We installed Cisco Secure Access for customers rather than our company since we're a reseller.

Cisco Secure Access is not installed for VPN as a service; the customer using the VPN side is using it for access into the core network, so it functions as a landing point and an on-ramp into the core.

The most valuable feature of Cisco Secure Access is the secure web gateway, which provides the secure edge.

The reason for this is centralized firewall control for people going out to the internet, so you can manage it. The essential ROI we are looking for with Cisco Secure Access is secure access to the internet, and in reality, this is the key factor where we can control access based upon various aspects such as AD group, plus we have a single portal where we can see what is going on and easy management.

If I could improve Cisco Secure Access in any way, it would be with Meraki integration; we do a lot with Meraki SD-WAN, and while the functionality is coming, currently it is not an Auto VPN integration, but I know it is now in public preview, and we have started to have a look at it in the lab. That is key for us because we have had a lot of problems with the VPN from Meraki into Cisco Secure Access, especially since local breakout does not work if you are running BGP over the VPN. Auto VPN functionality would be a big improvement.

The other issues we are having are around Talos and content filtering functionality; the Talos database is insufficient because Cisco Secure Access web gateway database is not big enough to hold every URL, leading to numerous problems with URLs not being categorized correctly and a slow turnaround for recategorization requests. Therefore, improvements with content filtering and Talos integration are significant for us, and we are speaking regularly to the Cisco teams about this.

Another significant issue involves a parent-child problem we have with the URLs; if they match multiple URL categories, then the rule base only looks at the first category, so it does not match multiple categories, resulting in a lot of problems around the Talos content filtering integration.

I have been using Cisco Secure Access for three months.

Cisco Secure Access is stable, as we have had issues with the factors I have mentioned, but we can see that it is being developed all the time, which is key; new features are being released and integrated. It is stable, but since we are new to it, it is about getting an understanding and a better feel for it.

So far, the scalability of Cisco Secure Access looks good; we are going to test that more as we have a project now to roll out to quite a lot of sites. Based on our discussions with the Cisco team, we should be good, but I cannot fully answer that until we have pushed it out to the hundreds of sites that we are looking to do.

I have worked with the support team, and they are really good; I am actually about to meet one of the guys now to have a chat and catch up, so we have had some good exposure to the support teams.

The support team assigned to us is very good, so I would rate them an eight or a nine, but if you are raising a TAC case, it can be hit or miss regarding the knowledge of the TAC engineer that picks it up; on the whole, it is quite good, probably a six or a seven. However, there have been times when it has been lower due to the confusion between Cisco Secure Access and Secure Connect, especially when integrating Meraki support cases. Many of the Meraki engineers did not recognize Cisco Secure Access and only knew about Secure Connect, leading to some communication problems between Meraki and Cisco.

Deployment of Cisco Secure Access now takes around half an hour to add a new site now that we have the baseline in place.

Adding a new site is easy now that the framework is in place.

Regarding licensing, the Essentials license, being the entry-level option, is somewhat lacking in my opinion; you lose a lot of the Layer 7 functionality that customers are looking for today. When talking about secure access, you typically expect next-gen firewall type features, and Layer 7 is quite key for that, which you do not get much of with the Essentials, but the Advantage license has a lot more and seems a lot more robust. We would definitely be looking to push the Advantage license in the future rather than Essentials.

I rate Cisco Secure Access a six at the moment; it is developing, and we can see that progress is happening. Its potential is there, but if I am being perfectly honest, I think it is a little immature at the moment and needs some work to develop some features.

My use case for Cisco Secure Access is to replace our on-premises, not site-to-site, remote access SSL VPN as we are going from on-premises to cloud service.

The second use case is to replace our Umbrella service, as we currently use Umbrella and will migrate to Cisco Secure Access as well, along with all the policies.

I consider the most valuable feature of Cisco Secure Access to be that it merged everything into one dashboard, the Cisco Secure Access dashboard. Previously, we had web access in one location and remote access in another, and we could not link them to each other. Now everything is in one place, and we can base the access control on usernames because we have the Azure Active Directory integration. We can also build policies based on that and can see or identify the impacted users.

