My use case for Cisco Secure Access is to replace our on-premises, not site-to-site, remote access SSL VPN as we are going from on-premises to cloud service.

The second use case is to replace our Umbrella service, as we currently use Umbrella and will migrate to Cisco Secure Access as well, along with all the policies.

I consider the most valuable feature of Cisco Secure Access to be that it merged everything into one dashboard, the Cisco Secure Access dashboard. Previously, we had web access in one location and remote access in another, and we could not link them to each other. Now everything is in one place, and we can base the access control on usernames because we have the Azure Active Directory integration. We can also build policies based on that and can see or identify the impacted users.

Cisco Secure Access benefits our organization by offering Points of Presence close to our employees because we are spread across the world. Until now, we had only European gateways, so traffic had to go from India, for example, over to Europe and then sometimes back, which was delaying a lot. With Cisco Secure Access, we have a presence close to the user.

What we really find challenging is that we do not have granular role-based access control models. The only options we have are full admin or read-only. We have different departments in the company that have different responsibilities. While we as a networking team are full admins, we do not want to manage the policies regarding which websites are allowed and what is not allowed. That should be managed by our compliance team.

The granular access issue is coming from the product limitation at the moment, as it does not offer us the option to tell it that a particular role can only manage websites, allowed sites, and blocked sites. Categories or something similar are not possible.

If I had to improve the product, that would definitely be role-based access control. Though from another point of view, this limitation may also be a benefit because it forces us to implement our own front-end to use API calls. Using API, you can limit the access to that particular key.

I would rate Cisco Secure Access as very stable until now. We have not seen any service degradation during the maintenance activities that Cisco performs, which seems to happen frequently because we receive notification messages. However, we do not experience any service degradation, so that feels stable at the moment.

I find the scalability of Cisco Secure Access is working well at the moment. The main benefit is that we do not need to care for hardware anymore in the future, such as lifecycle management. However, the migration is a little challenging because the technical background that we had, such as the routing and what happens there, is not really visible to us in the cloud service. Those are the challenges, but we are working with TAC and onboarding people that are assigned to us at the moment from Cisco.

My experience with Cisco's technical support is good because the person assigned to us is guiding us. He understands what our use case is and he is guiding us on what we should configure and what we should not configure.

Before, we were using Cisco Firepower as SSL gateways.

I would describe my experience deploying Cisco Secure Access as working well, though we are hitting bugs. I have the feeling that whenever we explore a new product from Cisco, we hit a bug. At the moment, we are dealing with challenges because a new feature that was implemented is to support multi-tenancy. When we originally started, that feature was not available, so we had only one organization. Now we have a multi-organization feature, so we were migrated to it. However, we feel that with this migration, something was left behind that is not working properly. In our original organization, we have issues applying permissions for users, and we always have to raise TAC cases with the people who help us resolve it. They are currently working on that.

I have not seen a return on investment yet, as we are still building. We are in an extended pilot phase at the moment, where one country, India, is migrated to this solution, and we are deploying one by one, starting with less critical sites first, and then we will see.

We did not evaluate any other solutions before. It was basically a move recommendation by Cisco since we stuck with Cisco, as we had a subscription before. With the contract renewal, Cisco pushed us in a direction where we could keep using the old environment for free as part of the renewal, but we decided to go straight to the new product and migrate.

We use VPN as a Service for our users to remote access our company, and web browsing is going through Cisco Secure Access as well. I am not using the AI Assist feature in Cisco Secure Access yet. I am not aware of VPNaaS in Cisco Secure Access. We are not using Zero Trust yet, as that will be a stage three. First, we want to get rid of the on-premises VPN gateways and then start developing Zero Trust, so it is not in use at the moment. I am not sure what Hybrid Private Access means, but what we have is an integration from Cisco Secure Access to our SD-WAN, where the Cisco Secure Access Points of Presence are directly connected with our SD-WAN cloud, optimizing the communication. I am not sure if that is what is meant by Hybrid Private Access. I would rate this product overall a six out of ten.

The product also optimizes firewall capabilities for geographically distributed operators and enhances proxy-based architectures with Secure Web Gateways and CASB for cloud or SaaS applications. By integrating with identity providers like Azure Entra ID or Okta, Cisco Secure Access facilitates the transition from VPN to ZTNA while ensuring compliance with principles like least privilege access.

Additionally, it incorporates identity and device risk scores for dynamic access policies to respond to varying risk thresholds. The service is particularly useful for managing old VPN infrastructure replacements, firewall optimizations, and bridging the gaps between old and new secure access technologies.

