As of today, my main use cases for Cisco Secure Access are VPN solutions, and I'm looking forward to having more SASE solutions.

Indeed, I would say that since the VPN solutions that we have delivered and that our customers are consuming today are not that flexible, if we can transform them to SASE solutions instead, we could make more policy-based access and level up the security.

Since we are a partner to Cisco and we are working in the business-to-business with our customers, they rely on us to be a trusted advisor and a solution partner that can deliver secure solutions for their needs, and secure access is very much a part of securing their environments.

I do not use VPN in Cisco Secure Access yet.

In some customer solutions, we have done ZTNA, and we are very eager to get more of these SASE solutions in this ZTNA.

The feature I like the most about Cisco Secure Access is the posture of devices, to make sure that everything that is connected to my network is okay in terms of patching and all that part, ensuring that the device is okay if they are about to connect to my network.

For ZTNA, it is both client-based and clientless.

Overall, if I have to rate Cisco Secure Access from one to ten, with one being worst and ten being best, I would give it an eight.

In general, what can be improved about this solution is to not change the name of everything every year, as Cisco marketing are experts at making changes to everything, and I don't understand what this is; that was the AnyConnect VPN, and now it's Cisco Secure Access, and what's tomorrow? I would suggest trying to keep the names of products and services for some years.

Since I'm a pre-sale, I discuss Cisco Secure Access or the legacy of solutions for also more than ten years.

I did not use the customer service at any point.

I didn't think about another solution before choosing this one since we're moving into many services more and more, and we're basing the managed services on Cisco solutions; I would prefer to use as much of Cisco ecosystem in our managed services, as it's easier for us as a service provider to handle the customer needs if we can have everything in one ecosystem.

We have partnered with other vendors like Check Point and Fortinet, but I would prefer Cisco if possible.

I don't think it's complicated to describe the experience deploying Cisco Secure Access; my technicians say it's quite straightforward.

You have to ask an engineer whether the documentation about how to do it is good.

Since our customers buy it, there is a return on investment; I don't know the time frame for a complete ROI, but it exists.

I cannot speak to how Cisco Secure Access deployment has impacted the help desk ticket volume and end-user experience because I'm in pre-sales.

I am not using the AI assistant feature yet, but I am planning to in the near future.

I haven't tried it, so I can't really evaluate it.

Regarding how it affected my transition to Zero Trust; since the transition is usually a customer project that takes a lot of time, our engineers know how to do it, but the customer is very reluctant to put the information into the solution that gives the security and the least privilege principles that we need; we can make the rules, but we need the information into the rules from the customer to make sure that the least privilege is working, and it's a tricky part.

It depends on the customer if I'm using a hybrid private access, since we are delivering it to many different sectors in the business-to-business area.

I'm not sure about varying the enforcement location for ZTNA Private Access.

I have no experience with the Experience Insight feature, which is a digital experience monitoring.

I don't think I have integrated Cisco Identity Intelligence with Cisco Secure Access.

I think the multi-organization management capability of Cisco Secure Access is moving in the right direction in terms of visibility and efficiency.

My experience is that Cisco has been in an area where there have been many different solutions for security, and now they are converging, but they are moving into more of a 360 view, and I have more or less everything in the same platform, so Cisco is moving in the right direction.

There is nothing else more technical I would like to add.

My overall rating for this product is an eight.

Cisco Secure Access is used for remote access VPN, supporting approximately 6,000 users in my organization. Daily usage ranges from about 3,000 to 4,000 users actually utilizing the solution.

The most valuable feature of Cisco Secure Access for users is that it is stable and it works in terms of secure access.

The overall success of Cisco Secure Access has significantly improved my organization's security posture in terms of security and usability compared to the previous solution, which was fairly convoluted with several different hops required to log in every day from home. With Cisco Secure Access, the process is much simpler and works better, particularly in edge cases such as being in a hotel or on an unstable connection, which often caused disconnections and required a full reconnect with the previous solution.

