I have been using Cisco Secure Access since the company started, and I have had enough exposure to evaluate both its strengths and areas of improvement.

I mainly use Cisco Secure Access to secure remote access and provide zero-trust access for employees who are working remotely.

Securing remote access and providing zero-trust access helps us give employees secure access from anywhere without relying on traditional VPNs, and it also improved visibility and reduced security risk, especially for remote and hybrid workers.

About my main use case, it was especially helpful during our shift to hybrid work since we needed secure and reliable access for users across different locations and devices.

The best features Cisco Secure Access offers are its zero-trust access controls, easy integration with Cisco products, strong visibility into user activity, and cloud-based management.

Cloud-based management or visibility into user activity makes monitoring and managing access much simpler since everything is centralized, and we can quickly see user activity and respond to issues without digging through multiple systems.

Cisco Secure Access has positively impacted my organization by improving our security posture, reducing reliance on VPNs, and making remote access faster and more reliable for users.

The main area for improvement with Cisco Secure Access would be simplifying initial setup and policy configuration, as some parts can feel complex for new admins.

Better onboarding guidance and more intuitive dashboards would make it easier for new users to get started and manage policies more efficiently.

I have been working in my current field for 1.5 years.

I find Cisco Secure Access to be very stable overall, with minimal downtime, and performance has been consistent for users even with remote access. Any issues we have seen have been minor and resolved quickly.

Customer support for Cisco Secure Access is pretty good and responsive and knowledgeable, with most issues resolved quickly, especially when escalated through Cisco support channels.

We previously relied on a traditional VPN solution, but it was a standard option at the time for remote access before we moved to a Zero-Trusted model.

My experience with pricing, setup cost, and licensing is that pricing is on the higher side and licensing can be a bit complex; the setup cost was manageable, but initial configuration required some effort and expertise.

We have seen a return on investment from Cisco Secure Access, mainly through reduced VPN usage, lower support overhead, and time saved on access management, which has overall improved efficiency for the IT team and reduced operational costs.

There has been a clear ROI with Cisco Secure Access as we have reduced VPN-related support workload significantly. We have also seen a 25% improvement in troubleshooting resolution time and lower overhead from not maintaining legacy VPN infrastructure, which translated into both time and cost savings.

We evaluated a few alternatives such as Zscaler and Palo Alto Networks Prisma Access before choosing Cisco Secure Access.

We are using the Experience Insights feature, Digital Experience Monitoring powered by ThousandEyes, with Cisco Secure Access, and I'm not sure of the incident resolution time, but it is faster.

We have started using the AI Assistant feature in Cisco Secure Access, but still in a limited way for basic queries and troubleshooting.

We use ZTNA in Cisco Secure Access, and it's both client-based and clientless depending on the use case, which has positively affected our transition to Zero Trust and least privilege principles.

We use Cisco Identity Intelligence with Cisco Secure Access to improve user visibility and strengthen identity-based access controls.

I evaluate the AI Access feature of Cisco Secure Access for providing deep visibility and control over AI applications, tools, and large language models as very useful for visibility into AI usage, but still evolving, as it helps us monitor access to AI tools and enforce basic controls. However, we would like more granular policy options and reporting.

My advice to others looking into using Cisco Secure Access is to plan the rollout carefully and invest time in learning the policy configuration, as it's powerful but getting the setup right early makes a big difference in long-term success. I would rate this product an 8 out of 10.

All types of companies are a good fit for Cisco Secure Access, including manufacturing, education, finance, and all different types of customers we are having.

The majority of cases come on the regular switching and routing for Cisco Secure Access, and some cases do come on security aspects also when the network gets added features of security.

Some of our customers use VPN in Cisco Secure Access, VPN as a Service.

They are looking forward, definitely, in their transition from VPN to ZTNA.

Our customers have integrated Cisco Identity Intelligence with Cisco Secure Access.

The AI Access feature is quite important for providing deep visibility and control over AI applications, particularly considering these days AI is supporting the technologies. I feel it is important.

Identity management plays an important role wherever we are going for implementation of security measures influenced by this integration.

That should be very important for evaluation of the effectiveness of AI supply chain risk management.

Regarding the Experience Insights feature of Cisco Secure Access, I won't be able to tell you exactly because that is what my team usually handles.

There is nothing that I can exactly tell you for improvement for Cisco Secure Access.

Right now, I won't be able to really suggest additional features because that is something our implementation team will be able to tell better.

Improvement on the pricing will help in expanding the market for Cisco Secure Access and then it can be affordable to much more number of companies than what it is right now.

That is good. We have always valued Cisco for its good support.

