Cisco Secure Access

Our main use case for Cisco Secure Access is providing security for hybrid and mobile workforces. One of the big challenges these days is the fact that you will have users in the office, working remotely, and all will have different access policies.

You will have users that will be technically hopping between offices, remote work, and working on the road. The trick is determining how we can have a single, consistent security policy for those users. Cisco Secure Access helps us with that quite a bit.

We did our first pilot deployment of Cisco Secure Access about three years ago, and we have deployed it successfully at several customers since then.

The VPN as a service is the feature that we like the most and the one that our customers like the most. Historically, you would have to maintain a firewall or other local VPN concentrator device. With Cisco Secure Access, now you can VPN in directly to Cisco Secure Access cloud, have that security policy applied, and then get directed either to the internet for SaaS apps or cloud services or to local on-premises resources through Cisco Secure Access system.

AI Access feature is a relatively new feature in Cisco Secure Access, but it is one that has become very important, especially in the last year or so, as end users have started to make a lot of use of the big AI tools, ChatGPT, Claude, and all that. There is now a big concern about those users putting inappropriate information into them, confidential information, regulated information. Being able to more tightly control what models my end users use, what services they use, and what information they submit has become a major part of end-user security in general. With Cisco Secure Access, I can do that whether you are in the office, on the road, or working from home. I can ensure that wherever you are at, you are not using AI models inappropriately and exposing us to risk.

Digital Experience Monitoring is for Cisco Secure Access and really any kind of SASE deployment. You need to know how the users are using the system and what their experience is so that it is easier to troubleshoot. Because you could have users anywhere, how are they getting access to the resources? If they are having problems, how can we help troubleshoot that? ThousandEyes integration with Cisco Secure Access is a pretty comprehensive visibility tool. It works everywhere from, for example, a work-from-home user. Are they having poor connectivity? ThousandEyes will let us see that it is their home network. They have bad wireless signal. We can work with them to fix that. Alternatively, it reveals problems with their internet connection. Or if they are traveling, what is the total visibility within the entire path between them and the application, whether it be a SaaS app, locally hosted, or something hosted in Azure, AWS, or any of the big cloud providers.

These days with supply chain attacks being a major problem, being able to vet anything that is downloaded by developers, by end users for business use, is almost a requirement these days. With Cisco Secure Access, because I can do that, this goes back to that security anywhere for any user at any time. Being able to ensure that we have that coverage for someone working from home, someone working remotely, someone on-premises, keeps that supply chain risk low.

I think it is a matter of especially keeping up with the times. I mentioned AI defense earlier, but as AI use and especially as we get into agentic AI use, seeing how Cisco Secure Access works to control those agentic uses especially is important. I think that is where we expect the big improvement to be.

I have been working in IT consulting for about 22 years.

It has been rock solid and stable. I can only think of one service disruption that I have seen with it in the last several years we have been using it, and that was really only for a very short amount of time.

Cisco Secure Access is a very scalable solution. Being cloud-native, scalability is really built in. The user management controls work well even for our larger customers with large numbers of users. I would say scalability for Cisco Secure Access is a very strong point. It builds on Umbrella, which is a highly scalable security solution. We see that there as well.

When we have had problems, they have been very quickly resolved. The support engineers have always been of a high quality. The only bad experiences we have had were really sort of when the platform launched and I think even Cisco was still learning how to support it.

There was no single solution before. What we were doing before Cisco Secure Access was just a traditional on-premises VPN or other standalone remote access solutions, which was always, I think, a management headache. Multiple products were needed for different use cases. Moving to Cisco Secure Access really helped consolidate all that into one overarching end-user security platform.

Overall, it has been a fairly good experience. Deploying Cisco Secure Access, because for a lot of customers they started with Umbrella, and it goes back to that same operational model, that same user interface, the same configuration model, has made it probably one of the easier SASE solutions to deploy compared to some of the other vendors out there.

For our customers, it has been a big time saver in terms of policy management. Because now, I do not have to maintain separate policies for my remote users versus my on-premises users or people in a hybrid environment. For our customers, there has been a pretty good ROI and pretty quickly too.