There is nothing about the product itself that I would particularly like to see improved, as nothing comes to mind regarding Cisco Secure Access.

I have been using Cisco Secure Access for about a year.

I certainly do not experience downtime with Cisco Secure Access, and there are not as many reliability issues compared to the previous solution, making it much more stable.

My uptime with Cisco Secure Access is very good, although I cannot specify an exact figure.

Cisco Secure Access does scale for my organization with 6,000 employees, and I believe we have the right devices for it. There have not been any issues with scaling as it was right-sized when it was implemented.

I have contacted Cisco support many times, though not specifically for Cisco Secure Access but for other things.

I would evaluate them overall as generally good.

On a scale from one to ten, I would rate them as a seven or an eight.

To make them a 10, it would be nice if there were not challenges in getting timely support due to our aerospace manufacturing constraints where we cannot share full telemetry or logs.

The previous solution I used before Cisco Secure Access was Ivanti Pulse Secure.

I decided to switch because Ivanti Pulse Secure was end of life, had vulnerabilities, and was not user-friendly, lacking features that you would expect from something like Cisco Secure Access.

The deployment of Cisco Secure Access was reasonably straightforward. Although it was not specifically me who completed it, everything has worked really well.

It took probably four or five months to deploy, as we had the kit for a little while, but the actual implementation was reasonably quick.

I have seen ROI from using Cisco Secure Access; it has provided benefits such as stability and ease of use since the previous solution was managed by third parties and now it is all in-house.

With reduced third-party costs associated with Cisco Secure Access, there is stability and reliability for the user base, resulting in less lost hours.

I do believe those vulnerabilities are covered now with Cisco Secure Access, as the support and patch support is better.

There is nothing that comes to mind that they can improve regarding vulnerabilities because as a Cisco product, I expect any vulnerabilities to be addressed quickly, and they do. They communicate clearly about what is going to happen and what needs to be done. With the previous product, there was often uncertainty about patch availability.

I am not using the AI Assistant feature in Cisco Secure Access.

Regarding VPNaaS, the answer is probably not.

I am not using the hybrid private access feature in Cisco Secure Access, but it is something we are considering, although progress is slow due to the regulations of where I work.

I have integrated Cisco Identity Intelligence with Cisco Secure Access and am in the process of doing it with some identity elements there.

The integration of Cisco Identity Intelligence has not influenced my identity management and security measures at the moment, as it is still a work in progress coming from a legacy solution where there was no identity management.

I am trying to improve my IAM management.

I cannot specify what would make it a 10 since I have not fully deployed it and do not know all the capabilities; it might also be related to limitations specific to my company.

The reason it is only an eight and not a 10 could be due to my company's specific limitations; for instance, always-on access and AI chatbots would be features I would appreciate having.

My overall rating for this review is eight.

My team's use case for Cisco Secure Access is that we currently have, or just had, a system with VDI connections, and it was quite difficult to handle because this VDI session is not optimized for video and telephony, especially Webex meetings.

We are now glad to have the opportunity to move to the SSE environment.

The feature of Cisco Secure Access that I appreciate the most is the ability to use Webex directly with the cloud.

We do not have to go through our on-premise system as we did before.

We can go directly from the home office workplaces to the cloud and we do not have to go through the on-premise infrastructure.

The benefit is that I can specify which traffic goes to the on-premise site and which traffic goes to the cloud.

Cisco Secure Access benefits my company considerably from my perspective, because we had some problems with integrating with the VDI infrastructure. In the end, it worked, mostly because of the thin client architecture we used. However, we were looking for something more powerful, better, and optimized for our environment, so we chose the SSE.

The deployment of Cisco Secure Access has impacted help desk ticket volume and the end-user experience. With the new SSE, we are rolling out new hardware. This is impacting the way our colleagues work with their electronic devices, and it is getting better now.

I am not using the AI assistant feature of Cisco Secure Access at this time.

I am not sure about using the VPNaaS in Cisco Secure Access, as in SSE, I am functioning as an end-user and I assist the guys who are implementing it. My part was mostly determining what ports are needed and what servers connect to on-premise and need to work with them. The implementation of this solution was quite easy.

