Cisco Secure Access Reviews

Cisco Secure Access is used primarily for remote access into on-premises servers. We are currently in a hybrid ZTNA and VPN solution, and with ZTNA, we have more flexibility about what traffic goes over VPN and what traffic stays through the internet.

We still have the VPN aspect, and with ZTNA we also have the ability to make those on-premises servers accessible securely anywhere in the world.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product, and it has both the clientless and the client aspects, which I really appreciate.

The features of Cisco Secure Access that I like the most include its ease of use.

Cisco Secure Access is both client-based and clientless.

The multi-organization management capability of Cisco Secure Access is very usable and very user-friendly, and the end users are happy with it. I try to make the product and the process as painless as possible for all our end users, so it runs well.

Cisco Secure Access has affected our transition to zero trust and least privilege principles by enabling us to run an RDP session through a web browser and tie it in with our Azure AD SSO, so users do not even need a client and can still log into these servers securely.

I am happy with the performance and security levels it provides. I feel it is a robust and high-performing product with both the clientless and the client aspects.

We have not explored much of the Experience Insights feature powered by ThousandEyes of Cisco Secure Access, as it is part of our Meraki package, but we have not really done much with it yet.

We have been using Cisco Secure Access for about five years now.

I would assess the stability and reliability of Cisco Secure Access as very good. Nothing comes to mind regarding downtime, crashes, or performance issues.

My experience with customer service and tech support is great, and I am very happy. Every time I run into an issue, I can get a hold of someone at Cisco to get it fixed.

They are responsive and quick on their feet.

To address the same issues, my organization did not have any solution put in place.

I have not used the policy verification to help reduce policy misconfigurations.

Policy configurations have not caused slowdowns or blocked access for users in the past.

My experience with deploying Cisco Secure Access is that it is very easy to integrate with the Meraki products.

We implemented Cisco Secure Access about five years ago.

The pricing setup cost and licensing was not complicated; it was painless.

When selecting Cisco Secure Access, we were not looking at different options in comparison. We knew we were going to move all of our hardware over to Cisco, and so it made sense.

Comparing Cisco Secure Access to something like Cloudflare One, in the future the cost can come down. I have also looked at Zscaler for ZTNA, but overall, it is a robust product. Obviously, we always look at cost. I think Cloudflare may not have as robust of a product, but the cost is very minimal.

I would give Cisco Secure Access a rating of eight.

I would give customer service and tech support a rating of nine.

My overall review rating for Cisco Secure Access is eight.

Hybrid Cloud

Microsoft Azure

Our company's use case is exclusively for VPN, specifically for remote users at this time. We are exploring what other possibilities or functions are available, such as ZTNA and other features, but we have not reached that point yet. The only business case that stacks up currently is the replacement of a legacy VPN with Cisco Secure Access. We are looking to explore further functionalities that come with it.

Using Cisco Secure Access for VPN as a service is key, especially with hybrid working where many users are home-based or traveling around the world. It is crucial that we get the VPN up and running consistently, especially if people need access to secure resources. Based on our use case, I think it has been really good to see the statistics and the number of users connecting daily, and we receive great data from it. There are many more things we can do, such as integration with ThousandEyes and Cisco ISE, but we have not done that yet. For now, we only use the basic functionality, which is a VPN as a SaaS service, but we are looking to expand to zero trust network access and various other features available.

The most valuable feature of Cisco Secure Access is the VPN, which I find very easy to use. It has a great GUI, and it is easily explainable to people. When we have remote users, it is quite easy for them to understand how they can log on, and even setting up the solution, we probably accomplished it in a record 24 hours. We worked with your expert and the product was up and running in 24 hours. We had a few more things to sort out, but it was fully functional in 36 hours with users able to log on. It is a great product.

I do not think there is anything I would improve about the product other than the support issue. I know there are various integration things when it comes to SASE, and Cisco Secure Access is one of the products that will help us in that journey. We have many Cisco routers and there is more we can do with the product, but we have not been able to use it to its full capacity yet, which is one of the plans we are working towards for this year.

I have been using Cisco Secure Access for 14 months.

I find the solution stable. Other than when you do work in your data center, I think that is where we need to improve a bit. When you have planned works in your data center, I think you need to carry out some post-checks to ensure we are not affected as users.

I think it is scalable. You can run much more, and as I mentioned, there are so many things you can do with it. It is just that we need to find a proper business case and get everybody on board; it is going to be a journey.

My experience with Cisco support has been brilliant. We had a couple of issues recently, but I think the team has been very helpful. We had some planned upgrades in Cisco's data center, and after that, we had some posture issues. We escalated to Cisco, and once the issue was identified, we received really good support. I am pleased with the support we have from Cisco.

