of different areas at the Department of Defense. Policy verification definitely helps a lot because sometimes there are too many people making policies.

Cisco Secure Access provides great visibility with a single pane of glass. The data is actually useful, and I can make decisions based on it rather than just receiving raw data. For multi-organizational sites, it is absolutely a great tool.

The artificial intelligence assistance is tremendous. If I do not know something, I can use the Cisco AI to ask how to do something or how to get something working, and it will step-by-step tell me or point me in the right direction on what I need to do. On-premises solutions do not really have large language models or AI built into them, so I would be left needing to know what I need to do. This feature helps a ton.

Cisco Secure Access is probably a little weak in the area of IPv6 still. I have actually gotten the chance to talk with the actual developers developing Cisco Secure Access at Cisco. There is still a lot to be desired in the IPv6 realm, but from what the developers are telling me, improvements are coming in the near future.

After talking with Cisco, I was told that features are coming. The AI will actually be able to help generate reports that we want to see for certain executives. There is still a little to be desired, but it is coming.

I do not think IPv6 support is fully there yet. I think Cisco is heading in the right direction, but to really get to that true zero trust autonomous network as described in the Pentagon documents, there is still some work to do. Cisco is definitely heading in the right direction though. There are feature sets that definitely help streamline many processes and get me data that is actually useful. It is not those other products where I get a lot of garbage data that is not useful. Cisco Secure Access gives me data that I can actually use to make a decision on a zero trust network.

I want to see better IPv6 support and continued support for AI with constant improvements. If I could get to the point where I can ask the AI how to do something and it becomes agentic AI that actually starts doing things automatically, that would be incredible. For example, if I could tell the AI that I do not want any of the students in the classroom getting to facebook.com and it goes into Cisco Secure Access and automatically blocks it, that would be amazing. With agentic AI doing things for me rather than just telling me how to do it, I would not have to spend millions on people who are only certified to use this product. I could have lower-level techs who do not necessarily know how to do something but know how to talk to the AI to get things done.

I have been using Cisco Secure Access for about three years.

We did run into an issue with URL filtering where it would not filter a site properly. It took months to resolve by Cisco, but that is the only hiccup I would say there has been.

The customer service is amazing. I call, get my ticket, they pick up, work the ticket, and the issue gets resolved about 9.5 times out of 10.

The initial setup was pretty straightforward. If there were any complexities, Cisco was right there with their support to help us. I would say it was pretty simple.

I definitely got my money's worth already with Cisco Secure Access.

A single pane of glass solution was important to me. Cisco Secure Access was just cheaper than putting a Palo Alto firewall solution at every school or using Prisma, their secure solution. It just worked out to be better. The integration into products like ICE, DNAC, and SD-WAN was a lot better on the Cisco side because Cisco to Cisco integration is better than Cisco to Palo Alto. Product integration among the other Cisco products we had was just better overall.

I would urge any customer to look up their numbers and see what works best for them. It is not always going to be the Cisco product that works best. Sometimes the Cisco product is the nicest product out there, but that does not necessarily mean it is going to be the best. Look at what works for your organization and go with whatever your staff feels most comfortable with because at the end of the day, your staff is going to have to support that solution. No one wants to support something that they do not really want in the first place. My overall rating for Cisco Secure Access is 9.5 out of 10.

Cisco Secure Access  has many features, and I want to clarify whether the discussion pertains to Cisco ISE  or the Cisco client, as the new product name created some confusion with other Cisco products. The solution allows users to connect with our organization's assets from anywhere in a secure manner by providing controls, including firewalls and URL filtering, to deliver comprehensive security for our users and protect them from advanced malware and harmful websites. Overall, its purpose is to safeguard our users during access to our infrastructure on the cloud.

The no-cost migration tools from Umbrella  have assisted in streamlining our security policy migration. We also have the cloud to manage all of these products, which works very well for us. We have comprehensive rules from Umbrella , acting as our main firewall. We also implement controls on application control, URL filtering, allow lists, and destination lists to permit or block specific access, including our domain. Therefore, this is very helpful to streamline the implementation for Cisco Secure Access .

Regarding the AI Access feature, I used to use OpenAI, but I will try Cisco's AI tools next time to search for logs. I have tried one, and I think it is very good at allocating logs and knows exactly where the product is and where the issue is. I find it very helpful for us.

I have not yet used the Experience Insight feature, powered by ThousandEyes , but I will do so next time.

I have used the AI assistant feature in Cisco Secure Access. I find it very helpful for viewing logs, analyzing logs, and assisting with issue resolution whenever I am searching for issues. The replies I receive are very quick, professional, and helpful for us.

I am using the Hybrid Private Access feature for varying the enforcement location for ZTNA  private traffic. We provide access for our users while enforcing security using these features. It is very good technology overall, and Cisco simplifies it for us and for their customers.

I have tried integrating Cisco Secure Access with Identity Intelligence; we have a trial license for it, and we have gained insights from this license. It is very good and helps us to identify and protect our digital assets. We are considering a decision to purchase this after trying it for the first time.

I have used the policy verification feature to help reduce policy misconfigurations. It acts as a health check for policy configurations and is a powerful tool that recommends settings and configurations for policies.

The effectiveness of AI supply chain risk management is currently under testing. One of my team members is configuring this or working on it, but it is still under evaluation.

What I like the most about Cisco Secure Access is that it has continuous updates for signatures for advanced ransomware; for example, Cisco Umbrella  also does this. We can implement controls to prevent access to newly observed domains, with Cisco providing signatures and this information as quickly as possible compared to other vendors. This means if a new website can be malicious and contain ransomware, Cisco ensures that we have immediate information about it. It is fast to gather more information about ransomware and malware, including newly observed domains. Thus, we can say that Cisco provides updated signatures rapidly.

While it is not technically a downside, I think Cisco Secure Access needs more marketing, and the licensing cost should be bundled with other products. This approach would enhance marketing effectiveness, but technically, I do not believe the solution is missing anything.

I have been working with Cisco Secure Access for more than six months.

I have not experienced any lagging, crashing, or downtime; we have gone more than six months without any issues. It is very good.

It is not practical for me to comment on scalability; we have just our one-year product. However, according to the licensing model, I believe it provides scalability.

I have contacted their technical support before, and I consider Cisco TAC to be very professional and very good.

The initial deployment of Cisco Secure Access is easy, and as it is very common from Cisco, they have a very professional team.

Cisco TAC is very helpful and professional. I reached out to them one day, not during the implementation but after we implemented this product along with other Cisco products. They are a very professional and supportive team.

Cisco Secure Access always requires monitoring for updates and signatures, similar to a health check, but not intensive maintenance. It is very good and very stable. I provide this product with an overall rating of ten out of ten.