I do not use ZTNA in Cisco Secure Access.

I have not used the Experience Insights feature of Cisco Secure Access, as I am not involved with it. It is just the underlying platform. I am implementing the voice features on it. I can speak from my opinions and insights on what I observed when implementing UC above the platform. It was quite good and acceptable.

I have not used the multi-organization management capability of Cisco Secure Access, so I cannot describe its usability and efficiency.

I come from a user perspective and user experience, because I am responsible for the UC clients which are working with the platform. From that, I can say it was quite easy to implement it and to bring the systems to work with SSE. However, I am not deeply involved in the capabilities of SSE.

I have been using Cisco Secure Access for about two to three weeks for my daily work, and I have to admit that I am using it part-time because our colleagues have not fully migrated to Cisco Secure Client.

We are in the process of transitioning from one system with VDI to the SASE and SSE.

I have not had any interaction with the customer service or technical support of Cisco regarding Cisco Secure Access, as I support other things, and we did not have a problem with UC communication. It was no problem to implement it.

Before choosing Cisco Secure Access, I was using the VDI infrastructure I already discussed, which included thin clients at home and now includes laptops at home. From my perspective, it will be easier in the future.

My experience with the pricing, the setup costs, and the licensing of Cisco Secure Access is that from my perspective, we made quite a good deal with Cisco.

We were in the process of supporting the older hardware of our VDI infrastructure again and again, year after year. For us, it was more economical to move to SSE than to continue supporting the VDI infrastructure, so that was a good point for us to transition from VDI infrastructure to the SSE platform.

From my perspective, it was the right decision to move to that platform, as I expect the product to be ideal for having secure access to your network system, especially as we will see a transition from mostly on-premise to mostly cloud.

My relationship with Cisco is that my company is a long-time user of Cisco software and hardware. I have been working with Cisco since about 2003, and I am quite satisfied with dealing with Cisco.

There are many advantages. We have documentation, we have events such as this one, and we have partners in Germany that we can work with.

My advice to any companies considering Cisco Secure Access is to plan it. Talk to your Cisco partners and your Cisco representatives; I think it is worth it.

I rate this product overall as a 10.

The first use case is access to the private application on the data center. The second use case is access to the cloud application on the cloud, plus the branches connected to the branches.

When discussing how easy or difficult it is to manage Cisco Secure Access through the single cloud managed console, I find it very easy. Cisco Secure Access is similar to Umbrella and Meraki; it requires just a few clicks to configure what I need or what use case I have.

The features I have found most valuable in Cisco Secure Access include Data Loss Prevention, Web Security Gateway, Cloud-delivered Firewall, and CASB. All of these features are amazing on Cisco Secure Access.

Regarding the integration of Secure Access with CASB functionality for exposing shadow IT within my organization, it gives me powerful capabilities to control shadow IT and its integration and features for Data Loss Prevention.

For sales, it is easy to tell the client about the benefits because it is simple, with only one or two lines for pricing. For pre-sales, it is very good as I can configure it in two clicks on CCW. The use cases can be summarized in just two or three slides of presentation. The user experience is very easy because the security is invisible to end users, meaning they do not suffer from strict security preventing them from doing their job. I find it an amazing product, and as it is an upgrade for Umbrella, it has all the good sides of Umbrella while removing some bad sides.

Based on my experience, the main point for improvement is the full integration on the Meraki dashboard. Cisco Secure Access with Meraki MX forms what we call a SASE solution. However, currently, Cisco Secure Access does not appear on the Meraki dashboard; they are still using Umbrella, which does not fully unify with Cisco Meraki.

Regarding functionality, I do not find things that need to be improved, except that Cisco should make the security web gateway, URL filtering, IPS, and fire-walling more robust for large businesses. These features are suitable for small and medium businesses but may need enhancements for larger enterprises.