Cisco Secure Access benefits our organization by offering Points of Presence close to our employees because we are spread across the world. Until now, we had only European gateways, so traffic had to go from India, for example, over to Europe and then sometimes back, which was delaying a lot. With Cisco Secure Access, we have a presence close to the user.

What we really find challenging is that we do not have granular role-based access control models. The only options we have are full admin or read-only. We have different departments in the company that have different responsibilities. While we as a networking team are full admins, we do not want to manage the policies regarding which websites are allowed and what is not allowed. That should be managed by our compliance team.

The granular access issue is coming from the product limitation at the moment, as it does not offer us the option to tell it that a particular role can only manage websites, allowed sites, and blocked sites. Categories or something similar are not possible.

If I had to improve the product, that would definitely be role-based access control. Though from another point of view, this limitation may also be a benefit because it forces us to implement our own front-end to use API calls. Using API, you can limit the access to that particular key.

I would rate Cisco Secure Access as very stable until now. We have not seen any service degradation during the maintenance activities that Cisco performs, which seems to happen frequently because we receive notification messages. However, we do not experience any service degradation, so that feels stable at the moment.

I find the scalability of Cisco Secure Access is working well at the moment. The main benefit is that we do not need to care for hardware anymore in the future, such as lifecycle management. However, the migration is a little challenging because the technical background that we had, such as the routing and what happens there, is not really visible to us in the cloud service. Those are the challenges, but we are working with TAC and onboarding people that are assigned to us at the moment from Cisco.

My experience with Cisco's technical support is good because the person assigned to us is guiding us. He understands what our use case is and he is guiding us on what we should configure and what we should not configure.

Before, we were using Cisco Firepower as SSL gateways.

I would describe my experience deploying Cisco Secure Access as working well, though we are hitting bugs. I have the feeling that whenever we explore a new product from Cisco, we hit a bug. At the moment, we are dealing with challenges because a new feature that was implemented is to support multi-tenancy. When we originally started, that feature was not available, so we had only one organization. Now we have a multi-organization feature, so we were migrated to it. However, we feel that with this migration, something was left behind that is not working properly. In our original organization, we have issues applying permissions for users, and we always have to raise TAC cases with the people who help us resolve it. They are currently working on that.

I have not seen a return on investment yet, as we are still building. We are in an extended pilot phase at the moment, where one country, India, is migrated to this solution, and we are deploying one by one, starting with less critical sites first, and then we will see.

We did not evaluate any other solutions before. It was basically a move recommendation by Cisco since we stuck with Cisco, as we had a subscription before. With the contract renewal, Cisco pushed us in a direction where we could keep using the old environment for free as part of the renewal, but we decided to go straight to the new product and migrate.

We use VPN as a Service for our users to remote access our company, and web browsing is going through Cisco Secure Access as well. I am not using the AI Assist feature in Cisco Secure Access yet. I am not aware of VPNaaS in Cisco Secure Access. We are not using Zero Trust yet, as that will be a stage three. First, we want to get rid of the on-premises VPN gateways and then start developing Zero Trust, so it is not in use at the moment. I am not sure what Hybrid Private Access means, but what we have is an integration from Cisco Secure Access to our SD-WAN, where the Cisco Secure Access Points of Presence are directly connected with our SD-WAN cloud, optimizing the communication. I am not sure if that is what is meant by Hybrid Private Access. I would rate this product overall a six out of ten.

Cisco Secure Access serves as a major replacement for traditional VPNs with a VPN-as-a-Service offering. This is particularly useful for clients with aging VPN architectures who face challenges in scaling out.

The product also optimizes firewall capabilities for geographically distributed operators and enhances proxy-based architectures with Secure Web Gateways and CASB for cloud or SaaS applications. By integrating with identity providers like Azure Entra ID or Okta, Cisco Secure Access facilitates the transition from VPN to ZTNA while ensuring compliance with principles like least privilege access.

Additionally, it incorporates identity and device risk scores for dynamic access policies to respond to varying risk thresholds. The service is particularly useful for managing old VPN infrastructure replacements, firewall optimizations, and bridging the gaps between old and new secure access technologies.

