Cisco Secure Access Reviews

Cisco Secure Access is used for remote access VPN, supporting approximately 6,000 users in my organization. Daily usage ranges from about 3,000 to 4,000 users actually utilizing the solution.

The most valuable feature of Cisco Secure Access for users is that it is stable and it works in terms of secure access.

The overall success of Cisco Secure Access has significantly improved my organization's security posture in terms of security and usability compared to the previous solution, which was fairly convoluted with several different hops required to log in every day from home. With Cisco Secure Access, the process is much simpler and works better, particularly in edge cases such as being in a hotel or on an unstable connection, which often caused disconnections and required a full reconnect with the previous solution.

There is nothing about the product itself that I would particularly like to see improved, as nothing comes to mind regarding Cisco Secure Access.

I have been using Cisco Secure Access for about a year.

I certainly do not experience downtime with Cisco Secure Access, and there are not as many reliability issues compared to the previous solution, making it much more stable.

My uptime with Cisco Secure Access is very good, although I cannot specify an exact figure.

Cisco Secure Access does scale for my organization with 6,000 employees, and I believe we have the right devices for it. There have not been any issues with scaling as it was right-sized when it was implemented.

I have contacted Cisco support many times, though not specifically for Cisco Secure Access but for other things.

I would evaluate them overall as generally good.

On a scale from one to ten, I would rate them as a seven or an eight.

To make them a 10, it would be nice if there were not challenges in getting timely support due to our aerospace manufacturing constraints where we cannot share full telemetry or logs.

The previous solution I used before Cisco Secure Access was Ivanti Pulse Secure.

I decided to switch because Ivanti Pulse Secure was end of life, had vulnerabilities, and was not user-friendly, lacking features that you would expect from something like Cisco Secure Access.

The deployment of Cisco Secure Access was reasonably straightforward. Although it was not specifically me who completed it, everything has worked really well.

It took probably four or five months to deploy, as we had the kit for a little while, but the actual implementation was reasonably quick.

I have seen ROI from using Cisco Secure Access; it has provided benefits such as stability and ease of use since the previous solution was managed by third parties and now it is all in-house.

With reduced third-party costs associated with Cisco Secure Access, there is stability and reliability for the user base, resulting in less lost hours.

I do believe those vulnerabilities are covered now with Cisco Secure Access, as the support and patch support is better.

There is nothing that comes to mind that they can improve regarding vulnerabilities because as a Cisco product, I expect any vulnerabilities to be addressed quickly, and they do. They communicate clearly about what is going to happen and what needs to be done. With the previous product, there was often uncertainty about patch availability.

I am not using the AI Assistant feature in Cisco Secure Access.

Regarding VPNaaS, the answer is probably not.

I am not using the hybrid private access feature in Cisco Secure Access, but it is something we are considering, although progress is slow due to the regulations of where I work.

I have integrated Cisco Identity Intelligence with Cisco Secure Access and am in the process of doing it with some identity elements there.

The integration of Cisco Identity Intelligence has not influenced my identity management and security measures at the moment, as it is still a work in progress coming from a legacy solution where there was no identity management.

I am trying to improve my IAM management.

I cannot specify what would make it a 10 since I have not fully deployed it and do not know all the capabilities; it might also be related to limitations specific to my company.

The reason it is only an eight and not a 10 could be due to my company's specific limitations; for instance, always-on access and AI chatbots would be features I would appreciate having.

My overall rating for this review is eight.

The main use cases for Cisco Secure Access involve secure access to the network, as they've had some history with malware, ransomware, and things like that. They are focused on better control for remote users and access to the network.

The ease of use for end users is always a big deal. We don't want to make it too hard for them. We're currently working on an end-to-end secure access solution. We are invested in Cisco, but there are other vendors involved as well, and trying to develop a holistic strategy has been a challenge for us. We have to avoid over-securing to the point where it becomes problematic, as too many hoops for users to jump through is always a challenge. It has to be easy because if it's not easy to use, they won't use it or will find back doors to it, which is a problem. That's where we're at with it.