That is good, definitely good when it comes to response time and first level support quality.

My team is there. They are doing it.

It has definitely made life easier, but again, security is something which is never close-ended. It has always evolved, and we have to keep evolving when we are considering security. What is security posture today which is okay, another year on, maybe that posture is not enough. And we have to be more reactive.

The pricing also always helps because the market is very competitive here, and it always plays a very major role. And quite often to remain competitive, we have to go into very deep discount mode, and then we can at least be in consideration. So price is always a consideration that way.

Improvement on the pricing will help in expanding the market for Cisco Secure Access and then it can be affordable to much more number of companies than what it is right now.

It is definitely one of the best options in the market for Cisco Secure Access, but there are competitions, definitely.

Cisco is very well poised and it helps us to build up cases with Cisco that way, because having its brand strength and its facilities and all, they could learn a lot from their competitors.

Our team has had some experience with Cisco Secure Access.

We are using it in our company and we recommend it to our customers.

We are offering that to our customers.

From that point of view, our guys are okay with deployments of Cisco Secure Access.

I will rate Cisco Secure Access at nine, definitely. I will keep some room to keep a challenge for oneself.

The awareness of Cisco Secure Access should be slightly more because Cisco is a default standard in the top-level companies or even banks and all. Cisco is the first choice. You can lower down, the presence is less because of the pricing factor and things like that.

Mostly through distribution, our customers buy Cisco Secure Access. We have got a good distribution channel here and we work quite closely that way.

I will give nine to Cisco Secure Access from my perspective.

They already are a market leader when it comes to the functionalities and the interface.

My overall review rating for Cisco Secure Access is nine out of ten.

I evaluate Cisco Secure Access's AI Access feature for providing deep visibility and control over AI applications as something we have just started using, with not much experience yet. The Canva features are in beta mode at the moment, so we are in the early stages.

Our customers use VPN as a Service (VPNasS) in Cisco Secure Access, as we are providing POC and offering that solution to some customers. It is new for them, particularly in India, where they are launching and promoting it now. We are trying to explain and educate customers on the differences between traditional VPN and Secure Access, and what the advantages are. We are doing all these initiatives while completing the POC as well.

The features mostly used in Cisco Secure Access by our customers include roaming clients, which is the major aspect because the clients are roaming around and accessing from anywhere. They need secure access to their private applications as well as public applications. Some applications are hosted in their own on-premises data center, others in their private cloud, and some in the public cloud. Therefore, they need to access all parts of their portfolio securely, and this is the main use case we propose.

I describe the performance and security levels provided by the Hybrid Private Access feature as solid; we are using a cloud firewall for security. The cloud firewall includes application filtering, DNS filtering, and everything is managed in the cloud, so we apply these conditions to ensure access to either public or private cloud.

Our customers use VPN as a Service (VPNasS) in Cisco Secure Access, as we are providing POC and offering that solution to some customers. It is new for them, particularly in India, where they are launching and promoting it now. We are trying to explain and educate customers on the differences between traditional VPN and Secure Access, and what the advantages are. We are doing all these initiatives while completing the POC as well.

In my opinion, Cisco Secure Access can be improved by further integrating different platforms into a single solution. They are slowly integrating all components into one solution, such as Secure Access, firewall, and Catalyst Center for switch management. The current challenge lies in managing multiple consoles, which adds complexity to the management of these platforms.

For future releases, I would like to see improvements in IDP integration, particularly regarding local user integration. There are some limitations because it is a cloud-based platform, and we need enhancements in the area of on-premises user integration.

I rate the technical support based on the individuals who connect; some provide correct solutions while others may take a lot of time.

On average, I would rate the technical service around seven, or perhaps seven point five out of ten.

There is indeed room for improvement regarding first-level support; they need to ensure that knowledgeable people are available.

Cisco Secure Access's initial setup is straightforward; it is a GUI-based cloud-managed deployment. If everything is configured correctly, we can complete the deployment within an hour, having all IPs and other elements ready.

Regarding affordability, I find the product to be reasonably priced, as we have access to a partner portal where we, as Cisco partners, can view GLP prices. From this portal, we can assess costing and budgetary considerations.

I am using Cisco Secure Access's Hybrid Private Access feature for varying the enforcement location for ZTNA private traffic.

I have integrated Cisco Identity Intelligence with Cisco Secure Access, where the IDP-related functionalities play a role. ISE is for centralized policy management, and within that context, it is not a major component; however, IDP integration is a significant part of Secure Access specifically for roaming clients.

The policy verification in Cisco Secure Access is very effective; since Secure Access is a cloud platform, we configure policies based on requirements and deploy them accordingly.