For our customers, it has been a big time saver in terms of policy management. Because now, I do not have to maintain separate policies for my remote users versus my on-premises users or people in a hybrid environment. For our customers, there has been a pretty good ROI and pretty quickly too.

Pricing for Cisco Secure Access has been very reasonable in the context of the entire world of SASE solutions. Setup costs for customers coming off of Umbrella, because of the fact that it is an evolution, the setup costs for our customers have been low. A little bit higher for greenfield, but Umbrella has always been a fairly easy product to turn up and Cisco Secure Access sort of continues that. Getting customers up and running with it is pretty easy and not too expensive.

The other solution that we considered heavily was Palo Alto's Prisma Access, or what they call Prisma SASE now. What we found is that with Cisco Secure Access, it was a much easier on-ramp for our customer base. It was easier to get that quick ROI.

One of the things about policy verification is with Cisco Secure Access and modern security products in general, policies can become very complicated, very quickly, especially once you start doing role-based policies. To have a tool that helps you validate the policy before you push it out to the end users ensures that the end user satisfaction is higher, fewer complaints, and fewer headaches for the IT staff when making big policy changes.

It is a solid 10. It does exactly what we need it to do. It does so in a way that is easy to manage, easy to control, and gives us the information that we need to make sure our end users have a good experience wherever they are working. My overall rating for Cisco Secure Access is 9.

The biggest advice I give to anyone looking at Cisco Secure Access or really any other SASE solution is a lot of planning. SASE deployments tend to be complex, and while Cisco Secure Access does a great job of simplifying things compared to some of the other vendors out there, a good solid project plan, a good solid assessment of your needs before deploying is always something that I would recommend anyone does.

Cisco Secure Access is used primarily for remote access into on-premises servers. We are currently in a hybrid ZTNA and VPN solution, and with ZTNA, we have more flexibility about what traffic goes over VPN and what traffic stays through the internet.

We still have the VPN aspect, and with ZTNA we also have the ability to make those on-premises servers accessible securely anywhere in the world.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product, and it has both the clientless and the client aspects, which I really appreciate.

The features of Cisco Secure Access that I like the most include its ease of use.

Cisco Secure Access is both client-based and clientless.

The multi-organization management capability of Cisco Secure Access is very usable and very user-friendly, and the end users are happy with it. I try to make the product and the process as painless as possible for all our end users, so it runs well.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product with both the clientless and the client aspects.

We have not explored much of the Experience Insights feature powered by ThousandEyes of Cisco Secure Access, as it is part of our Meraki package, but we have not really done much with it yet.

We have been using Cisco Secure Access for about five years now.

I would assess the stability and reliability of Cisco Secure Access as very good. Nothing comes to mind regarding downtime, crashes, or performance issues.

My experience with customer service and tech support is great, and I am very happy. Every time I run into an issue, I can get a hold of someone at Cisco to get it fixed.

They are responsive and quick on their feet.

To address the same issues, my organization did not have any solution put in place.

I have not used the policy verification to help reduce policy misconfigurations.

Policy configurations have not caused slowdowns or blocked access for users in the past.

My experience with deploying Cisco Secure Access is that it is very easy to integrate with the Meraki products.

We implemented Cisco Secure Access about five years ago.

The pricing setup cost and licensing was not complicated; it was painless.

When selecting Cisco Secure Access, we were not looking at different options in comparison. We knew we were going to move all of our hardware over to Cisco, and so it made sense.

Comparing Cisco Secure Access to something like Cloudflare One, in the future the cost can come down. I have also looked at Zscaler for ZTNA, but overall, it is a robust product. Obviously, we always look at cost. I think Cloudflare may not have as robust of a product, but the cost is very minimal.

I would give Cisco Secure Access a rating of eight.

I would give customer service and tech support a rating of nine.

My overall review rating for Cisco Secure Access is eight.

My main use cases for Cisco Secure Access are firewalls between our IT and OT networks and VPN access to our OT network. For the most part, I am strictly using Cisco Secure Access as a next-gen firewall, using it for deep packet inspection visibility, but mostly for VPN remote access.

The integration has been really good for my identity management and security measures. There have been some difficulties at times, but we have been able to get it to work.