It works well. It hasn't broken. While I don't know enough about all the features yet, it hasn't caused us any problems.

This is my first time in healthcare after being in commercial space for a long time. It's always a challenge because we can't just turn stuff off as we could in the commercial space, since it may interfere with patient care. It takes longer to understand what's going on, so anything that could help give us a faster understanding of what's happening, why it's there, and if it's a risk to us would be helpful. We don't have any good tools right now, which is a problem.

I have been using Cisco Secure Access for two months or so.

Cisco Secure Access has been good for stability and reliability; it hasn't crashed in the two months I've been using it.

We have a dedicated account team, so we've got all the people we need to engage with if there's an issue. It makes deploying in a larger enterprise a very easy choice. Having that backing is a comfort because, for more point-specific products or vendors, if you don't know who's going to stand behind them after you turn the lights on, that can be a concern. Cisco ensures support for the technology you use.

Positive

You have to have a good ROI and a compelling story with finance; I've definitely seen that. I came from Amazon, so it was a complete 180-degree turn. Not to say that there were unlimited funds at Amazon, but you didn't have to tell the story as richly. I was on the fulfillment side. Even if it didn't seem fully vetted, but appeared to make sense or had potential to improve speed and delivery, they bid on it pretty early.

It's different here. They want it thoroughly vetted with a deeper ROI. We need to understand the cost of an hour of outage at a hospital, which, at least here, they don't know. However, at Amazon, we knew exactly how much it would cost if a fulfillment center was down for an hour. We have to do a better job of that in our organization, and once we can clarify those points, we will achieve some of the wins needed to get things done.

Cisco is a rock-solid company and a leader in the network space, and I believe they will always provide the right level of support. 

I would rate Cisco Secure Access an eight out of ten.

I have been using Cisco Secure Access since the company started, and I have had enough exposure to evaluate both its strengths and areas of improvement.

I mainly use Cisco Secure Access to secure remote access and provide zero-trust access for employees who are working remotely.

Securing remote access and providing zero-trust access helps us give employees secure access from anywhere without relying on traditional VPNs, and it also improved visibility and reduced security risk, especially for remote and hybrid workers.

About my main use case, it was especially helpful during our shift to hybrid work since we needed secure and reliable access for users across different locations and devices.

The best features Cisco Secure Access offers are its zero-trust access controls, easy integration with Cisco products, strong visibility into user activity, and cloud-based management.

Cloud-based management or visibility into user activity makes monitoring and managing access much simpler since everything is centralized, and we can quickly see user activity and respond to issues without digging through multiple systems.

Cisco Secure Access has positively impacted my organization by improving our security posture, reducing reliance on VPNs, and making remote access faster and more reliable for users.

The main area for improvement with Cisco Secure Access would be simplifying initial setup and policy configuration, as some parts can feel complex for new admins.

Better onboarding guidance and more intuitive dashboards would make it easier for new users to get started and manage policies more efficiently.

I have been working in my current field for 1.5 years.

I find Cisco Secure Access to be very stable overall, with minimal downtime, and performance has been consistent for users even with remote access. Any issues we have seen have been minor and resolved quickly.

Customer support for Cisco Secure Access is pretty good and responsive and knowledgeable, with most issues resolved quickly, especially when escalated through Cisco support channels.

We previously relied on a traditional VPN solution, but it was a standard option at the time for remote access before we moved to a Zero-Trusted model.

My experience with pricing, setup cost, and licensing is that pricing is on the higher side and licensing can be a bit complex; the setup cost was manageable, but initial configuration required some effort and expertise.

We have seen a return on investment from Cisco Secure Access, mainly through reduced VPN usage, lower support overhead, and time saved on access management, which has overall improved efficiency for the IT team and reduced operational costs.

There has been a clear ROI with Cisco Secure Access as we have reduced VPN-related support workload significantly. We have also seen a 25% improvement in troubleshooting resolution time and lower overhead from not maintaining legacy VPN infrastructure, which translated into both time and cost savings.