I would like to add that while the integration into one platform is important, security-wise, Cisco Secure Access is a good product. The complexity I see primarily relates to management, and they are gradually integrating towards a single platform, which is the only concern I have.

I believe Cisco Secure Access is the best option on the market at the moment; it is the right and recommended choice. I would rate this solution an eight out of ten overall.

In my previous role, we managed the IT infrastructure for U.S. military base schools worldwide. We implemented Cisco Secure Access primarily as a cloud-based firewall replacement. Previously, we utilized a centralized architecture with Palo Alto firewalls in a U.S. data center, which meant all of our global traffic had to be backhauled to the U.S. before going out to the internet. We rearchitected the network to enable local internet breakouts at every individual base. Instead of deploying expensive physical firewalls at each local site, we deployed Cisco Secure Access as our cloud firewall solution. Now, local traffic routes directly up to Cisco's cloud for filtering before reaching the internet, ensuring our users are secured regardless of their geographical location. I still closely support customers utilizing this architecture.

Cisco Secure Access has definitely helped our organization. All our users are now basically VPN users, and it has made things much smoother compared to the old way we had things set up. I would say it is a big plus.

It has cut incident response time at least in half. The extra analytics allow me to make more informed decisions. For example, I have users who are sometimes children because we have military bases across the world that are schools. When a child brings a Nintendo Switch to school and it joins the network, it looks to our cybersecurity team like a rogue device. Having the analytics to track that down and identify the exact device and the user it is assigned to really helps incident response time go down much faster. Now, from headquarters pinging the base, pinging the tech on site, and the tech walking into the classroom to remove that device from the network, everything is much quicker.

The actual technology itself is valuable. Cisco Secure Access functions as a cloud firewall where there is no real need for on-premises firewalls for many client devices. This feature is excellent because I no longer need million-dollar Palo Alto firewalls sitting at a data center where I would be forced to route all traffic through an MPLS circuit to those firewalls for filtering before getting to the internet.

Cisco Secure Access takes on the responsibility of filtering traffic, and I do not have to deal with hardware anymore. When hosting my own firewalls, I had to worry about upgrades, maintenance, and license costs for physical Palos. With Cisco Secure Access, I do have license costs, but they are very streamlined with their new smart licensing features.

From a network perspective, it makes management easier for my network operations team. Previously, I had complicated, complex, high availability meshed firewalls. Now I can have a single pane of glass solution where I can still get all URL filtering and content filtering done through web access. I no longer have to worry about hardware and setting up high availability pairs for physical firewalls. I am just focused on putting a client on the user's machine. Even if I do not want to put a client on a machine from an operational perspective, I can pair Cisco Secure Access with other Cisco products like SD-WAN. Even without the Cisco Secure Access client on actual laptops for the organization, I can still filter that traffic from the router level by telling my Cisco router that its next hop is the Cisco Secure Access cloud for filtering.

Coming from an environment primarily using Ruckus and Brocade at the Department of Defense, then switching to Cisco Secure Access to meet the zero trust requirements set forth by the Pentagon has been tremendous. It checks most of the boxes. I would say it is probably a little weak in the area of IPv6 still. I have actually gotten the chance to talk with the actual developers developing Cisco Secure Access at Cisco. There is still a lot to be desired in the IPv6 realm, but from what the developers are telling me, it is coming in the near future.

As I left the organization, we were getting into using more of the policy verification feature to help us since we have our hands in a lot of different areas at the Department of Defense. Policy verification definitely helps a lot because sometimes there are too many people making policies.

Cisco Secure Access provides great visibility with a single pane of glass. The data is actually useful, and I can make decisions based on it rather than just receiving raw data. For multi-organizational sites, it is absolutely a great tool.

The artificial intelligence assistance is tremendous. If I do not know something, I can use the Cisco AI to ask how to do something or how to get something working, and it will step-by-step tell me or point me in the right direction on what I need to do. On-premises solutions do not really have large language models or AI built into them, so I would be left needing to know what I need to do. This feature helps a ton.

Cisco Secure Access is probably a little weak in the area of IPv6 still. I have actually gotten the chance to talk with the actual developers developing Cisco Secure Access at Cisco. There is still a lot to be desired in the IPv6 realm, but from what the developers are telling me, improvements are coming in the near future.

After talking with Cisco, I was told that features are coming. The AI will actually be able to help generate reports that we want to see for certain executives. There is still a little to be desired, but it is coming.

