Secure Access

The main use case for Cisco Secure Access is for posture management, managing network devices, guaranteeing guest access, BYOD, guest, and sponsor portal. I have used Cisco Secure Access from end to end.

I consider network segmentation as one of the most valuable functions of Cisco Secure Access.

I use the Zero Trust Network Access (ZTNA) feature of Cisco Secure Access, and we have currently deployed it for ZTNA. I appreciate the identity management of devices where they are connecting to the network. The device needs to be trusted always, which is actually a good security best practice because it does not involve trusting a device once and then allowing it network access.

I have experience with the integration of CASB functionality in Cisco Secure Access. The cloud access broker has helped by providing a bridge between the user directory and functionality, allowing the system to enforce data control, compliance, and threat protection. This is good security practice as well.

How easy or difficult it is to manage Cisco Secure Access through the single cloud-managed console depends on who you talk to, but for me, with my experience, it has become very easy and really manageable. Much of the interface has been improved significantly, making management easier. The upgrade of the interface really has changed a lot, which makes it easier to remember.

Automation is something Cisco could improve for Cisco Secure Access. I have seen the way they have done this with SD-WAN, where you have automation of VPN through auto VPN tunneling and the creation of tunneling between SD-WAN. If Cisco could improve Cisco Secure Access in the same way, there should not be as much configuration needed, because companies are really keen when it comes to deployment these days. We need to automate deployment. If they could do that with Cisco Secure Access as well, especially with big branches, it would be great. I have worked with almost 200 branches, so configuration in all these branches is needed for security. If this could be integrated and automated exactly like the auto VPN that happens on SD-WAN, it would be excellent.

Regarding support, I do not know what happened to Cisco. I contact them, and the support has been a pain. The quality of support has dropped so drastically that it is not even funny.

I have been working with Cisco Secure Access since 2012.

Our deployment process is mixed. We are deploying for different clients, so it depends on what client they have.

Regarding support, I do not know what happened to Cisco. I contact them, and the support has been a pain. The quality of support has dropped so drastically that it is not even funny.

The setup process for Cisco Secure Access is very straightforward. Integrating with SD-WAN is really easy.

We are fighting internally with Zscaler because they are saying it is cheaper. Pricing is competitive between solutions. Palo Alto is coming very well as well. I am not sure if Cisco is also looking at that, but they are also coming with a lot of functionality within the Palo Alto space for the SASE function.

Cisco Secure Access does help me protect my company from threats like phishing and ransomware. The fact that Cisco Secure Access integrates Zero Trust, the secure gateway, and data loss integration does a lot to help with email security because of the integration with Cisco Web Gateway. Training users is also necessary because security involves users as well.

I am satisfied with the functionality of Cisco Secure Access. One of the areas I have not investigated much time on is the integration with the segmentation within the SASE solution. I have been doing it on my side, but I still need to understand how it integrates and how it can work instead of using the NAC solution. The ICE function could be integrated within Cisco Secure Access. I think that would be better because Cisco has integrated firewall as a service, so why not also integrate the NAC solution as a service in that platform as well.

I have given this review a rating of 9.

The two typical use cases of Cisco Secure Access are how remote workers securely access both private applications, public applications, and SaaS applications from anywhere.

In my opinion, Cisco Secure Access is a complete SSE solution. The second good thing about it is that it has very deep end integration with other products which are required to improve security, such as multi-factor authentication and NAC products, all coming from Cisco. Whatever the customer use case may be, not only Cisco Secure Access but other applications coming from the Cisco security product line are available without needing to look outside of that ecosystem. Typically, I can just take it from Cisco and complete the entire solution.

From my perspective, it is quite easy to manage Cisco Secure Access.

The Talos integration for threat detection and response capability is a must for any product, whether running a SIEM or XDR. The Talos threat intelligence, which is possibly one of the largest organizations that gathers all this data and sends updates, comes free with every Cisco security product. That is really important because security is not static; it is dynamic. New viruses and malware are emerging constantly. Talos ensures that I get updates of everything being seen across the globe so that I am not left behind.

When it comes to protecting against phishing and ransomware, it is pretty good because all identified signatures and non-signature-based protections get updated through threat intelligence. However, as I said, it all depends upon what your attack surface is. If the attack surface is mail, for example, where the bulk of threats get percolated, then it has to be augmented by additional security layers such as email security. Based on the threat attack surface, you have to protect those also with an additional set of software.