I would describe my multi-organization management capability of Cisco Secure Access as having its ups and downs. There are times it feels difficult to navigate and get things configured, but that is coming from a CLI perspective. I can see improvements from the previous versions and generations. It is getting better. I think I just need to get acclimated to it and get used to it.

For us on the OT side, Cisco Secure Access has been good in scaling with the growing needs of my organization.

I am not sure which features of Cisco Secure Access I appreciate the most.

I have not used the policy verification feature of Cisco Secure Access to help reduce policy misconfigurations.

I am not certain how Cisco Secure Access can be improved or what additional features should be included in the next release.

My experience with deploying Cisco Secure Access has faced a few challenges, I believe, just as with policy configurations. That is getting familiar with the interfaces and other aspects. I think these are things that I was able to work through.

I have been using Cisco Secure Access for approximately three to five years.

I have not experienced any downtime, crashes, or performance issues with Cisco Secure Access, so I assess its stability and reliability as good.

I have not expanded usage of Cisco Secure Access significantly. Only client user-wise have I expanded, but not infrastructure-wise.

I would rate my customer service and technical support for Cisco Secure Access a five out of five. I give them a ten on a scale from one being the worst to ten being the best because they are very responsive.

Prior to adopting Cisco Secure Access, I was not using another solution to address similar needs.

My experience with the pricing, setup costs, and licensing of Cisco Secure Access has been straightforward with our Cisco partner.

I did not upgrade from Umbrella to Cisco Secure Access.

I have seen a return on investment with Cisco Secure Access.

I have always been a Cisco shop and did not consider other solutions before selecting Cisco Secure Access.

My advice to another organization considering using Cisco Secure Access is to do your homework. I would rate this review a nine out of ten.

Cisco Secure Access is used primarily to navigate the internet while protecting users when they visit dangerous sites.

The protection feature is what I appreciate most about Cisco Secure Access, and we use it together with other tools while implementing Cisco Secure Access with SD-WAN.

The benefit I have experienced from Cisco Secure Access' identity-based security measures in my organization is the ability to control the profiles.

Cisco Secure Access can be improved by developing a portal to control all tools together, which is the feature I want most as we are on this journey and learning about it.

I have been using Cisco Secure Access for one year since we migrated from Umbrella.

I assess the stability and reliability of Cisco Secure Access as top-notch, and I have not experienced any downtime, crashes, or performance issues because we built the solution and performed the tests step-by-step. When we encountered a small issue, Cisco was with us and provided the solution very quickly.

I would rate the customer support and tech assistance as a 10.

Before using Cisco Secure Access, I considered Umbrella and then moved to Cisco Secure Access.

My experience with deploying Cisco Secure Access was easy because Cisco worked with us through the process.

My experience with pricing, setup cost, and licensing has been somewhat unclear, but we can certainly improve on that aspect.

The benefit I have experienced from Cisco Secure Access' identity-based security measures in my organization is the ability to control the profiles.

The protection feature is what I appreciate most about Cisco Secure Access, and we use it together with other tools while implementing Cisco Secure Access with SD-WAN.

I have used the Zero Trust Network Access feature, but we use it directly on the firewalls rather than through Cisco Secure Access.

Granular access controls have helped in managing user permissions by allowing some users to have access to YouTube for trainings and specific videos while other users do not have this kind of access.

To measure the impact of detailed analytics on my understanding of network vulnerabilities, we use it together with scans to find vulnerabilities and threats and to have a fast solution to address them. We use it together with Cisco DNA, for example, and when we receive documentation about vulnerabilities, the team sends it to us and we can treat it directly and upgrade or take the necessary steps to avoid this kind of vulnerability.

I rated this review a 10 overall.

We use Cisco Secure Access for our VPN and other tunneling and authentication functions. We also use Cisco Firepower as our firewall solution and are essentially a Cisco shop otherwise. The integration to all of that is seamless.

The primary benefit is being able to see exactly where a connection or person is getting blocked, and then if we can allow it to either that person by their credentials, MAC address, or using the agent on their laptop, it becomes easier to troubleshoot.

So far, they have met our needs and we have not really experienced much downtime.

I have been in my current position for three years.

We have not experienced stability issues.

It has been tough so far since we are just in the POC phase of some of that.