I do not think IPv6 support is fully there yet. I think Cisco is heading in the right direction, but to really get to that true zero trust autonomous network as described in the Pentagon documents, there is still some work to do. Cisco is definitely heading in the right direction though. There are feature sets that definitely help streamline many processes and get me data that is actually useful. It is not those other products where I get a lot of garbage data that is not useful. Cisco Secure Access gives me data that I can actually use to make a decision on a zero trust network.

I want to see better IPv6 support and continued support for AI with constant improvements. If I could get to the point where I can ask the AI how to do something and it becomes agentic AI that actually starts doing things automatically, that would be incredible. For example, if I could tell the AI that I do not want any of the students in the classroom getting to facebook.com and it goes into Cisco Secure Access and automatically blocks it, that would be amazing. With agentic AI doing things for me rather than just telling me how to do it, I would not have to spend millions on people who are only certified to use this product. I could have lower-level techs who do not necessarily know how to do something but know how to talk to the AI to get things done.

I have been using Cisco Secure Access for about three years.

We did run into an issue with URL filtering where it would not filter a site properly. It took months to resolve by Cisco, but that is the only hiccup I would say there has been.

The customer service is amazing. I call, get my ticket, they pick up, work the ticket, and the issue gets resolved about 9.5 times out of 10.

The initial setup was pretty straightforward. If there were any complexities, Cisco was right there with their support to help us. I would say it was pretty simple.

I definitely got my money's worth already with Cisco Secure Access.

A single pane of glass solution was important to me. Cisco Secure Access was just cheaper than putting a Palo Alto firewall solution at every school or using Prisma, their secure solution. It just worked out to be better. The integration into products like ICE, DNAC, and SD-WAN was a lot better on the Cisco side because Cisco to Cisco integration is better than Cisco to Palo Alto. Product integration among the other Cisco products we had was just better overall.

I would urge any customer to look up their numbers and see what works best for them. It is not always going to be the Cisco product that works best. Sometimes the Cisco product is the nicest product out there, but that does not necessarily mean it is going to be the best. Look at what works for your organization and go with whatever your staff feels most comfortable with because at the end of the day, your staff is going to have to support that solution. No one wants to support something that they do not really want in the first place. My overall rating for Cisco Secure Access is 9.5 out of 10.

Cisco Secure Access has many features, and I want to clarify whether the discussion pertains to Cisco ISE or the Cisco client, as the new product name created some confusion with other Cisco products. The solution allows users to connect with our organization's assets from anywhere in a secure manner by providing controls, including firewalls and URL filtering, to deliver comprehensive security for our users and protect them from advanced malware and harmful websites. Overall, its purpose is to safeguard our users during access to our infrastructure on the cloud.

The no-cost migration tools from Umbrella have assisted in streamlining our security policy migration. We also have the cloud to manage all of these products, which works very well for us. We have comprehensive rules from Umbrella, acting as our main firewall. We also implement controls on application control, URL filtering, allow lists, and destination lists to permit or block specific access, including our domain. Therefore, this is very helpful to streamline the implementation for Cisco Secure Access.

Regarding the AI Access feature, I used to use OpenAI, but I will try Cisco's AI tools next time to search for logs. I have tried one, and I think it is very good at allocating logs and knows exactly where the product is and where the issue is. I find it very helpful for us.

I have not yet used the Experience Insight feature, powered by ThousandEyes, but I will do so next time.

I have used the AI assistant feature in Cisco Secure Access. I find it very helpful for viewing logs, analyzing logs, and assisting with issue resolution whenever I am searching for issues. The replies I receive are very quick, professional, and helpful for us.

I am using the Hybrid Private Access feature for varying the enforcement location for ZTNA private traffic. We provide access for our users while enforcing security using these features. It is very good technology overall, and Cisco simplifies it for us and for their customers.

I have tried integrating Cisco Secure Access with Identity Intelligence; we have a trial license for it, and we have gained insights from this license. It is very good and helps us to identify and protect our digital assets. We are considering a decision to purchase this after trying it for the first time.

I have used the policy verification feature to help reduce policy misconfigurations. It acts as a health check for policy configurations and is a powerful tool that recommends settings and configurations for policies.

The effectiveness of AI supply chain risk management is currently under testing. One of my team members is configuring this or working on it, but it is still under evaluation.

What I like the most about Cisco Secure Access is that it has continuous updates for signatures for advanced ransomware; for example, Cisco Umbrella also does this. We can implement controls to prevent access to newly observed domains, with Cisco providing signatures and this information as quickly as possible compared to other vendors. This means if a new website can be malicious and contain ransomware, Cisco ensures that we have immediate information about it. It is fast to gather more information about ransomware and malware, including newly observed domains. Thus, we can say that Cisco provides updated signatures rapidly.