The only negative side of Cisco Secure Access is the mindshare. From my perspective, the greatest positive side of Cisco is that it has a very complete story on the entire overall security requirements of a customer, whether it is end user security, network security, or workload security. It covers it all. Having said that, the customer mindshare of looking at Cisco as a security OEM is pretty low. That is one thing which in my mind, Cisco has to really improve.

The second thing is, of course, multiple panes of glass to manage multiple products. That has been a long-standing demand from customers that they should simplify that, and Cisco is working towards it. The third thing is AI integration. Cisco is also aggressively working on AI integration with their products. Mindshare is one of the biggest challenges of Cisco security products, and they have to increase customer awareness sessions to increase the customer mindshare about their security products.

One big challenge which I see with Cisco is their MDR capabilities. They do not provide it as a service, which Palo Alto does provide. Cisco's policy and strategy is to enable partners so that it becomes partner-enabled services using Cisco products. Whereas Palo Alto provides MDR as a service and Sophos provides MDR as a service, Cisco enables partners such as us to provide equivalent services. However, there are multiple enterprise customers who would prefer to go to the OEM for that service. There are multiple big wins which Palo Alto had in India because of their own MDR capability. If I were to fight as a partner with my capability and Cisco products, I surely cannot fight the might of Palo Alto. That is one area where possibly Cisco has to relook.

With regards to my experience with Cisco Secure Access, I have been working with it for at least two years now.

Regarding Cisco Secure Access, I would agree that it is a 99.9% stable and reliable product.

My impression of scalability for Cisco Secure Access is good. Being a cloud solution, it has unlimited scalability. Scalability is not an issue. You can scale based on the number of users and licenses. You have SIA, SPA, and all licenses. Scalability is not an issue since it is a cloud-based solution.

I believe customer service from Cisco is good and not a problem in India.

Regarding the deployment procedure and installation of Cisco Secure Access, it is straightforward and not much of a challenge.

We usually deploy Cisco Secure Access in our Center of Excellence, and we keep demonstrating that to the customers. It is fine and not much of a hassle.

Quantifying the return on investment depends upon what the use case is and the automation we can build up. We just did some study where, with automation and all of that, we can get almost 30% ROI.

In comparing Cisco Secure Access to its competitors in the market, I think the leader is definitely Palo Alto.

Comparing Cisco Secure Access pricing with its peer group, I think they are still comparable in terms of pricing. It also depends upon how desperate Cisco is to win the deal; they can also go better. When I say peer group, I am talking of Palo Altos of the world, and so forth. They are a little bit on the higher side, but still, when it comes to closure of the deal, they get aggressive and they can meet up with the competitive price points.

I have to study more about Cisco Secure Access's ability to provide secure access via HTTP/2 and optionally QUIC, so I am not aware of this, and I will not comment on that.

Summarizing all that I have told you about Cisco Secure Access, mindshare, multiple panes of glass, AI integration, and MDR are all aspects that could be slightly better. Those are the areas for improvement. Overall, I would give Cisco Secure Access a rating of eight out of ten.

My clients' use cases for Cisco Secure Access involve both business and technical purposes.

Cisco Secure Access is a zero trust network access solution that I propose mostly for network access so clients can access the network or their cloud platform for workload.

One of the strongest parts of Cisco Secure Access is that along with Cisco SD WAN solution, I propose this as a bigger advantage in access and the DNA for secured access while roaming users to the SD WAN tab.

It is very easy to manage Cisco Secure Access through a single cloud console because along with Cisco DNA architecture, it connects smoothly, and Cisco provides two methods: the catalyst SD WAN solution and Meraki.

It helps to secure standard applications.

When speaking about improvements for Cisco Secure Access, the licensing structure is an area of concern, as many users struggle to understand how it works.

I see technical limitations and challenges on the Catalent DMA solution, especially when integrating it with the SD WAN fabric, and it could be easier to integrate the tools.

In terms of features and capabilities for Cisco Secure Access, it could improve user-friendliness for the Catalyst dashboard, whereas Meraki scores ten out of ten for user experience.

I started working with Cisco Secure Access almost three years back, as I am working with Cisco SoC.

From my two decades of experience with Cisco, I find the solution to be stable.

Cisco Secure Access is generally a scalable product.

My experience with Cisco customer service is satisfactory.