I would rate Cisco support an eight out of ten. I would have given them a ten if we did not have those issues last week. Based on that, I would probably say eight. The recovery was alright, but I think there is quite a bit of work to do around making us aware of the works taking place and what we need to be aware of. Other than that, I think it is brilliant support from Cisco. I quite appreciate your experts; specifically Luke Abditch has been a brilliant resource. He helped us set up the entire platform.

Positive

The issue from last week was that during planned maintenance, you specifically performed posture checks and updates that had compatibility issues with Cortex. We were not really notified about what it was going to affect. In the morning, when users tried to log on, nobody was able to log in, and we had to get the right people from Cisco on the call to diagnose the faults. I think that is probably an improvement area, so people know what sort of works took place and where we need to concentrate to investigate the issue. After it was identified, I think it was spot on, and we were back up and running.

To make it a ten, I think it is both ways. I have not explored the product to its full extent, so once we make use of it more, then maybe we will face a few more challenges with integration. Other than that, for now, it is an eight for us.

What would help me explore it more is really about getting everybody on board from our side; it is not to say it is a Cisco issue. It is more us trying to inform people about what else we can do with this product. We do not want to rock the boat, but we want to do it in a phased manner.

Cisco could help me with onboarding more users and features. My overall review rating for Cisco Secure Access is eight out of ten.

Hybrid Cloud

Other

I have been using Cisco Secure Access for three and a half years since I joined. The primary use case for Cisco Secure Access is to provide security services across networks. The main job is to securely connect all our employees to any applications or resources from anywhere without relying on traditional or clunky corporate VPN. Cisco Secure Access acts as a single cloud-delivered security checkpoint for us.

In the old way, the existing VPN client connected the laptop directly into the corporate network. Now, when I open my browser and type any URL on the internet, such as for a financial application, Cisco Secure Client runs on my laptop and intercepts this request and securely passes the context to Cisco Secure Access cloud.

My organization works with GDPR compliance, data privacy, and some AI use cases. We have very big financial decisions every day, every year, every month, and every quarter. For us, we have to make sure that the employee data, the customer data, and the metrics we produce are secured.

Cisco Secure Access offers zero-trust network access, which replaces the legacy VPN by granting application-level access instead of full network access. The Secure Web Gateway plays an important role for us. Since we are in the financial sector, we look after bank data and financial institute data, which is related to financial decisions. This is one of the crucial roles for me to make sure that the data is not breached and we are also compliant with GDPR activities.

We have seen a radical optimization in terms of security operations. For a long time, my office bought separate point solutions, such as for DNS filtering. A traditional hardware VPN proxy could not resolve those issues.

Cisco Secure Access handles AI features by providing comprehensive visibility and control over generative AI applications. My organization is cloud-native, so we do not have on-premises deployment. We are using it on the public cloud itself via AWS, which serves as a virtual connector for us.

When it comes to reliability and overall trustworthiness, its AI capabilities help separate into two distinct categories: AI threat detection and enforcement.

Cisco Secure Access continuously checks identity, user context, and device postures. It has a dual capability client. One use case could be a secure gateway for a DNS layer. It is an Umbrella foundation, which blocks malicious domains at the DNS level.

It also spots any unwanted AI tools which are not governed by the officials. For the admin, the Cisco Secure Access dashboard provides a single, correlated health score for the user's device, network path, and application performance.

AI Assistant is a major operation feature from Cisco Secure Access. Security administrators use it extensively to simplify daily tasks.

In terms of identity management, we have VOYAM, which is our Vodafone internal tool, where all the employees are onboarded. If we do not have Cisco Secure Access connection, it does not allow us to open the applications without a secure network.

Cisco Secure Access is powerful, though there is no solution that is completely perfect. We have seen some pain points. One challenge is that the initial configuration and the policy migration can be quite complex, especially for large companies like us with legacy infrastructure. Another area for improvement could be that adjusting to the zero-trust model requires a cultural and operational shift for both users and the IT team, which can take some time.

Another potential friction point can be the authentication process, particularly if all of the people are repeatedly prompted for multi-factor authentication. All the time, I have to use my email, my password, and then I have to authenticate with the OTP.

I have used the solution for three and a half years since joining in 2023.

Cisco Secure Access is highly stable for my company. I have not seen any downtime. It maintains a strong uptime record because it is cloud-native. However, employees in specific geographic areas might experience intermediate connection timeouts, slow web loading, and some brief delays.