While it is not technically a downside, I think Cisco Secure Access needs more marketing, and the licensing cost should be bundled with other products. This approach would enhance marketing effectiveness, but technically, I do not believe the solution is missing anything.

I have been working with Cisco Secure Access for more than six months.

I have not experienced any lagging, crashing, or downtime; we have gone more than six months without any issues. It is very good.

It is not practical for me to comment on scalability; we have just our one-year product. However, according to the licensing model, I believe it provides scalability.

I have contacted their technical support before, and I consider Cisco TAC to be very professional and very good.

The initial deployment of Cisco Secure Access is easy, and as it is very common from Cisco, they have a very professional team.

Cisco TAC is very helpful and professional. I reached out to them one day, not during the implementation but after we implemented this product along with other Cisco products. They are a very professional and supportive team.

Cisco Secure Access always requires monitoring for updates and signatures, similar to a health check, but not intensive maintenance. It is very good and very stable. I provide this product with an overall rating of ten out of ten.

Cisco Secure Access is a major part of our organization, focusing on networking, audio, and video, though we are not implementing it with proper security measures.

I use Cisco Secure Access as an on-premises solution.

For security, we use Cisco Secure Access for email security, endpoint security, networking, and gateway-level firewall, and we are also using Cisco Meraki.

Cisco Umbrella helps us with securing applications, and we are using Cisco Umbrella.

Cisco Umbrella is helping us significantly with securing standard applications, but not in a complete manner, as there are some gaps in the product which the product team needs to focus on.

My perception of Cisco Secure Access's ability to provide secure security via protocols such as HTTP, HTTP/2, and QUIC is that the overall impact is significant.

One of the advantages of Cisco Secure Access is the price, and we are able to get a unified dashboard, providing a single pane for everything.

After implementing Cisco Secure Access, I observed complete automation, a complete Zero Trust architecture, and complete automation of security.

It has worked well for protecting our organization from threats including ransomware, phishing, and spamming.

There is always room for improvement with Cisco products, and basically, the product is not as mature as others in the market.

The maturity level of this particular product is not as high as what we see in the market.

Concerns are related to marketing strategy mostly, and the licensing model is typically very confusing.

The ease of managing Cisco Secure Access is quite challenging; it is not user-friendly, and we have to involve too much time to review the information available in the dashboard, which can be confusing.

The integration of Cisco Secure Access is quite difficult; it has too much dependency and is totally dependent upon the current IT infrastructure. It is compatible with only Cisco products, and if we have multiple vendor products in the network, then integration becomes quite challenging.

I have been familiar with Cisco Secure Access for three years.

Cisco Secure Access is a stable solution, and there are no issues with stability.

It is scalable.

Cisco support is quite wonderful, and it is fine compared to Broadcom.

Before choosing Cisco, I considered FortiGate as an alternative.

I chose Cisco instead of Fortinet because, while FortiGate has everything, Cisco is a leader in networking and is more mature compared to Fortinet.

The deployment of Cisco Secure Access is moderate; it is neither difficult nor simple.

We have dedicated Cisco engineers, a team of two to three engineers, including myself.

My major concern is to justify not only the ROI but also the complete security model of our organization, ensuring there are no security gaps from edge to core to cloud.

We purchased Cisco Secure Access from the distributors.

I do use the Zero Trust Network Access feature of Cisco Secure Access.

Before choosing Cisco, I considered FortiGate as an alternative.

I chose Cisco instead of Fortinet because, while FortiGate has everything, Cisco is a leader in networking and is more mature compared to Fortinet.

The decision was more about Cisco's brand and complete branding.

The price of Cisco Secure Access is quite cheaper than VMware NSX.

I would rate this review as nine out of ten.

Cisco Secure Access serves as a replacement for customers' old VPN solutions while increasing security through Zero Trust Network Access (ZTNA). We had a chicken production client that identified their current VPN as the lowest hanging fruit for increasing security. Since the customer already had Secure Client or AnyConnect previously, introducing the ZTNA module into Cisco Secure Client felt quite straightforward. We implemented it step-by-step, side-by-side, and rolled it out for that customer, which improved secure access for both on-premises and cloud solutions and turned out to be very effective.

Cisco Secure Access offers seamless access and replacement for VPN; VPN can be quite clunky when you need to access cloud solutions. With Secure Access, you create tunnels to everything basically in the solution, simplifying things while improving security for our customers. I particularly appreciate the ZTNA story and accessing SaaS, on-premises, and cloud resources all at once.