The product also addresses unique geographical challenges, such as ensuring secure internet access for oil rigs in remote locations. Furthermore, Cisco Secure Access's multi-tenancy and Policy Verification features are crucial for managing multi-organization environments and ensuring policy accuracy, respectively.

Hybrid Private Access is particularly useful in regions where replacing existing gear isn't feasible due to cost concerns. Lastly, the product's AI-driven features like AI Access and AI Assistant ease policy management and triage, reducing the time and efforts needed in these processes.

Cisco Secure Access offers numerous valuable features. The VPN-as-a-Service replaces traditional VPNs, providing global secure access without installing solutions at each location, allowing geographically distributed operators to benefit from scalability and optimization.

The integration with identity providers facilitates this transition and aligns with Zero Trust Network Access principles. The platform offers capabilities like Secure Web Gateways, Firewall-as-a-Service, and CASB for enhanced cloud-based functionality. Its Policy Verification runs checks to prevent policy misconfigurations, a necessary feature for managing multi-organization environments.

Moreover, the product's AI-driven capabilities streamline policy management and triage, enhancing operational efficiency. Hybrid Private Access and multi-tenancy capabilities make it resource-efficient and particularly useful for unique geographical challenges. The product is scalable, adjusting to new requirements easily, and is backed by robust technical support.

Despite being a value-for-money product, there are a few areas for improvement. Transitioning for customers from Palo Alto to Cisco Secure Access has its challenges, primarily due to previous infrastructure setups and migration paths. Cisco Secure Access may not seamlessly integrate into such settings, although it performs well in a Cisco-based environment.

Furthermore, while the AI capabilities of Cisco Secure Access are useful, they are not seen as major differentiators compared to competitors such as Palo Alto.

Additionally, though the existing threat intelligence is sufficient for most use cases, extending the integration scope with other tools, especially concerning AI supply chain risk management, could enhance its functionality.

The first time I came across Cisco Secure Access, it used to be called a different solution. It was a combination of multiple solutions. First they started with Cisco Duo, and then they expanded into Cisco Secure Firewalls over close to three years. They conducted a lot of branding changes and naming convention changes after that.

While the product offers strong overall stability, there were occasional issues, particularly involving Linux devices. However, these hiccups were more related to endpoint-client interactions rather than being vendor-specific problems. Overall, the solution is stable, but improvements could further enhance reliability.

The scalability of Cisco Secure Access is a strong feature. Initially driven by the need for improved scalability over traditional VPNs, it has proven to scale seamlessly alongside infrastructural growth. Effective collaboration with account teams ensures a robust and flexible solution designed to meet future scaling requirements without significant issues.

The technical support from Cisco is exceptional. They provide geographically distributed, responsive support with strict SLAs. The purchase of premium support ensures rapid response times, upholding high-quality service delivery across the board. The commitment to excellent service reflects positively on client experiences.

I used to work for Deloitte until six months ago. Currently, this is about managing our own internal infrastructure and then managing that of a couple of our operators and partners. Reselling is not something I am doing currently. I used to do that until June of this year.

Installation and deployment of Cisco Secure Access are straightforward. Comprehensive and publicly available documentation supports this, backed by assigned account managers and optional professional services. Despite anticipating complexities by procuring external services, they were unnecessary due to the clear and simplified setup process offered by the existing resources.

We had an account manager who was assigned to us and then we also purchased some professional services for day zero and day one, in case we got stuck.

The integrated capabilities of Cisco Secure Access deliver significant ROI through reduced mean time to detect (MTTD) and mean time to respond (MTTR). The resource efficiency is notably improved as fewer personnel are needed for triage and system management. The AI features further contribute by expediting threat detection and incident response, ensuring tangible returns through operational savings.

Cisco Secure Access offers good value for money. Existing product relationships provide cost advantages, ensuring reasonable pricing without overcharging. Although the solution is cheaper than premium options such as Palo Alto, existing Cisco licenses facilitate replacing previous solutions with Cisco Secure Access smoothly and affordably.

If you were a Cisco house in the past, I would certainly use that. If you are coming from something with a Palo Alto firewall infrastructure, I would prefer going with Palo Alto. It is more about the widespread adoption. When ten different people are doing the same thing, then I guess the other five people would do the same thing.