The platform is stable for us. For example, when our organization expanded or acquisitions happened, our employee numbers spiked, and Cisco Secure Access scaled instantly at the identity level. Cisco's platform is built in an elastic global cloud.

The support experience was good. I have seen that the people are highly technical in their expertise.

In terms of the networking, cybersecurity, and automation tools, Cisco Secure Access saves our company a massive amount of time and money. I have seen some reports where my company's use of AI-driven automated networking has saved three hours and twenty minutes per person per day. This is a huge achievement for us.

As an experience, I would definitely rate this at a nine because it really depends upon how we are having the connectivity itself. Cisco Secure Access stopped the repetitive data and the connection is seamless all the time. This makes us less annoyed to connect with the network again and again.

Another reason could be the simplification of IT management through the unified cloud dashboard, which consolidated multiple security functions for us and reduced the policy administrator efforts. In terms of the productivity, optimization, performance, and IT issues, Cisco Secure Access is playing every role. We have integration with Microsoft Azure. Cisco Secure Access makes the transition secure because it eliminates the security gaps during the migration phase. My overall rating for this solution is nine out of ten.

My main use case for Cisco Secure Access is providing access to private resources. For example, we have outstaff or any external partners, and we don't want to provide them wide access to our network. Cisco Secure Access provides us the opportunity to give access granularly, exactly for the resources that are needed for our partners, outstaff, and so on. It's one of the scenarios, and of course, besides ZTNA, we use internet access, which provides us the opportunity to control users through a web proxy and apply some policies to control them.

Regarding whether the deployment of Cisco Secure Access has impacted the help desk ticket volume and the end-user experience, I believe it has improved significantly. For example, we have two separate infrastructures; it is a hybrid one. In Ukraine, we have infrastructure in local data centers, and in Europe, we have it in the cloud with Google. To have access to private resources, we needed two different profiles of VPN. Using Cisco Secure Access and building IPsec tunnels between Cisco ASA and Cisco Secure Access, we can combine these two separate infrastructures and use only one account to access resources in Ukraine, in local data centers, and in Europe.

The feature I like the most about Cisco Secure Access is the whole concept of zero trust. It is exactly what we need, and I believe that Cisco Secure Access is the future of cybersecurity. For this year, one of the challenges for our team is to provide secure access instead of VPN.

An example of how Cisco Secure Access benefits the organization is that it can be maintained from one console, so we don't need a lot of staff to maintain it. With our current architecture with VPN, we need a lot of technical staff. We have a lot of processes like installing certifications, creating accounts in Active Directory, and so on. At that moment, we have Azure as an identity provider. We're connected with Cisco Secure Access, and we can do all of this from one space. And of course, if we're talking about security, it's the observability. We can control it from one admin panel.

In general, I think features can be improved. We have some issues regarding the routing, regarding some configurations, and so on. But we communicate with local Cisco partners, managers, and engineers, and they always help us to solve these issues. They are trying to push Cisco engineers to improve and develop more features that would be relevant for clients. So in general, I don't have any bad experience.

In my current field, I have been using Cisco Secure Access for more than seven years, and I believe this is the second year of implementing Cisco Secure Access.

Regarding customer support, I did not use it at some point, and we did not have any crashes or downtime during this period.

Cisco Secure Access is scalable to the growth of the organization.

Regarding customer support, I did not use it at some point, and we did not have any crashes or downtime during this period.

At the moment we decided to use Cisco Secure Access, I didn't think of having another solution. In the production environment, we use Secure Client. Of course, we had experience with another solution, with your competitors. We tried, for example, ZTNA from Cloudflare, but for our needs, we use exactly Cisco Secure Access.

The experience of deploying Cisco Secure Access depends on internal collaboration. If internally you have a nice collaboration with another team, it is easy. Because to deploy it, you need to collaborate with the DevOps team, with network engineers, and cybersecurity. If every one of these teams understands the reason why we would like to use it, it is quite easy and fast.

I cannot answer whether I have seen a return on investment from having Cisco Secure Access.

Regarding costing and licensing for Cisco Secure Access, we use a lot of services from the Cisco security bundle. Cisco Secure Access is part of this bundle.

I decided to use Cisco for a specific reason because historically we have used a lot of solutions by Cisco. At that moment, according to the functionality of Cisco Secure Access, it was one of the best solutions on the market.

Cisco Secure Access definitely utilizes the hybrid private access feature, with the configuration of conditional access and so on. Regarding the integration of Cisco Identity Intelligence with Cisco Secure Access, I am not sure.