Usability is one of the key factors in selling the product; it has to be easy to use. I think Cisco has done a good job there with Secure Client, and since many of our customers and a lot of the market are familiar with AnyConnect, showing them Secure Client, which is basically the same thing but with a new coat of paint, and telling them that it improves security while not being more difficult to handle is great.

Customers spend much less time troubleshooting VPNs because ZTNA works more stably, and therefore it has become a pretty good point of sales for us as a reseller to increase our revenue at the customer level, because it's an extra layer of security that you can add to an already existing networking solution. On the customer side, it increases performance and helps ease of use, and from the reseller side, it's a great product to add on to existing network solutions.

The customer's experience has gone from "Our VPN doesn't work and we need to troubleshoot it all the time" to "Our ZTNA does work and we don't need to troubleshoot it all the time." Cisco Secure Access has been very stable.

Cisco Secure Access's scalability is great; from a technical point of view, it's quite simple. However, from a licensing and cost point of view, there could be improvements in ease of licensing and better pricing.

The multi-organization management capability of Cisco Secure Access is excellent; it's a great feature that you can do with the multi-tenancy mode, and I think it's great that you can roll it out to separate organizations.

A more granular license approach would be beneficial, allowing customers to grow with half a module or one module at a time and add on the CASB, the DNS security, or the ZTNA. If they can do it granularly and grow slowly, I think that would be really advantageous for the sales process.

The license model can be simplified; it is a bit tricky to understand exactly which licenses you need. The cost was pretty expensive but also pretty reasonable, and if the cost could be brought down a bit, that would make it a much more attractive product for the Swedish market.

Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented.

I have been using and reselling Cisco Secure Access for the past two years.

Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented. I would give customer support a rating of five.

We previously used Cisco AnyConnect VPN, so it was more of an upgrade rather than a switch; we switched from AnyConnect to Secure Client to SSE.

I do not have concrete numbers that I can share because I do not currently have them, but the customer's experience is that they are spending pretty much no time troubleshooting ZTNA, down from spending a lot of time troubleshooting VPNs. I would estimate it is probably in the 60 to 70% range of time saved when it comes to VPN troubleshooting.

We looked at FortiSassy, Cisco Secure Access, and the customer also looked at Cloudflare.

The AI access feature of Cisco Secure Access is really interesting. I do not think it is really there yet; the product has to mature a bit more for us to give it an honest evaluation. However, from what I have seen in the upcoming feature releases, I think it is a really interesting way to go for the AI agents in the solution.

We do not use VPNaaS in Cisco Secure Access.

I do not know how it has impacted incident resolution time because we have only used the Experience Insights feature in a proof of concept stage, and I have not yet done it in a full rollout.

The AI assistant feature in Cisco Secure Access has helped with the documentation and with administrative duties.

We have not integrated Cisco Identity Intelligence with Secure Access.

Everybody has a need for a VPN; VPN is not as secure as it once was because the market is moving fast. Cisco Secure Access and ZTNA is the way forward to ensure easy access and secure access to your preferred on-premises or cloud instances. I would suggest to customers that they allow us to help them by choosing ZTNA rather than VPN. I rate Cisco Secure Access an eight because an easier license structure, easier pricing structure, and better pricing structure would bring it to a ten.

Cisco Secure Access is used for CTNA with a couple of applications deployed on it. There is a journey underway to move all applications off VPN into CTNA, but some applications are too old and legacy and will not support it very well. Business input into testing is required, and everyone is busy with everything, making it quite difficult. The VPN is working wonderfully.

The integration of Cisco Secure Access with Meraki is going well and has been a very positive experience compared to the previous deployment of Check Point. The difference this time around is having a Customer Success Manager and a direct path to the product owners, where feature requests can be made and feedback received. Cisco has been quite involved in the onboarding process.

Cisco Secure Access is significantly different compared to Check Point. Nearly a year since deployment of Cisco Secure Access, users have likely forgotten about turning the VPN on as it is now automatic. Users just open their laptop and are connected straight away regardless of whether they are home or not. From a user point of view, it has been very good. Things such as the ThousandEyes module have been deployed into it along with posture assessments, so all these different modules have been put into one single agent, which has helped get a unified view of everything.

The features of ThousandEyes integrate with Cisco Secure Access by providing end-user ThousandEyes licenses and end data center ones, which gives a holistic view. That is all complemented with Cisco Catalyst Center, providing an overarching view of what is going on on the network. The service desk can have access to that so they can see what is going on across the entire environment. This has provided a single pane of glass, which was not available with two different vendors before.