For large businesses, it does need some improvement, but if it improved, I think it will not be enough as it is targeting small and medium businesses. This is not a drawback, just correct sizing.

I have been working with Cisco Secure Access since its launch, which is about two years ago.

For stability, I would rate Cisco Secure Access a nine. It is a new product, and although two years is not long enough to fully judge stability, I have not found anyone who complains about Cisco Secure Access or even its predecessor, Cisco Umbrella.

Regarding scalability, cloud solutions inherently allow for scaling up and down without issues, but as I mentioned before, it is primarily for small and medium businesses. I cannot judge its applicability for enterprise use at this stage, but for certain, I would give it a nine.

For technical support from Cisco for Secure Access, I rate them ten out of ten. Cisco is known for its exceptional support, with a lot of team resources available.

Regarding the initial setup for Cisco Secure Access, I find it very simple, and it is a native cloud solution; it is not on-premises at all. If Cisco decided to create an on-premises version as a unique delivery option, it would be an outstanding out-of-the-box solution.

For pricing, I consider this one of the few drawbacks of Cisco. Cisco is known for its high pricing, so I would give them a six.

In my opinion, the main competitors in the market for Cisco Secure Access are vendors delivering SASE solutions such as Palo Alto, Fortinet, and maybe Huawei, but I do not have a real branding name for these. I have not done in-depth comparisons with these products, but we can compare features such as DLP on Cisco versus Forcepoint.

Cisco Secure Access operates on the Cisco native cloud and not AWS or Azure; it operates in Cisco data centers.

I can recommend Cisco Secure Access to other users, especially if their country approves cloud solutions for their people. I am 100% confident in recommending this solution. I rate this review an eight out of ten.

The use case depends upon the vertical, such as manufacturing or enterprise. Mostly customers are looking for secure remote access to their applications. They may have a vendor ecosystem where they do not want to install any client. If they are looking for a clientless VPN like ZTNA, Zero Trust Network Access, that is where it fits. Mostly they want to move away from the centralized filtering point of view, even if it is a proxy. They want to facilitate access wherever they are geographically distributed. Because Cisco Secure Access PoP is there everywhere in major regions, this helps.

If they have a use case of a user sitting in an office and a user sitting remote, and a vendor accessing their applications from outside their network, you cannot expect anything installed in the vendor laptop, which is a non-domain laptop. That time, you need to have a solution that supports secure access of that application for that vendor who is sitting outside the network and is not a domain user.

Private application access is definitely there with the resource connectors. The concept of resource connectors is there to ensure the backend traffic from the application to the user. I have use cases, but I mainly worked on SaaS web traffic where I position SSE. Internal traffic is there, but not much discussion. It is hybrid only. There are customers who are adopting data center and coming out from cloud to data center, and vice versa. Definitely it will be Hybrid Remote Access.

The price and license for Cisco Secure Access are fine. Cisco documentation is always good. As a product, in terms of Cisco SSE, I appreciate the feature set. It is simple. The product is giving whatever you need from a customer point of view. Suppose point A to point B if you have to send data, you need not worry about anything such as your data might get compromised or somebody can do a middleman attack because everything is secure. They are sending the traffic encrypted and categorizing the traffic based on the type, whether web traffic or internet traffic, and doing the security mechanism that is needed for the traffic type. You can tick mark that flexibility is there.

Cisco SSE has an AI model, so you can write the policies if you just write it in plain English, it can do that. It can also drill down to AI Canvas, which is the new product that Cisco has launched.

I sold ThousandEyes and had done proof of concepts. ThousandEyes is a good product. However, the major flaw for ThousandEyes is the way they are calculating and giving the costing to the customer. The way the units consumption pricing is structured is not that great. That is the biggest flaw, and that is where people are not adopting it. The success rate of ThousandEyes when going with a digital monitoring concept is that it will address from endpoint to the application level and cover all domains. However, the way you are structuring your pricing with respect to the consumption of the units is a major issue. The pricing structure is not good in ThousandEyes. Apart from this, it is a good product. It can identify the issues related to an endpoint, if it is a remote user, if it is an internet issue, or if it is an application issue. The HTTP response time and latencies, everything it is giving. However, when a customer is trying to adopt it, the pricing structure is not good.