I would rate my experience with Cisco support as a nine.

I am working with a couple of competitors' products for the same use case.

The installation procedure for Cisco Secure Access is case-to-case and depends on the customer workload, which allows for proper study based on customer instructions.

Based on ROI, Cisco Secure Access is worth the investment, as it is a core security product that allows customers to measure their ROI effectively.

In terms of cloud security and SD WAN security, Cisco leads, but in the firewall area, Fortinet is ahead.

My role is that of an integrator with Cisco Secure Access.

Cisco Secure Access integrated with Cisco Talos collaborates effectively, as I see that Cisco Talos has a much higher level of signature intelligence than the competition.

I would say Cisco Secure Access has a huge impact on protecting the company from threats like phishing and ransomware, as Talos provides all the necessary features to mitigate spam, phishing attacks, and offers sophisticated security measures at the gateway and system level.

All these functions will work based on the customer use case, and if the customer uses the SaaS platform, it will help to securely access web applications.

I would say it is beneficial.

The main negative point I see is related to the licensing structure.

I can give Cisco Secure Access an overall score of ten based on my satisfaction with the product.

Our main use case for Cisco Secure Access is providing security for hybrid and mobile workforces. One of the big challenges these days is the fact that you will have users in the office, working remotely, and all will have different access policies.

You will have users that will be technically hopping between offices, remote work, and working on the road. The trick is determining how we can have a single, consistent security policy for those users. Cisco Secure Access helps us with that quite a bit.

We did our first pilot deployment of Cisco Secure Access about three years ago, and we have deployed it successfully at several customers since then.

The VPN as a service is the feature that we like the most and the one that our customers like the most. Historically, you would have to maintain a firewall or other local VPN concentrator device. With Cisco Secure Access, now you can VPN in directly to Cisco Secure Access cloud, have that security policy applied, and then get directed either to the internet for SaaS apps or cloud services or to local on-premises resources through Cisco Secure Access system.

AI Access feature is a relatively new feature in Cisco Secure Access, but it is one that has become very important, especially in the last year or so, as end users have started to make a lot of use of the big AI tools, ChatGPT, Claude, and all that. There is now a big concern about those users putting inappropriate information into them, confidential information, regulated information. Being able to more tightly control what models my end users use, what services they use, and what information they submit has become a major part of end-user security in general. With Cisco Secure Access, I can do that whether you are in the office, on the road, or working from home. I can ensure that wherever you are at, you are not using AI models inappropriately and exposing us to risk.

Digital Experience Monitoring is for Cisco Secure Access and really any kind of SASE deployment. You need to know how the users are using the system and what their experience is so that it is easier to troubleshoot. Because you could have users anywhere, how are they getting access to the resources? If they are having problems, how can we help troubleshoot that? ThousandEyes integration with Cisco Secure Access is a pretty comprehensive visibility tool. It works everywhere from, for example, a work-from-home user. Are they having poor connectivity? ThousandEyes will let us see that it is their home network. They have bad wireless signal. We can work with them to fix that. Alternatively, it reveals problems with their internet connection. Or if they are traveling, what is the total visibility within the entire path between them and the application, whether it be a SaaS app, locally hosted, or something hosted in Azure, AWS, or any of the big cloud providers.

These days with supply chain attacks being a major problem, being able to vet anything that is downloaded by developers, by end users for business use, is almost a requirement these days. With Cisco Secure Access, because I can do that, this goes back to that security anywhere for any user at any time. Being able to ensure that we have that coverage for someone working from home, someone working remotely, someone on-premises, keeps that supply chain risk low.

I think it is a matter of especially keeping up with the times. I mentioned AI defense earlier, but as AI use and especially as we get into agentic AI use, seeing how Cisco Secure Access works to control those agentic uses especially is important. I think that is where we expect the big improvement to be.

I have been working in IT consulting for about 22 years.

It has been rock solid and stable. I can only think of one service disruption that I have seen with it in the last several years we have been using it, and that was really only for a very short amount of time.

Cisco Secure Access is a very scalable solution. Being cloud-native, scalability is really built in. The user management controls work well even for our larger customers with large numbers of users. I would say scalability for Cisco Secure Access is a very strong point. It builds on Umbrella, which is a highly scalable security solution. We see that there as well.

When we have had problems, they have been very quickly resolved. The support engineers have always been of a high quality. The only bad experiences we have had were really sort of when the platform launched and I think even Cisco was still learning how to support it.