The usability and efficiency of multi-organization management in Cisco Secure Access is quite high-level. Overall, I evaluate the AI applications in Cisco Secure Access positively as I don't have any bad experience. The AI Assistant in Cisco Secure Access is helpful sometimes, especially if it is something simple. I use the AI Assistant feature of Cisco Secure Access just during the configuration of the policy.

Cisco Secure Access is both a client-based and client-less solution. It depends on the case and situation. For some resources, for example, that store some sensitive information, I prefer agent-based.

The influence of Cisco Secure Access on the transition from VPN to ZTNA regarding users is that we just want to simplify the process of accessing private resources, and it only improves the user experience. The deployment of Cisco Secure Access has improved the help desk ticket volume and end-user experience by allowing us to combine hybrid infrastructure and reducing complexity with a simpler, unified access solution. Overall, I believe Cisco Secure Access deserves a rating of eight out of ten. It is a fast-growing solution, and I understand that it is in the process of developing, but your team is so responsible, and they are ready to help at any moment.

Hybrid Cloud

Google

The major use cases for clients regarding Cisco Secure Access involve ZTNA, for when you require cloud services, like ZTNA, Secure Web Gateway, CASB, and Firewall as a Service. When you want to secure your on-premises equipment, on-premises data center, or services center, we provide the connectivity through the cloud, and at that moment, we use Cisco Secure Access.

The ZTNA part in Cisco is very important because it helps my customers to secure applications. When you configure your application or deploy your application on the on-premises data center and you want to access it where there is no trust on the inbound—whether you are an enterprise user, a remote user, or any other user coming through the cloud—then you will provide only the split tunnel or the tunnel between the cloud and your data center, which provides Cisco Secure Access.

CASB is also relevant when your services are deployed in many different cloud services, as you can use CASB in those scenarios.

The biggest benefit of Cisco Secure Access, compared to Fortinet or other solutions from Palo Alto or Prisma, is its adaptability to different network environments.

Customers appreciate the good features of Cisco Secure Access because it is a hybrid network solution. When there is a hybrid network, customers require Cisco Secure Access so they can access both cloud services and on-premises data center services.

I would say it is easy to manage Cisco Secure Access through this console. It is similar to managing a firewall, such as the FTD, and the console is straightforward.

I have seen that if the on-premises devices are Cisco devices, then we use Cisco SSE. However, when there are Fortinet devices, then we use FortiSSE, which indicates a potential area for improvement.

Cisco could add new features in the future, such as enhanced automation capabilities. They are providing automation in their technology, which is an improvement area. If you use automation tools like Red Hat, you can perform automation more effectively. Regarding AI, I think Cisco is doing well, though there is still room for improvement in AI capabilities.

I started working with Cisco Secure Access relatively recently, but I understand how it works and how we submit proposals for Cisco Secure Access and Fortinet security solutions. When we require cloud security, then we provide Cisco Secure Access and SSE.

Cisco is stable and reliable.

Scalability mostly depends on the architecture, not on the hardware or OEM. How you architect and define the network design determines scalability. If you do not have a good architecture, you cannot achieve scalability.

I think Cisco's technical support is good. I believe that both Cisco technical support and Juniper technical support are very good.

If the requirement is for Cisco equipment, then we propose Cisco Secure Access. If the requirement is for Fortinet, then we provide FortiSafety.

As a system implementer, I think the biggest advantage of the product is its usability in various scenarios.

I am not certain who is the leader when comparing Cisco with Fortinet and Palo Alto. Both are good at what they do, and sometimes we cannot use all the features of any product. We use specialized or customized features for our data center according to customer requirements, and all follow standard features and protocols, which are good.

The HTTP protocol is important for connecting through the cloud or establishing a tunnel. A VPN service and another tunnel between the cloud SSE and your on-premises data center are essential.

Cisco Secure Client provides the resource connector. There is a connector on the on-premises data center, so we establish a secure connection, mostly VPN or IPsec VPN, between the cloud and the data center.

I would say that Cisco Secure Access is effective in protection from ransomware and phishing attacks. It is a standard they are using, and when you are using Cisco devices, then you can rely on Cisco cloud.

Both deployment parts are not very difficult. It is straightforward.

I did not deploy Cisco Secure Access myself, but I understand from my team that it is not a big challenge.

Cisco could add new features in the future, such as enhanced automation capabilities. They are providing automation in their technology, which is an improvement area.

My experience is primarily with clients using a hybrid model.

We mostly integrate with Azure and AWS through the cloud.

I cannot say who is the leader when comparing Cisco with Fortinet and Palo Alto. Both are good at what they do, and sometimes we cannot use all the features of any product. We use specialized or customized features for our data center according to customer requirements, and all follow standard features and protocols, which are good.