Regarding Cisco Secure Access, there are some areas that are not positive. Dedicated IP addresses for Cisco Secure Access platform took quite a while to obtain, and the process can be streamlined and improved. Issues arise because everyone is coming off a single IP address and sites such as YouTube think there are bots, asking to verify or just blocking access. When this was raised with Cisco, the official response was that accounts need to be signed up for or Gmail accounts created, with nothing that can be done on Cisco's side as it is on the end website. This is somewhat understandable, but those relationships should exist between large organizations. For instance, when presenting a PowerPoint with an embedded YouTube video, it suddenly says it cannot verify identity, causing issues for all levels. Three or four people come to the service desk every week with this issue, and the response is to use a generic Gmail account or sign up independently, which is probably not adequate.

Another issue has been with VPN profiles. When creating different VPN profiles, the underlying infrastructure has had to be replicated or provided, such as another RADIUS server for authentication. The whole VPN profile side of things can be improved for different subsets of users, such as guests or people who bring their own devices. Different profiles are wanted for different user bases, and it is quite complex on Cisco Secure Access to set all that up at the moment. Historically, with ASAs or Check Point firewalls, VPN profiles could be set up quite easily and what they had access to and what they did not have access to could be limited. There is interest in seeing how it can further integrate with Cisco Identity Services Engine because there is scope there to allow people on the environment via the VPN, but also restrict what they can access or not based on their profile. Those two can work a bit closer together.

Cisco Secure Access was deployed internally for approximately 2,400 users in April of last year.

Cisco Secure Access is stable and reliable if certain features are not used. Initially, SSL decryption was enabled, where certificates are decrypted, and when that was turned on, the performance was very unpredictable, plummeting significantly. In the end, it had to be turned off, and since it was turned off, there has been a great experience. It is understood that it requires much more processing power to decrypt things before they hit the network, but the unpredictability of the performance was only realized once it went live, and it had to be immediately pulled.

Cisco Secure Access can scale, integrate with other solutions, and meet the needs of users. Many things are in the pipeline which suggest Cisco is moving towards more integration and a single point of view, which is positive. There has been indication that Cisco will be looking at the Identity Services Engine integration.

The experience with Cisco Secure Access customer support is good. They have always been reachable, and fortnightly cadences have been established now that things have settled down. Meetings with the actual product engineers working on the solution have also been arranged. When there are more complex issues, they work with the team to pull that data directly from systems and take that back to improve on it and work on it. This has been a very collaborative experience.

Cisco support is rated an 8 overall. From feedback received from the team, it is between an 8 and a 9.

An expedited deployment of Cisco Secure Access was conducted. A proof of concept was run in December 2024, and then the solution was deployed between January and March, which was very quickly because the Check Point contract was ending on April 1st. It was quite a quick, speedy move, but support was provided all along the way with the managed service partner as well as Cisco, so the delivery was successful.

The price to value from Cisco Secure Access is justified. Money has been saved by moving to one vendor, and that has been a material cash saving that was able to be handed back to the business. It has not only been a better solution overall, but also been cost saving, which is unusual—too good to be true at one point, but it has delivered. Approximately half a million pounds a year is the amount that has been saved.

AI Assist is quite good at how it can collect information from various sources and pull it all together to give an answer. It can also resolve issues further down the line, so it appears quite powerful.

Cisco Secure Access is rated an 8 overall. It is good at what it does at a fundamental level, but when it comes to trying to customize it slightly for what is needed, because it is a cloud-based solution, it is much harder. There are some features that are missing from it that used to exist in the older platforms. The overall review rating for Cisco Secure Access is 8.

My main use case for Cisco Secure Access is to secure our network. A specific example of how I'm using Cisco Secure Access to secure my network is that we use it for our customers as an internet service provider to ensure everything is safe.

In my experience so far, I haven't noticed any best features that stand out with Cisco Secure Access. One feature that does sound useful to me is Zero Touch.

The Zero Trust feature in Cisco Secure Access works very well, but I have no idea about its specifics. Some common positive impacts I mention include faster troubleshooting, which I have noticed since using Cisco Secure Access.

Cisco Secure Access has helped with faster troubleshooting because when we were troubleshooting a loop in a network of our customers, with just a few clicks, I found where it came from and where it was going, so I closed this interface and everything is good.

I am using the AI Assistant feature in Cisco Secure Access, and it has helped in improving my security administrative tasks by summarizing pages or outputs of troubleshooting, which is helping so much. The most helpful thing the AI assistant has done for me is making recommendations for solutions during troubleshooting, which helps me focus on what to think about.

I think Cisco Secure Access can be improved, but as I said, I'm still new in this field, so I can't say something now. I plan to improve my skills more and gain more experience, and maybe I can send them an improvement by mail or something similar. I do not have more to add about the needed improvements.