There was no single solution before. What we were doing before Cisco Secure Access was just a traditional on-premises VPN or other standalone remote access solutions, which was always, I think, a management headache. Multiple products were needed for different use cases. Moving to Cisco Secure Access really helped consolidate all that into one overarching end-user security platform.

Overall, it has been a fairly good experience. Deploying Cisco Secure Access, because for a lot of customers they started with Umbrella, and it goes back to that same operational model, that same user interface, the same configuration model, has made it probably one of the easier SASE solutions to deploy compared to some of the other vendors out there.

For our customers, it has been a big time saver in terms of policy management. Because now, I do not have to maintain separate policies for my remote users versus my on-premises users or people in a hybrid environment. For our customers, there has been a pretty good ROI and pretty quickly too.

For our customers, it has been a big time saver in terms of policy management. Because now, I do not have to maintain separate policies for my remote users versus my on-premises users or people in a hybrid environment. For our customers, there has been a pretty good ROI and pretty quickly too.

Pricing for Cisco Secure Access has been very reasonable in the context of the entire world of SASE solutions. Setup costs for customers coming off of Umbrella, because of the fact that it is an evolution, the setup costs for our customers have been low. A little bit higher for greenfield, but Umbrella has always been a fairly easy product to turn up and Cisco Secure Access sort of continues that. Getting customers up and running with it is pretty easy and not too expensive.

The other solution that we considered heavily was Palo Alto's Prisma Access, or what they call Prisma SASE now. What we found is that with Cisco Secure Access, it was a much easier on-ramp for our customer base. It was easier to get that quick ROI.

One of the things about policy verification is with Cisco Secure Access and modern security products in general, policies can become very complicated, very quickly, especially once you start doing role-based policies. To have a tool that helps you validate the policy before you push it out to the end users ensures that the end user satisfaction is higher, fewer complaints, and fewer headaches for the IT staff when making big policy changes.

It is a solid 10. It does exactly what we need it to do. It does so in a way that is easy to manage, easy to control, and gives us the information that we need to make sure our end users have a good experience wherever they are working. My overall rating for Cisco Secure Access is 9.

The biggest advice I give to anyone looking at Cisco Secure Access or really any other SASE solution is a lot of planning. SASE deployments tend to be complex, and while Cisco Secure Access does a great job of simplifying things compared to some of the other vendors out there, a good solid project plan, a good solid assessment of your needs before deploying is always something that I would recommend anyone does.

Cisco Secure Access is used primarily for remote access into on-premises servers. We are currently in a hybrid ZTNA and VPN solution, and with ZTNA, we have more flexibility about what traffic goes over VPN and what traffic stays through the internet.

We still have the VPN aspect, and with ZTNA we also have the ability to make those on-premises servers accessible securely anywhere in the world.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product, and it has both the clientless and the client aspects, which I really appreciate.

The features of Cisco Secure Access that I like the most include its ease of use.

Cisco Secure Access is both client-based and clientless.

The multi-organization management capability of Cisco Secure Access is very usable and very user-friendly, and the end users are happy with it. I try to make the product and the process as painless as possible for all our end users, so it runs well.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product with both the clientless and the client aspects.

We have not explored much of the Experience Insights feature powered by ThousandEyes of Cisco Secure Access, as it is part of our Meraki package, but we have not really done much with it yet.

We have been using Cisco Secure Access for about five years now.

I would assess the stability and reliability of Cisco Secure Access as very good. Nothing comes to mind regarding downtime, crashes, or performance issues.

My experience with customer service and tech support is great, and I am very happy. Every time I run into an issue, I can get a hold of someone at Cisco to get it fixed.

They are responsive and quick on their feet.

To address the same issues, my organization did not have any solution put in place.

I have not used the policy verification to help reduce policy misconfigurations.

Policy configurations have not caused slowdowns or blocked access for users in the past.

My experience with deploying Cisco Secure Access is that it is very easy to integrate with the Meraki products.

We implemented Cisco Secure Access about five years ago.

The pricing setup cost and licensing was not complicated; it was painless.

When selecting Cisco Secure Access, we were not looking at different options in comparison. We knew we were going to move all of our hardware over to Cisco, and so it made sense.