I have been using the solution for one and a half to two years.

Performance is addressed in a different way. Suppose I have a user in a branch in Europe, or if I have a branch in Australia or if I have a branch in India, they are sending to the nearest PoP, SSE PoP. You can form a tunnel from your branch. In that case, the connectivity reaching out to Cisco Secure Access PoP is being addressed. They are having redundancy also because it will have two tunnels. If this tunnel fails, still you can reach out to Cisco Secure Access cloud.

There are no scalability issues because SASE is scalable.

Cisco TAC support is better compared to any OEM. That is what I feel. However, what happens with the TAC engineers is once their shift timing ends, they will just exit the call. Again, we need to explain to the other engineer. Even they will not refer much to the notes captured by the previous TAC engineer, and we are starting again. When their shift is done, they close the call. That is not proper support.

There are some customers who are using VPN still and maybe they are very slow in terms of technology adoption. The flaw of VPN, everyone knows now, and everyone is realizing the flaw because the moment I just enter into the network, I can go and have a lateral movement across the complete IT infrastructure. It is giving the whole access of the particular network. Whereas ZTNA will predominantly give you access as per your role, allowing you to access only that particular subnet or particular URL or particular application. In that way, you are segregating and you are not allowing certain lateral movement. That means they cannot enter into your holistic complete network. That is the basic difference and the basic flaw, and people are realizing it, but few people are not adopting ZTNA in terms of technology.

The setup is an eight out of ten.

We work with Palo Alto and we work with Zscaler, the same kind of thing. Zscaler is the one that started the proxies, the cloud proxies. We are very much aligned with Cisco.

We have done one major project with almost 350 outlets of one of the customers. It is fine.

I am not sure about Cisco Secure Access setup costs as I did not feel any issues. ThousandEyes I can address, but for Cisco SSE, I think the licensing structure is fine and easy to set up, quick, and documentation is good. Everything is fine.

I prefer Zscaler is good. After Zscaler, Cisco is good.

Ask for references and friends feedback. We work with Palo Alto and we work with Zscaler. Zscaler started the proxies, the cloud proxies. We are very much aligned with Cisco. It's a good product, but the major flaw is the way they are calculating and giving the costing to the customer. The units consumption pricing is not that great. My overall review rating for this product is an eight out of ten.

Cisco Secure Access serves as a major replacement for traditional VPNs with a VPN-as-a-Service offering. This is particularly useful for clients with aging VPN architectures who face challenges in scaling out.

The product also optimizes firewall capabilities for geographically distributed operators and enhances proxy-based architectures with Secure Web Gateways and CASB for cloud or SaaS applications. By integrating with identity providers like Azure Entra ID or Okta, Cisco Secure Access facilitates the transition from VPN to ZTNA while ensuring compliance with principles like least privilege access.

Additionally, it incorporates identity and device risk scores for dynamic access policies to respond to varying risk thresholds. The service is particularly useful for managing old VPN infrastructure replacements, firewall optimizations, and bridging the gaps between old and new secure access technologies.

The product also addresses unique geographical challenges, such as ensuring secure internet access for oil rigs in remote locations. Furthermore, Cisco Secure Access's multi-tenancy and Policy Verification features are crucial for managing multi-organization environments and ensuring policy accuracy, respectively.

Hybrid Private Access is particularly useful in regions where replacing existing gear isn't feasible due to cost concerns. Lastly, the product's AI-driven features like AI Access and AI Assistant ease policy management and triage, reducing the time and efforts needed in these processes.

Cisco Secure Access offers numerous valuable features. The VPN-as-a-Service replaces traditional VPNs, providing global secure access without installing solutions at each location, allowing geographically distributed operators to benefit from scalability and optimization.