I would rate Cisco support at an eight out of ten. The overall review rating for this product is nine out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

My use case for Cisco Secure Access is to replace our on-premises, not site-to-site, remote access SSL VPN as we are going from on-premises to cloud service.

The second use case is to replace our Umbrella service, as we currently use Umbrella and will migrate to Cisco Secure Access as well, along with all the policies.

I consider the most valuable feature of Cisco Secure Access to be that it merged everything into one dashboard, the Cisco Secure Access dashboard. Previously, we had web access in one location and remote access in another, and we could not link them to each other. Now everything is in one place, and we can base the access control on usernames because we have the Azure Active Directory integration. We can also build policies based on that and can see or identify the impacted users.

Cisco Secure Access benefits our organization by offering Points of Presence close to our employees because we are spread across the world. Until now, we had only European gateways, so traffic had to go from India, for example, over to Europe and then sometimes back, which was delaying a lot. With Cisco Secure Access, we have a presence close to the user.

What we really find challenging is that we do not have granular role-based access control models. The only options we have are full admin or read-only. We have different departments in the company that have different responsibilities. While we as a networking team are full admins, we do not want to manage the policies regarding which websites are allowed and what is not allowed. That should be managed by our compliance team.

The granular access issue is coming from the product limitation at the moment, as it does not offer us the option to tell it that a particular role can only manage websites, allowed sites, and blocked sites. Categories or something similar are not possible.

If I had to improve the product, that would definitely be role-based access control. Though from another point of view, this limitation may also be a benefit because it forces us to implement our own front-end to use API calls. Using API, you can limit the access to that particular key.

I would rate Cisco Secure Access as very stable until now. We have not seen any service degradation during the maintenance activities that Cisco performs, which seems to happen frequently because we receive notification messages. However, we do not experience any service degradation, so that feels stable at the moment.

I find the scalability of Cisco Secure Access is working well at the moment. The main benefit is that we do not need to care for hardware anymore in the future, such as lifecycle management. However, the migration is a little challenging because the technical background that we had, such as the routing and what happens there, is not really visible to us in the cloud service. Those are the challenges, but we are working with TAC and onboarding people that are assigned to us at the moment from Cisco.

My experience with Cisco's technical support is good because the person assigned to us is guiding us. He understands what our use case is and he is guiding us on what we should configure and what we should not configure.

Before, we were using Cisco Firepower as SSL gateways.

I would describe my experience deploying Cisco Secure Access as working well, though we are hitting bugs. I have the feeling that whenever we explore a new product from Cisco, we hit a bug. At the moment, we are dealing with challenges because a new feature that was implemented is to support multi-tenancy. When we originally started, that feature was not available, so we had only one organization. Now we have a multi-organization feature, so we were migrated to it. However, we feel that with this migration, something was left behind that is not working properly. In our original organization, we have issues applying permissions for users, and we always have to raise TAC cases with the people who help us resolve it. They are currently working on that.

I have not seen a return on investment yet, as we are still building. We are in an extended pilot phase at the moment, where one country, India, is migrated to this solution, and we are deploying one by one, starting with less critical sites first, and then we will see.

We did not evaluate any other solutions before. It was basically a move recommendation by Cisco since we stuck with Cisco, as we had a subscription before. With the contract renewal, Cisco pushed us in a direction where we could keep using the old environment for free as part of the renewal, but we decided to go straight to the new product and migrate.

We use VPN as a Service for our users to remote access our company, and web browsing is going through Cisco Secure Access as well. I am not using the AI Assist feature in Cisco Secure Access yet. I am not aware of VPNaaS in Cisco Secure Access. We are not using Zero Trust yet, as that will be a stage three. First, we want to get rid of the on-premises VPN gateways and then start developing Zero Trust, so it is not in use at the moment. I am not sure what Hybrid Private Access means, but what we have is an integration from Cisco Secure Access to our SD-WAN, where the Cisco Secure Access Points of Presence are directly connected with our SD-WAN cloud, optimizing the communication. I am not sure if that is what is meant by Hybrid Private Access. I would rate this product overall a six out of ten.

Hybrid Cloud

Microsoft Azure

For Cisco Secure Access, my main use cases are the DNS functionality. Previously, we used Umbrella in the DNS stack functionality, and currently, we are using Cisco Secure Access.

Cisco Secure Access benefits my company by being a platform that integrates more than one solution, making it possible for us to have other solutions in the same platform, allowing us to manage SWG, the DNS part, and firewall.