The product also addresses unique geographical challenges, such as ensuring secure internet access for oil rigs in remote locations. Furthermore, Cisco Secure Access's multi-tenancy and Policy Verification features are crucial for managing multi-organization environments and ensuring policy accuracy, respectively.

Hybrid Private Access is particularly useful in regions where replacing existing gear isn't feasible due to cost concerns. Lastly, the product's AI-driven features like AI Access and AI Assistant ease policy management and triage, reducing the time and efforts needed in these processes.

The integration with identity providers facilitates this transition and aligns with Zero Trust Network Access principles. The platform offers capabilities like Secure Web Gateways, Firewall-as-a-Service, and CASB for enhanced cloud-based functionality. Its Policy Verification runs checks to prevent policy misconfigurations, a necessary feature for managing multi-organization environments.

Moreover, the product's AI-driven capabilities streamline policy management and triage, enhancing operational efficiency. Hybrid Private Access and multi-tenancy capabilities make it resource-efficient and particularly useful for unique geographical challenges. The product is scalable, adjusting to new requirements easily, and is backed by robust technical support.

Furthermore, while the AI capabilities of Cisco Secure Access are useful, they are not seen as major differentiators compared to competitors such as Palo Alto.

Additionally, though the existing threat intelligence is sufficient for most use cases, extending the integration scope with other tools, especially concerning AI supply chain risk management, could enhance its functionality.

Regarding the multi-organization management capability, it is akin to multi-tenancy, helpful for service provider infrastructures with multiple clients or single customers with diverse business units. It brings intuitive infrastructure management without providing unique features compared to competitors.

AI supply chain risk management, while theoretically beneficial, may not give an edge unless thorough integrations with additional tools are pursued. Furthermore, the choice of not implementing low-cost workflows was based on a need for higher security enhancements.

I would rate this review overall at a seven out of ten.

My main use case for Cisco Secure Access is remote access.

As an aerospace company, security is highly important for us, and we have various security schemas across the company. We try not to treat everybody as the highest schema, so Cisco Secure Access gives us the ability to detect and put users where they need to go and not just shove everybody into the whole secure area.

I find the posture checking feature of Cisco Secure Access the most valuable, and I also appreciate the ability to tag clients to place them into the right segment.

We're just getting started with Zero Trust Network Access, and we have a long way to go in that aspect. We haven't expanded any usage; more of the posture and things we've done more with technology.

They've protected us from threats like phishing and ransomware.

The only improvement I see for Cisco Secure Access is the way that we're using it; we're not fully integrating it into our client consoles, which affects the user experience. That's more of an internal issue than a Cisco issue.

I struggle with the integration of CASB functionality for exposing Shadow IT within our organization. As a company of engineers, they tend to do smart things and just go around you, so it's always a challenge for us.

Regarding the integration with Cisco Talos, it's something that we're not utilizing as best as we can. We should leverage Talos more.

From a licensing perspective, Cisco can improve. It gets very complicated about what's included and what's not included. The way that we're using Cisco Secure Access today, it doesn't scale with the growing needs of our organization, however, if we leveraged more of the cloud services, it would fit better.

I have been using Cisco Secure Access for seven years.

Cisco Secure Access has been pretty stable. I can't really speak to downtime or performance issues much; I know we've had a few. I don't have the details to say whether it was a Cisco problem or an internal issue.

The way that we're using Cisco Secure Access today, it doesn't scale with the growing needs of our organization, however, if we leveraged more of the cloud services, it would fit better.

I don't really get involved with customer service and technical support. From a cloud team perspective, I'm aware of generally how we approach it. On a scale of one to ten, I would give customer service and technical support an eight.

Prior to adopting Cisco Secure Access, I have used another solution.

I wasn't involved in the deployment of Cisco Secure Access. That said, I'm not aware of major issues.

I don't see ROI with Cisco Secure Access right now; it's more of an internal issue. We have too many access platforms, and we need to consolidate. If we could solidify our access platform and eliminate non-duplication, the ROI would look much better than it does right now. That's our problem, not a Cisco issue.

I don't get involved in pricing scenarios; however, from a licensing perspective, Cisco can improve. It gets very complicated about what's included and what's not included.

We're definitely looking at more SaaS-based solutions such as Zscaler and Palo Alto before selecting Cisco Secure Access, dabbling in them yet never fully committing.

We did not purchase the solution via AWS Marketplace.

We consider a change since we're trying to achieve a user experience that's lighter weight.

I'm not an administrator, so I can't really speak to the ease or difficulty of managing Cisco Secure Access through a single cloud-managed console.

I would advise other potential customers or organizations considering Cisco Secure Access to take a closer look. They've added some features in the last year or so that have advanced significantly. They've caught up from the market where other people were ahead of them. I rate Cisco Secure Access seven out of ten.