The integration with identity providers facilitates this transition and aligns with Zero Trust Network Access principles. The platform offers capabilities like Secure Web Gateways, Firewall-as-a-Service, and CASB for enhanced cloud-based functionality. Its Policy Verification runs checks to prevent policy misconfigurations, a necessary feature for managing multi-organization environments.

Moreover, the product's AI-driven capabilities streamline policy management and triage, enhancing operational efficiency. Hybrid Private Access and multi-tenancy capabilities make it resource-efficient and particularly useful for unique geographical challenges. The product is scalable, adjusting to new requirements easily, and is backed by robust technical support.

Despite being a value-for-money product, there are a few areas for improvement. Transitioning for customers from Palo Alto to Cisco Secure Access has its challenges, primarily due to previous infrastructure setups and migration paths. Cisco Secure Access may not seamlessly integrate into such settings, although it performs well in a Cisco-based environment.

Furthermore, while the AI capabilities of Cisco Secure Access are useful, they are not seen as major differentiators compared to competitors such as Palo Alto.

Additionally, though the existing threat intelligence is sufficient for most use cases, extending the integration scope with other tools, especially concerning AI supply chain risk management, could enhance its functionality.

The first time I came across Cisco Secure Access, it used to be called a different solution. It was a combination of multiple solutions. First they started with Cisco Duo, and then they expanded into Cisco Secure Firewalls over close to three years. They conducted a lot of branding changes and naming convention changes after that.

While the product offers strong overall stability, there were occasional issues, particularly involving Linux devices. However, these hiccups were more related to endpoint-client interactions rather than being vendor-specific problems. Overall, the solution is stable, but improvements could further enhance reliability.

The scalability of Cisco Secure Access is a strong feature. Initially driven by the need for improved scalability over traditional VPNs, it has proven to scale seamlessly alongside infrastructural growth. Effective collaboration with account teams ensures a robust and flexible solution designed to meet future scaling requirements without significant issues.

The technical support from Cisco is exceptional. They provide geographically distributed, responsive support with strict SLAs. The purchase of premium support ensures rapid response times, upholding high-quality service delivery across the board. The commitment to excellent service reflects positively on client experiences.

I used to work for Deloitte until six months ago. Currently, this is about managing our own internal infrastructure and then managing that of a couple of our operators and partners. Reselling is not something I am doing currently. I used to do that until June of this year.

Installation and deployment of Cisco Secure Access are straightforward. Comprehensive and publicly available documentation supports this, backed by assigned account managers and optional professional services. Despite anticipating complexities by procuring external services, they were unnecessary due to the clear and simplified setup process offered by the existing resources.

We had an account manager who was assigned to us and then we also purchased some professional services for day zero and day one, in case we got stuck.

The integrated capabilities of Cisco Secure Access deliver significant ROI through reduced mean time to detect (MTTD) and mean time to respond (MTTR). The resource efficiency is notably improved as fewer personnel are needed for triage and system management. The AI features further contribute by expediting threat detection and incident response, ensuring tangible returns through operational savings.

Cisco Secure Access offers good value for money. Existing product relationships provide cost advantages, ensuring reasonable pricing without overcharging. Although the solution is cheaper than premium options such as Palo Alto, existing Cisco licenses facilitate replacing previous solutions with Cisco Secure Access smoothly and affordably.

If you were a Cisco house in the past, I would certainly use that. If you are coming from something with a Palo Alto firewall infrastructure, I would prefer going with Palo Alto. It is more about the widespread adoption. When ten different people are doing the same thing, then I guess the other five people would do the same thing.

While client-based solutions serve corporate employees, clientless options cater to third-party contractors and onboarding procedures without equipment. These options ensure seamless transitions to full client-based systems for long-term corporate users.

Regarding the multi-organization management capability, it is akin to multi-tenancy, helpful for service provider infrastructures with multiple clients or single customers with diverse business units. It brings intuitive infrastructure management without providing unique features compared to competitors.

AI supply chain risk management, while theoretically beneficial, may not give an edge unless thorough integrations with additional tools are pursued. Furthermore, the choice of not implementing low-cost workflows was based on a need for higher security enhancements.