The feature of Cisco Secure Access I appreciate the most is the DNS functionality. It's the main function that we are using currently. 

The impact Cisco Secure Access has on protecting my company from threats such as phishing and ransomware is significant. 

We utilize it extensively, especially the DNS part, which is very important. Even when we educate our users, the attackers become more advanced each day. They sometimes can use emails and other methods to attempt to attack our company, and Cisco Secure Access can help us protect our users, especially with the incredible DNS part.

The best part of managing Cisco Secure Access through its single cloud management console is that we can purchase as needed and add more products to this platform as necessary, within our budget. 

My perception of Cisco Secure Access's ability to provide secure access via standard HTTP2, and optionally the QUIC protocol, is that the platform is very complete, and the objective is to deliver a full stack of resources regarding security. We are offering this solution to our clients, and the adoption rate is incredibly high. They are very satisfied.

I have noticed that in recent years, particularly over the last year, Cisco has significantly improved the platform by consolidating more solutions within the Cisco Secure Access ecosystem. It is important for Cisco to bring more products. For us and our clients, it is easier to have a single pane of glass to manage all the solutions when discussing security. The platform being in the cloud also makes it easier as we don't have to have something on-premise in our environment for the solution.

We have numerous integrations, including Splunk and other solutions that can be integrated into the same platform. This is particularly beneficial when discussing the solution's benefits.

The worst part was the migration from Umbrella to Cisco Secure Access; we experienced some difficulties during that process.

Improving Cisco Secure Access is difficult for me to discuss in detail as I'm not the administrator of the platform. 

I have been using Cisco Secure Access for more than two years, since it was launched.

Regarding the stability and reliability of Cisco Secure Access, at least in Brazil, we don't hear about availability or stability problems. If a client has issues with the internet connection, it might not be the best way to deliver the solutions, however, this is a worldwide situation. We don't have problems with internet connections, especially in the offices, so it is not a problem.

Cisco Secure Access scales effectively with the growing needs of my company because we are talking about a cloud solution. It is easy to scale as necessary, especially when we discuss the DNS functionalities. 

We turn the traffic to the Cisco Secure Access cloud, and we can manage and apply the policies that are necessary, making it very easy to scale the solution.

I don't have direct experience with customer service and technical support, as I don't work in the administration of the solution. TAC is a worldwide service recognized as fantastic. We also have experience with other hardware and software, and my understanding of it is good. It provides good service.

Positive

My company did not consider other solutions before choosing Cisco Secure Access. We are a Cisco partner. 

However, our clients always evaluate other solutions. We work extensively to show the value of the solution since we have competitors, however, Cisco Secure Access has the advantage of delivering multiple solutions in the same single pane of glass.

We had a migration from Cisco Umbrella. There were some problems. However, the process now is easier as the solution is in the cloud and we can add more solutions and activate them in the portal. It's easy now. 

The biggest return on investment when using Cisco Secure Access is consolidating multiple solutions into a single pane of glass. We have competitors offering alternative solutions; however, they don't deliver the same level of integration as Cisco, which consolidates all solutions simultaneously through a single console.

Regarding pricing, the setup cost, and the licensing of Cisco Secure Access, being from Brazil, the cost for us is a very important point. Sometimes we show the solution for our clients, but the price can be problematic. 

We try to overcome this challenge by presenting the value and importance, especially for today's infrastructure to have more security, avoiding downtime, loss of data, and similar issues. The Cisco products are amazing, but especially in Brazil, when discussing the price, it remains a challenge.

We're a Cisco partner.

On a scale of one to ten, I rate Cisco Secure Access a nine.

Public Cloud

Amazon Web Services (AWS)

We installed Cisco Secure Access for customers rather than our company since we're a reseller.

Cisco Secure Access is not installed for VPN as a service; the customer using the VPN side is using it for access into the core network, so it functions as a landing point and an on-ramp into the core.

The most valuable feature of Cisco Secure Access is the secure web gateway, which provides the secure edge.

The reason for this is centralized firewall control for people going out to the internet, so you can manage it. The essential ROI we are looking for with Cisco Secure Access is secure access to the internet, and in reality, this is the key factor where we can control access based upon various aspects such as AD group, plus we have a single portal where we can see what is going on and easy management.

If I could improve Cisco Secure Access in any way, it would be with Meraki integration; we do a lot with Meraki SD-WAN, and while the functionality is coming, currently it is not an Auto VPN integration, but I know it is now in public preview, and we have started to have a look at it in the lab. That is key for us because we have had a lot of problems with the VPN from Meraki into Cisco Secure Access, especially since local breakout does not work if you are running BGP over the VPN. Auto VPN functionality would be a big improvement.