I have been using Cisco Secure Access for approximately two months.

In my experience, Cisco Secure Access is very stable, and I do not have issues with downtime or reliability.

Cisco Secure Access' scalability seems to keep up with my needs as my organization grows.

My experience with customer support for Cisco Secure Access has been okay, but it is not very fast.

I did not previously use a different solution before Cisco Secure Access, so I'm not sure about that.

Cisco Secure Access is deployed in my organization on-premises. I'm not sure if we use VPNaaS in Cisco Secure Access. I haven't used the Experience Insights feature powered by ThousandEyes yet; I know about ThousandEyes, but we do not use it yet.

I'm not sure if I have integrated Cisco Identity Intelligence with Cisco Secure Access. I haven't used policy verification in Cisco Secure Access as I am still new and do not configure any policies. I help mostly with troubleshooting something that's already running, just looking for anything wrong here and there.

I do not have anything unique to add about how I or my customers are using Cisco Secure Access.

Since using Cisco Secure Access, I haven't seen a return on investment and I do not have this information regarding saved time, money, or fewer employees.

Before choosing Cisco Secure Access, we evaluated a few solutions such as Cisco Meraki, Cisco ISE, and Catalyst Center.

Since I started using Cisco Secure Access, I have noticed positive impacts on my organization. My advice for others looking into using Cisco Secure Access would be to try it; it is very nice to have in a good environment, such as service providers. I would give this product a rating of 8 out of 10.

My main use case is Zero Trust because we're moving to a full SASE platform and Cisco Secure Access was our first step.

Cisco Secure Access has helped my organization significantly, especially when we went through a cyber event and lost all our previous remote access. We were able to get Cisco Secure Access up within seven days and roll it out to all our people to get everybody back online. It was a very fast rollout to 30,000 users and we regained full functionality within those seven days.

I appreciate all the features of Cisco Secure Access, but I find the Secure Web Gateway is probably the best feature, followed by the Malware and IPS in the cloud.

The Secure Web Gateway is probably the best feature of Cisco Secure Access because it simplifies access and allows me to lock down my entire environment. My access network only allows 443 to Cisco Cloud, with no other traffic, reducing the chance of anybody getting in and cross-connecting to anything else.

One area that needs improvement with Cisco Secure Access is the ZTA policy itself, which is lacking because it is limited to one policy for one target. If I have multiple policies I want to apply to a multiple group for the same target, I cannot do it, which is very limiting.

I have been using Cisco Secure Access for 14 months.

I did not face any major challenges or have bugs, crashes, or downtime during the deployment of Cisco Secure Access. However, we experienced one downtime when all of Cisco Secure Access went down, but it was not specific to our organization.

My experience deploying Cisco Secure Access was positive. We had CX services and got it in within seven days, so it was pretty easy.

I can definitely say I have seen a return on investment from having Cisco Secure Access, as it has cut down our admin cost. I have eliminated three sets of firewalls that I did not need to have. I would say we probably save about 30% in hardware and about 20% in administration right now.

My experience with the pricing, setup cost, and licensing for Cisco Secure Access is that it is part of our security EA, so it is included in our program, which is part of a much bigger portfolio.

Before adopting Cisco Secure Access, I used Zscaler, which is along the same line, but I am not a fan. I am happy because I find with Cisco it ties well with the rest of the ecosystem, unlike Zscaler, which does not. We did look at Zscaler.

The attack we faced had a big impact.

I am not using the AI assistant feature in Cisco Secure Access yet, as we have started looking at it, but it has to go through risk assessment first.

I am not using any other AI tools in Cisco Secure Access. We were deploying AI endpoint but that has been paused.

I do use VPNaaS in Cisco Secure Access.

The transition from VPN to ZTNA with Cisco Secure Access has just been more secure for me. It is more secure because VPNs are easy. If somebody compromises a VPN, you get traditional full access to things, whereas ZTNA allows isolating access to an individual system, providing limited access.

I am not using the location enforcement by location features of Cisco Secure Access yet, but it is on the roadmap to deploy.

My experience with the Experience Insight feature, called DEM, is not good. I find the integration between Cisco Secure Access and ThousandEyes does not work well and does not deliver what it is supposed to. In fact, we have not been able to get it to work, making it pretty useless right now.

I have integrated Cisco Identity Intelligence in Cisco Secure Access, which is influenced by security. It is all tied to the identity, the root trust. That is where we are using it for.

My experience with the multi-organization management capability of Cisco Secure Access in terms of usability and efficiency seems okay for the limited usage we have for the multi-tenant. I cannot really comment if it is good or bad.

I would rate this review a 10 overall.