I would rate this review overall at a seven out of ten.

Cisco Secure Access is used as a security tool within the tenant as a firewall and serves as a cloud-delivered Zero Trust access platform. It is used for Microsoft Intune as conditional access, Global Secure Access, and from Defender for Cloud Apps, working behind before it.

Cisco Secure Access provides application-level access. Usually, it's full network access, but with this tool, application-level access can be given. It removes the dependency of VPN, and then user authentications are continuously based on identity, device, and risk, which is an add-on there.

The Zero Trust Network Access feature is being used.

Cisco AnyConnect is used as a VPN tool for SASE purposes.

The integration of CASB functionality for exposing shadow IT within the company is smooth. Technical skill and knowledge are needed to evaluate, analyze, and deep dive on those things. From the tool's response, it is very good, and there is visibility on everything that is needed or necessary.

The integration of Cisco Talos influences threat detection and response capabilities. The integration of Cisco Talos is similar to every Cisco Umbrella, and the experience has been smooth. The knowledge, their KB, and FAQs are very good, and their support is very good. When in trouble, readily available documents or information are accessible.

Managing Cisco Secure Access in a single cloud management console is moderate in difficulty. Technical skills or an understanding at a base level or moderate level are needed to make it work, configure, and integrate it. The difficulty level is somewhere between easy and difficult.

Cisco Secure Access has been used for one and a half years.

The product has been stable with no crashes or downtime so far, and the SLA is good.

Cisco Secure Access is scalable.

The technical support of Cisco is good and up to the mark.

Regarding deployment and installation, it is straightforward, but having basics is necessary.

No negative aspects have been observed so far; everything seems good. The review rating for this product is 9 out of 10.

I support the US government. From a customer perspective, the use cases tend to be where we are guarding edge devices that we don't have necessarily 100% positive command and control. The devices have data transport that traverses in some cases ISPs, so we can't really control who's adjacent to those networks. We often deploy in those types of environments. Where we can use dark fiber, we prefer to, but that's not always an option.

I'm probably pretty agnostic with respect to that. We have a federal mandate to reach these next-generation firewall requirements. Stateful packet inspection and things of that nature are the things that we're interested in. We have some programs adjacent to us that definitely do that, but my programs don't require that.

We get a significant discount with Cisco, and their support is definitely top-rate.

Cisco does a decent job with logging. Sometimes you may need to tweak a few settings, but with their more recent products that support Python and Java among others, you now have more programmatic control in the latest versions of IOS.

If the FTD devices themselves, the Firepower Threat Detection system, those are the firewalls themselves, the individual appliances, weren't so tightly coupled to FMC, I'd probably appreciate them as a product more. The learning curve was a little higher just because it's a large departure from their original ASA devices. If they could be managed individually as easily as they can be managed through FMC, I'd probably be a bigger fan.

I have used Cisco products for decades at this point. With respect to ASAs and FTDs, FTDs are fairly new, but I have used ASAs for the better part of a decade.

It is definitely top-rate. In fact, I know that my particular group didn't even have a service agreement in place for the better part of a year and those guys were still very responsive to emails and communications.

We've been using them so long, it's hard to remember being a newbie, but I don't find their products particularly hard to set up. They have great documentation.

In our deployments, all of our web-based access to any of those devices is actually cut off. We do everything through a secure socket. The only situation where we are compelled to use a web interface is for the FMC, specifically for configuration; however, our management is primarily conducted at the console level whenever possible.

We don't find them hard to manage, especially as a group. The bigger challenge was managing them outside of their FMC product. They prefer to be federated to some extent, and they really weren't designed to be individually managed. They prefer to be managed from a central location. But if you have an environment that lends itself to central management, for the most part, it's not an issue.

We acquire through an organization, and we are the ones that implement.

Price-wise, we get a significant discount with Cisco. I actually prefer Juniper products. From a professional perspective, I prefer Palo Alto and Juniper probably more than I do anybody else. But I can't make the argument when we get 50% and 60% discounts, which we don't get from Juniper or Palo Alto.