Most of the time we get pretty good technicians who know what they are doing and can help us with whatever we need. It is just every once in a while you get someone who is not as helpful, and it is hard to give somebody a perfect rating.

The initial setup was straightforward.

Cisco Secure Access is one of the main solutions we have looked at. We are a Cisco shop, and we have explored a few others as well, such as ThousandEyes.

Cisco Secure Access is used primarily for VPN, implementing Zero Trust, and ThousandEyes at my company. Nearly all of our end-users use the VPN, which allows them to access the network outside of the building. Implementing Zero Trust requires some industry certifications.

Cisco Secure Access being a complete platform makes sense when you have all Cisco switches and routers, as it allows for an easy setup. We previously used AnyConnect VPN, so upgrading to Cisco Secure Access was a natural decision to help people be secure.

We do use VPN as a Service in Cisco Secure Access.

We are currently going through a significant project where everyone is still using Cisco Secure Access VPN. We are trying to transition slowly to get people into profiles so that we can leverage Zero Trust. This is an ongoing effort we are working through.

We have the feature called ThousandEyes in Cisco Secure Access, but I do not know what it does.

The multi-organization management capability of Cisco Secure Access is really easy to use and straightforward. It definitely helps if you have used Cisco platforms in the past. Training somebody to leverage the tools would be pretty easy, especially with that background.

Cisco Secure Access being a complete platform makes sense when you have all Cisco switches and routers, as it allows for an easy setup. We previously used AnyConnect VPN, so upgrading to Cisco Secure Access was a natural decision to help people be secure.

The multi-organization management capability of Cisco Secure Access is really easy to use and straightforward. It definitely helps if you have used Cisco platforms in the past. Training somebody to leverage the tools would be pretty easy, especially with that background.

I cannot answer yet how Cisco Secure Access can be improved because we are still onboarding and I do not know what it all does yet.

One critique I have about the onboarding process is that for a lot of Cisco apps, you do have to sign back into everything. If you want to access your switches and then go into Cisco Secure Access, it is two separate logins, but they are both Cisco platforms. I feel that maybe an integration into one to have more of one cohesive overall platform for all Cisco apps would be beneficial.

We recently started onboarding Cisco Secure Access to try and implement Zero Trust about six months ago. We are in the early phases with a full running deployment. It is still an uphill battle.

I cannot blame any downtime, crashes, or performance issues on Cisco Secure Access because I did have one thing, but it is not because of Cisco Secure Access.

Cisco Secure Access so far has been pretty easy, and I do not think we have noticed any real drops because of the platform.

We have experienced customer service and technical support where we have opened a few TAC cases. We have had problems in the past, but we have gotten everything smoothed over and taken care of relatively quickly. All high-priority tickets on those TAC cases got taken care of within the day. So there are no real issues with support.

I would give technical support probably an eight for customer service and technical support. I cannot think of a time where we have been without support, so the reliability is probably a nine or ten.

I did upgrade from Umbrella.

We made the move from Cisco Umbrella to Cisco Secure Access to keep up with industry standards, since things are ever-changing in the tech world.

We made the decision to move to stay up-to-date, and we have been happy with the platform. Umbrella was great. Cisco Secure Access allows us to get a little deeper into some of the things, and having everything on one platform definitely helps, so I do not have to log into fifteen different things to access our switches.

The experience with the deployment of Cisco Secure Access is pretty smooth, honestly. We redeployed the VPN and then Zero Trust and ThousandEyes. Once we got everything set up and running, it was not difficult at all.

The biggest return on investment when using Cisco Secure Access is definitely an investment into security. That is my specialty, cybersecurity, so any tool that will allow us to have more visibility into our networking and securing our end-users is priceless.

We have been using Cisco devices for years, since before I started working there, so it was a natural move for us to choose Cisco security.

I would rate Cisco Secure Access overall an eight point five out of ten. It is a nice platform. It does what we need it to do. For organizations and users trying to implement Cisco Secure Access, I would say get familiar with the Cisco platform before trying to deploy it. It is harder trying to set the policies when you have end-users already actively on the platform. Do your testing, get what you need to get done, and then deploy it.

I do not have anything else that I did not ask correctly or that I missed that I would like to add about my experience overall. I would rate Cisco Secure Access overall an eight point five out of ten.