While client-based solutions serve corporate employees, clientless options cater to third-party contractors and onboarding procedures without equipment. These options ensure seamless transitions to full client-based systems for long-term corporate users.

Regarding the multi-organization management capability, it is akin to multi-tenancy, helpful for service provider infrastructures with multiple clients or single customers with diverse business units. It brings intuitive infrastructure management without providing unique features compared to competitors.

AI supply chain risk management, while theoretically beneficial, may not give an edge unless thorough integrations with additional tools are pursued. Furthermore, the choice of not implementing low-cost workflows was based on a need for higher security enhancements.

I would rate this review overall at a seven out of ten.

Managing Cisco Secure Access through the single cloud management console will not be difficult if you experience it once. This means once you have hands-on experience, you know how to operate it. In the first time, you might have a challenge because you need to understand the system. However, once you understand it, it will not be difficult anymore.

I find the zero trust approach helpful and beneficial in securing standard applications, which means you are accessing the applications directly instead of giving privilege to access the network itself. This is very beneficial in the context of security and is very effective.

Regarding the threat detection and response capabilities, because it's integrated in the cloud, users don't have to configure it to integrate with Talos. The feed that it has is already there, detecting malware and blocking it by itself from the Cisco Secure Access. The Intel is there, and we do not need to manually integrate with Talos.

My personal thinking about Cisco Secure Access is that because I'm also catching up on this solutioning, I'm not really seeing any improvement because I'm still learning. So far, it's good; I do not have any comment on this.

Regarding features about the UI, the pricing, and the learning curve of Cisco Secure Access that can be improved, the AI is already embedded in the solution. Because I haven't explored much and am not an expert, the features might be there, but I haven't tested them out.

When it comes to thoughts on the pricing, setup cost, and licensing cost of Cisco Secure Access, I cannot comment as I only did SSE for Cisco and did not have experience with other products. In terms of price comparisons, I cannot provide much insight.

The more competitive the pricing for Cisco Secure Access becomes, the better it would be for customers.

Throughout my experience with Cisco Secure Access, I have had some stability and reliability issues, including lagging when accessing the portal. Sometimes the response is fast, and sometimes it's slow, with response information that can be either correct or wrong. However, I consider these minor issues because they recover in a few minutes afterwards, though there are still glitches present.

In evaluating my experience with the technical support and customer service of Cisco Secure Access, during the POC, we did not leverage tech support at that particular moment; instead, we engaged directly with the SE team, the Cisco System Engineer teams.

Regarding the experience with the initial setup of Cisco Secure Access, it is important to communicate with the customers on the requirements, so they understand and prepare whatever we need to set up the POC. We need to communicate effectively with them and let them know what we need. Once our requirement is fulfilled, we can proceed. The key point is that communication with the customer must be maintained.

Once we have all of the requirements, the setup of the product itself is not that difficult. The first time requires understanding many things, but after the deployment and gaining experience, it becomes quite straightforward.

I give Cisco Secure Access a seven because I did study other products as well. While I haven't deployed any other SSE product, I went for the training. The way of deploying and the solution is quite seamless, but that's my current assessment without hands-on experience with the other products.

As a partner with Cisco, this relationship is more related to the partners agreements, which is why we are selling Cisco Secure Access.

My impressions of Cisco Secure Access on protecting organizations from threats such as phishing or ransomware attacks are based on my recent POC. There aren't many use cases I have shown to the customer, but I can confirm that the solution is effective.

I would evaluate my experience with the Cisco team as an eight on a scale of one to 10, where 10 is the best.

My advice for other users who would like to start working with Cisco Secure Access is to find a good service integrator. As I come from the service integrator background, my advice to end users is to collaborate with a reliable SI that has the expected expertise on the solutions they are going to purchase and enroll.

The overall rating for Cisco Secure Access is 7 out of 10.

My main use case for Cisco Secure Access is remote access.

As an aerospace company, security is highly important for us, and we have various security schemas across the company. We try not to treat everybody as the highest schema, so Cisco Secure Access gives us the ability to detect and put users where they need to go and not just shove everybody into the whole secure area.