Because we operate with what could only be called a skeleton crew, a monitoring solution to the extent possible is dependent heavily on logging, which these applications allow. We do a heavy amount of logging and we do a great deal of log parsing through ELK stack and SolarWinds and Splunk. Any tool that provides telemetry through logging is a particularly good fit for us because we have to really automate our monitoring. We don't have the manpower to sit there and look at multiple applications and things on a regular basis. It all has to come to a central location and has to be pretty automated, red light, green light type stuff.

If you have the budget, make sure to get a solid understanding of what's out there. There might be some other products that you might prefer, but if your budget is constrained, you can make it work with Cisco products for sure.

I would rate the solution a 10 out of 10.

Managing Cisco Secure Access through the single cloud management console will not be difficult if you experience it once. This means once you have hands-on experience, you know how to operate it. In the first time, you might have a challenge because you need to understand the system. However, once you understand it, it will not be difficult anymore.

I find the zero trust approach helpful and beneficial in securing standard applications, which means you are accessing the applications directly instead of giving privilege to access the network itself. This is very beneficial in the context of security and is very effective.

Regarding the threat detection and response capabilities, because it's integrated in the cloud, users don't have to configure it to integrate with Talos. The feed that it has is already there, detecting malware and blocking it by itself from the Cisco Secure Access. The Intel is there, and we do not need to manually integrate with Talos.

My personal thinking about Cisco Secure Access is that because I'm also catching up on this solutioning, I'm not really seeing any improvement because I'm still learning. So far, it's good; I do not have any comment on this.

Regarding features about the UI, the pricing, and the learning curve of Cisco Secure Access that can be improved, the AI is already embedded in the solution. Because I haven't explored much and am not an expert, the features might be there, but I haven't tested them out.

When it comes to thoughts on the pricing, setup cost, and licensing cost of Cisco Secure Access, I cannot comment as I only did SSE for Cisco and did not have experience with other products. In terms of price comparisons, I cannot provide much insight.

The more competitive the pricing for Cisco Secure Access becomes, the better it would be for customers.

Throughout my experience with Cisco Secure Access, I have had some stability and reliability issues, including lagging when accessing the portal. Sometimes the response is fast, and sometimes it's slow, with response information that can be either correct or wrong. However, I consider these minor issues because they recover in a few minutes afterwards, though there are still glitches present.

In evaluating my experience with the technical support and customer service of Cisco Secure Access, during the POC, we did not leverage tech support at that particular moment; instead, we engaged directly with the SE team, the Cisco System Engineer teams.

Regarding the experience with the initial setup of Cisco Secure Access, it is important to communicate with the customers on the requirements, so they understand and prepare whatever we need to set up the POC. We need to communicate effectively with them and let them know what we need. Once our requirement is fulfilled, we can proceed. The key point is that communication with the customer must be maintained.

Once we have all of the requirements, the setup of the product itself is not that difficult. The first time requires understanding many things, but after the deployment and gaining experience, it becomes quite straightforward.

I give Cisco Secure Access a seven because I did study other products as well. While I haven't deployed any other SSE product, I went for the training. The way of deploying and the solution is quite seamless, but that's my current assessment without hands-on experience with the other products.

As a partner with Cisco, this relationship is more related to the partners agreements, which is why we are selling Cisco Secure Access.

My impressions of Cisco Secure Access on protecting organizations from threats such as phishing or ransomware attacks are based on my recent POC. There aren't many use cases I have shown to the customer, but I can confirm that the solution is effective.

I would evaluate my experience with the Cisco team as an eight on a scale of one to 10, where 10 is the best.

My advice for other users who would like to start working with Cisco Secure Access is to find a good service integrator. As I come from the service integrator background, my advice to end users is to collaborate with a reliable SI that has the expected expertise on the solutions they are going to purchase and enroll.

The overall rating for Cisco Secure Access is 7 out of 10.