Comparing Cisco Secure Access to something like Cloudflare One, in the future the cost can come down. I have also looked at Zscaler for ZTNA, but overall, it is a robust product. Obviously, we always look at cost. I think Cloudflare may not have as robust of a product, but the cost is very minimal.

I would give Cisco Secure Access a rating of eight.

I would give customer service and tech support a rating of nine.

My overall review rating for Cisco Secure Access is eight.

My main use cases for Cisco Secure Access are firewalls between our IT and OT networks and VPN access to our OT network. For the most part, I am strictly using Cisco Secure Access as a next-gen firewall, using it for deep packet inspection visibility, but mostly for VPN remote access.

The integration has been really good for my identity management and security measures. There have been some difficulties at times, but we have been able to get it to work.

I would describe my multi-organization management capability of Cisco Secure Access as having its ups and downs. There are times it feels difficult to navigate and get things configured, but that is coming from a CLI perspective. I can see improvements from the previous versions and generations. It is getting better. I think I just need to get acclimated to it and get used to it.

For us on the OT side, Cisco Secure Access has been good in scaling with the growing needs of my organization.

I am not sure which features of Cisco Secure Access I appreciate the most.

I have not used the policy verification feature of Cisco Secure Access to help reduce policy misconfigurations.

I am not certain how Cisco Secure Access can be improved or what additional features should be included in the next release.

My experience with deploying Cisco Secure Access has faced a few challenges, I believe, just as with policy configurations. That is getting familiar with the interfaces and other aspects. I think these are things that I was able to work through.

I have been using Cisco Secure Access for approximately three to five years.

I have not experienced any downtime, crashes, or performance issues with Cisco Secure Access, so I assess its stability and reliability as good.

I have not expanded usage of Cisco Secure Access significantly. Only client user-wise have I expanded, but not infrastructure-wise.

I would rate my customer service and technical support for Cisco Secure Access a five out of five. I give them a ten on a scale from one being the worst to ten being the best because they are very responsive.

Prior to adopting Cisco Secure Access, I was not using another solution to address similar needs.

My experience with the pricing, setup costs, and licensing of Cisco Secure Access has been straightforward with our Cisco partner.

I did not upgrade from Umbrella to Cisco Secure Access.

I have seen a return on investment with Cisco Secure Access.

I have always been a Cisco shop and did not consider other solutions before selecting Cisco Secure Access.

My advice to another organization considering using Cisco Secure Access is to do your homework. I would rate this review a nine out of ten.

Cisco Secure Access is used primarily to navigate the internet while protecting users when they visit dangerous sites.

The protection feature is what I appreciate most about Cisco Secure Access, and we use it together with other tools while implementing Cisco Secure Access with SD-WAN.

The benefit I have experienced from Cisco Secure Access' identity-based security measures in my organization is the ability to control the profiles.

Cisco Secure Access can be improved by developing a portal to control all tools together, which is the feature I want most as we are on this journey and learning about it.

I have been using Cisco Secure Access for one year since we migrated from Umbrella.

I assess the stability and reliability of Cisco Secure Access as top-notch, and I have not experienced any downtime, crashes, or performance issues because we built the solution and performed the tests step-by-step. When we encountered a small issue, Cisco was with us and provided the solution very quickly.

I would rate the customer support and tech assistance as a 10.

Before using Cisco Secure Access, I considered Umbrella and then moved to Cisco Secure Access.

My experience with deploying Cisco Secure Access was easy because Cisco worked with us through the process.

My experience with pricing, setup cost, and licensing has been somewhat unclear, but we can certainly improve on that aspect.

The benefit I have experienced from Cisco Secure Access' identity-based security measures in my organization is the ability to control the profiles.

The protection feature is what I appreciate most about Cisco Secure Access, and we use it together with other tools while implementing Cisco Secure Access with SD-WAN.

I have used the Zero Trust Network Access feature, but we use it directly on the firewalls rather than through Cisco Secure Access.

Granular access controls have helped in managing user permissions by allowing some users to have access to YouTube for trainings and specific videos while other users do not have this kind of access.

To measure the impact of detailed analytics on my understanding of network vulnerabilities, we use it together with scans to find vulnerabilities and threats and to have a fast solution to address them. We use it together with Cisco DNA, for example, and when we receive documentation about vulnerabilities, the team sends it to us and we can treat it directly and upgrade or take the necessary steps to avoid this kind of vulnerability.

I rated this review a 10 overall.