The other issues we are having are around Talos and content filtering functionality; the Talos database is insufficient because Cisco Secure Access web gateway database is not big enough to hold every URL, leading to numerous problems with URLs not being categorized correctly and a slow turnaround for recategorization requests. Therefore, improvements with content filtering and Talos integration are significant for us, and we are speaking regularly to the Cisco teams about this.

Another significant issue involves a parent-child problem we have with the URLs; if they match multiple URL categories, then the rule base only looks at the first category, so it does not match multiple categories, resulting in a lot of problems around the Talos content filtering integration.

I have been using Cisco Secure Access for three months.

Cisco Secure Access is stable, as we have had issues with the factors I have mentioned, but we can see that it is being developed all the time, which is key; new features are being released and integrated. It is stable, but since we are new to it, it is about getting an understanding and a better feel for it.

So far, the scalability of Cisco Secure Access looks good; we are going to test that more as we have a project now to roll out to quite a lot of sites. Based on our discussions with the Cisco team, we should be good, but I cannot fully answer that until we have pushed it out to the hundreds of sites that we are looking to do.

I have worked with the support team, and they are really good; I am actually about to meet one of the guys now to have a chat and catch up, so we have had some good exposure to the support teams.

The support team assigned to us is very good, so I would rate them an eight or a nine, but if you are raising a TAC case, it can be hit or miss regarding the knowledge of the TAC engineer that picks it up; on the whole, it is quite good, probably a six or a seven. However, there have been times when it has been lower due to the confusion between Cisco Secure Access and Secure Connect, especially when integrating Meraki support cases. Many of the Meraki engineers did not recognize Cisco Secure Access and only knew about Secure Connect, leading to some communication problems between Meraki and Cisco.

Positive

Deployment of Cisco Secure Access now takes around half an hour to add a new site now that we have the baseline in place.

Adding a new site is easy now that the framework is in place.

Regarding licensing, the Essentials license, being the entry-level option, is somewhat lacking in my opinion; you lose a lot of the Layer 7 functionality that customers are looking for today. When talking about secure access, you typically expect next-gen firewall type features, and Layer 7 is quite key for that, which you do not get much of with the Essentials, but the Advantage license has a lot more and seems a lot more robust. We would definitely be looking to push the Advantage license in the future rather than Essentials.

I rate Cisco Secure Access a six at the moment; it is developing, and we can see that progress is happening. Its potential is there, but if I am being perfectly honest, I think it is a little immature at the moment and needs some work to develop some features.

Cisco Secure Access is used for remote access VPN, supporting approximately 6,000 users in my organization. Daily usage ranges from about 3,000 to 4,000 users actually utilizing the solution.

The most valuable feature of Cisco Secure Access for users is that it is stable and it works in terms of secure access.

The overall success of Cisco Secure Access has significantly improved my organization's security posture in terms of security and usability compared to the previous solution, which was fairly convoluted with several different hops required to log in every day from home. With Cisco Secure Access, the process is much simpler and works better, particularly in edge cases such as being in a hotel or on an unstable connection, which often caused disconnections and required a full reconnect with the previous solution.

There is nothing about the product itself that I would particularly like to see improved, as nothing comes to mind regarding Cisco Secure Access.

I have been using Cisco Secure Access for about a year.

I certainly do not experience downtime with Cisco Secure Access, and there are not as many reliability issues compared to the previous solution, making it much more stable.

My uptime with Cisco Secure Access is very good, although I cannot specify an exact figure.

Cisco Secure Access does scale for my organization with 6,000 employees, and I believe we have the right devices for it. There have not been any issues with scaling as it was right-sized when it was implemented.

I have contacted Cisco support many times, though not specifically for Cisco Secure Access but for other things.

I would evaluate them overall as generally good.

On a scale from one to ten, I would rate them as a seven or an eight.

To make them a 10, it would be nice if there were not challenges in getting timely support due to our aerospace manufacturing constraints where we cannot share full telemetry or logs.

Positive

The previous solution I used before Cisco Secure Access was Ivanti Pulse Secure.

I decided to switch because Ivanti Pulse Secure was end of life, had vulnerabilities, and was not user-friendly, lacking features that you would expect from something like Cisco Secure Access.

The deployment of Cisco Secure Access was reasonably straightforward. Although it was not specifically me who completed it, everything has worked really well.

It took probably four or five months to deploy, as we had the kit for a little while, but the actual implementation was reasonably quick.