I find the posture checking feature of Cisco Secure Access the most valuable, and I also appreciate the ability to tag clients to place them into the right segment.

We're just getting started with Zero Trust Network Access, and we have a long way to go in that aspect. We haven't expanded any usage; more of the posture and things we've done more with technology.

They've protected us from threats like phishing and ransomware.

The only improvement I see for Cisco Secure Access is the way that we're using it; we're not fully integrating it into our client consoles, which affects the user experience. That's more of an internal issue than a Cisco issue.

I struggle with the integration of CASB functionality for exposing Shadow IT within our organization. As a company of engineers, they tend to do smart things and just go around you, so it's always a challenge for us.

Regarding the integration with Cisco Talos, it's something that we're not utilizing as best as we can. We should leverage Talos more.

From a licensing perspective, Cisco can improve. It gets very complicated about what's included and what's not included. The way that we're using Cisco Secure Access today, it doesn't scale with the growing needs of our organization, however, if we leveraged more of the cloud services, it would fit better.

I have been using Cisco Secure Access for seven years.

Cisco Secure Access has been pretty stable. I can't really speak to downtime or performance issues much; I know we've had a few. I don't have the details to say whether it was a Cisco problem or an internal issue.

The way that we're using Cisco Secure Access today, it doesn't scale with the growing needs of our organization, however, if we leveraged more of the cloud services, it would fit better.

I don't really get involved with customer service and technical support. From a cloud team perspective, I'm aware of generally how we approach it. On a scale of one to ten, I would give customer service and technical support an eight.

Prior to adopting Cisco Secure Access, I have used another solution.

I wasn't involved in the deployment of Cisco Secure Access. That said, I'm not aware of major issues.

I don't see ROI with Cisco Secure Access right now; it's more of an internal issue. We have too many access platforms, and we need to consolidate. If we could solidify our access platform and eliminate non-duplication, the ROI would look much better than it does right now. That's our problem, not a Cisco issue.

I don't get involved in pricing scenarios; however, from a licensing perspective, Cisco can improve. It gets very complicated about what's included and what's not included.

We're definitely looking at more SaaS-based solutions such as Zscaler and Palo Alto before selecting Cisco Secure Access, dabbling in them yet never fully committing.

We did not purchase the solution via AWS Marketplace.

We consider a change since we're trying to achieve a user experience that's lighter weight.

I'm not an administrator, so I can't really speak to the ease or difficulty of managing Cisco Secure Access through a single cloud-managed console.

I would advise other potential customers or organizations considering Cisco Secure Access to take a closer look. They've added some features in the last year or so that have advanced significantly. They've caught up from the market where other people were ahead of them. I rate Cisco Secure Access seven out of ten.

I use this solution for securing security controls like Secure Security Control (SSC) for local Internet breakouts. It offers a unified security policy across Google sites, providing secure web gateways, DNS and web security filtering, and multi-malware protection. These features are essential for comprehensive security.

The main feature of interest to me and the customers is DNS security and Integrated Secure Web Control (ISWC).

There is a need for improved global coverage since the service relies on the cloud provider's data centers. We are seeking more granular and global coverage to meet our demands.

Modernization is needed, specifically in the enhancement of security features and functionality. Utilizing AI-oriented features is also important, considering what other vendors offer and their marketing strategies.

According to the vendor's claims, the solution is adaptable and scalable. I would rate scalability at eight to nine out of ten.

I am not able to read their resources, but I understand they have a good support organization. This stems from their original business in networking, integrating router and switch operations, as well as security devices. I assume the same organization now bridges into customer support.

Cisco is not well accepted in the market since they are somewhat behind their competitors.

I would rate the initial setup at seven out of ten. The commercial aspects are significant here, primarily the recognition level compared to other dedicated suppliers approaching the market with stronger messages.

I am on the presale side, and the delivery aspect is handled by other people in the organization.

Prices are determined in the Compass. I do not refer to the suggested detail or the suggested list price, however, it is highly case-oriented. In the competitive landscape, they offer some advantages with Cisco deal IDs. However, renewal prices have been surprisingly high.

They have a strong brand and are supported by Cisco's traditional organization.

I would rate them seven out of ten overall.