I have seen ROI from using Cisco Secure Access; it has provided benefits such as stability and ease of use since the previous solution was managed by third parties and now it is all in-house.

With reduced third-party costs associated with Cisco Secure Access, there is stability and reliability for the user base, resulting in less lost hours.

I do believe those vulnerabilities are covered now with Cisco Secure Access, as the support and patch support is better.

There is nothing that comes to mind that they can improve regarding vulnerabilities because as a Cisco product, I expect any vulnerabilities to be addressed quickly, and they do. They communicate clearly about what is going to happen and what needs to be done. With the previous product, there was often uncertainty about patch availability.

I am not using the AI Assistant feature in Cisco Secure Access.

Regarding VPNaaS, the answer is probably not.

I am not using the hybrid private access feature in Cisco Secure Access, but it is something we are considering, although progress is slow due to the regulations of where I work.

I have integrated Cisco Identity Intelligence with Cisco Secure Access and am in the process of doing it with some identity elements there.

The integration of Cisco Identity Intelligence has not influenced my identity management and security measures at the moment, as it is still a work in progress coming from a legacy solution where there was no identity management.

I am trying to improve my IAM management.

I cannot specify what would make it a 10 since I have not fully deployed it and do not know all the capabilities; it might also be related to limitations specific to my company.

The reason it is only an eight and not a 10 could be due to my company's specific limitations; for instance, always-on access and AI chatbots would be features I would appreciate having.

My overall rating for this review is eight.

My main use case is Zero Trust because we're moving to a full SASE platform and Cisco Secure Access was our first step.

Cisco Secure Access has helped my organization significantly, especially when we went through a cyber event and lost all our previous remote access. We were able to get Cisco Secure Access up within seven days and roll it out to all our people to get everybody back online. It was a very fast rollout to 30,000 users and we regained full functionality within those seven days.

I appreciate all the features of Cisco Secure Access, but I find the Secure Web Gateway is probably the best feature, followed by the Malware and IPS in the cloud.

The Secure Web Gateway is probably the best feature of Cisco Secure Access because it simplifies access and allows me to lock down my entire environment. My access network only allows 443 to Cisco Cloud, with no other traffic, reducing the chance of anybody getting in and cross-connecting to anything else.

One area that needs improvement with Cisco Secure Access is the ZTA policy itself, which is lacking because it is limited to one policy for one target. If I have multiple policies I want to apply to a multiple group for the same target, I cannot do it, which is very limiting.

I have been using Cisco Secure Access for 14 months.

I did not face any major challenges or have bugs, crashes, or downtime during the deployment of Cisco Secure Access. However, we experienced one downtime when all of Cisco Secure Access went down, but it was not specific to our organization.

My experience deploying Cisco Secure Access was positive. We had CX services and got it in within seven days, so it was pretty easy.

I can definitely say I have seen a return on investment from having Cisco Secure Access, as it has cut down our admin cost. I have eliminated three sets of firewalls that I did not need to have. I would say we probably save about 30% in hardware and about 20% in administration right now.

My experience with the pricing, setup cost, and licensing for Cisco Secure Access is that it is part of our security EA, so it is included in our program, which is part of a much bigger portfolio.

Before adopting Cisco Secure Access, I used Zscaler, which is along the same line, but I am not a fan. I am happy because I find with Cisco it ties well with the rest of the ecosystem, unlike Zscaler, which does not. We did look at Zscaler.

The attack we faced had a big impact.

I am not using the AI assistant feature in Cisco Secure Access yet, as we have started looking at it, but it has to go through risk assessment first.

I am not using any other AI tools in Cisco Secure Access. We were deploying AI endpoint but that has been paused.

I do use VPNaaS in Cisco Secure Access.

The transition from VPN to ZTNA with Cisco Secure Access has just been more secure for me. It is more secure because VPNs are easy. If somebody compromises a VPN, you get traditional full access to things, whereas ZTNA allows isolating access to an individual system, providing limited access.

I am not using the location enforcement by location features of Cisco Secure Access yet, but it is on the roadmap to deploy.

My experience with the Experience Insight feature, called DEM, is not good. I find the integration between Cisco Secure Access and ThousandEyes does not work well and does not deliver what it is supposed to. In fact, we have not been able to get it to work, making it pretty useless right now.

I have integrated Cisco Identity Intelligence in Cisco Secure Access, which is influenced by security. It is all tied to the identity, the root trust. That is where we are using it for.

My experience with the multi-organization management capability of Cisco Secure Access in terms of usability and efficiency seems okay for the limited usage we have for the multi-tenant. I cannot really comment if it is good or bad.

I would rate this review a 10 overall.