We evaluated a few alternatives such as Zscaler and Palo Alto Networks Prisma Access before choosing Cisco Secure Access.

We are using the Experience Insights feature, Digital Experience Monitoring powered by ThousandEyes, with Cisco Secure Access, and I'm not sure of the incident resolution time, but it is faster.

We have started using the AI Assistant feature in Cisco Secure Access, but still in a limited way for basic queries and troubleshooting.

We use ZTNA in Cisco Secure Access, and it's both client-based and clientless depending on the use case, which has positively affected our transition to Zero Trust and least privilege principles.

We use Cisco Identity Intelligence with Cisco Secure Access to improve user visibility and strengthen identity-based access controls.

I evaluate the AI Access feature of Cisco Secure Access for providing deep visibility and control over AI applications, tools, and large language models as very useful for visibility into AI usage, but still evolving, as it helps us monitor access to AI tools and enforce basic controls. However, we would like more granular policy options and reporting.

My advice to others looking into using Cisco Secure Access is to plan the rollout carefully and invest time in learning the policy configuration, as it's powerful but getting the setup right early makes a big difference in long-term success. I would rate this product an 8 out of 10.

Cisco Secure Access serves as a replacement for customers' old VPN solutions while increasing security through Zero Trust Network Access (ZTNA). We had a chicken production client that identified their current VPN as the lowest hanging fruit for increasing security. Since the customer already had Secure Client or AnyConnect previously, introducing the ZTNA module into Cisco Secure Client felt quite straightforward. We implemented it step-by-step, side-by-side, and rolled it out for that customer, which improved secure access for both on-premises and cloud solutions and turned out to be very effective.

Cisco Secure Access offers seamless access and replacement for VPN; VPN can be quite clunky when you need to access cloud solutions. With Secure Access, you create tunnels to everything basically in the solution, simplifying things while improving security for our customers. I particularly appreciate the ZTNA story and accessing SaaS, on-premises, and cloud resources all at once.

Usability is one of the key factors in selling the product; it has to be easy to use. I think Cisco has done a good job there with Secure Client, and since many of our customers and a lot of the market are familiar with AnyConnect, showing them Secure Client, which is basically the same thing but with a new coat of paint, and telling them that it improves security while not being more difficult to handle is great.

Customers spend much less time troubleshooting VPNs because ZTNA works more stably, and therefore it has become a pretty good point of sales for us as a reseller to increase our revenue at the customer level, because it's an extra layer of security that you can add to an already existing networking solution. On the customer side, it increases performance and helps ease of use, and from the reseller side, it's a great product to add on to existing network solutions.

The customer's experience has gone from "Our VPN doesn't work and we need to troubleshoot it all the time" to "Our ZTNA does work and we don't need to troubleshoot it all the time." Cisco Secure Access has been very stable.

Cisco Secure Access's scalability is great; from a technical point of view, it's quite simple. However, from a licensing and cost point of view, there could be improvements in ease of licensing and better pricing.

The multi-organization management capability of Cisco Secure Access is excellent; it's a great feature that you can do with the multi-tenancy mode, and I think it's great that you can roll it out to separate organizations.

A more granular license approach would be beneficial, allowing customers to grow with half a module or one module at a time and add on the CASB, the DNS security, or the ZTNA. If they can do it granularly and grow slowly, I think that would be really advantageous for the sales process.

The license model can be simplified; it is a bit tricky to understand exactly which licenses you need. The cost was pretty expensive but also pretty reasonable, and if the cost could be brought down a bit, that would make it a much more attractive product for the Swedish market.

Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented.

I have been using and reselling Cisco Secure Access for the past two years.

Customer support is decent; it is slowly getting better now with the new NIS2 and cybersecurity laws that are being implemented. I would give customer support a rating of five.

Neutral

We previously used Cisco AnyConnect VPN, so it was more of an upgrade rather than a switch; we switched from AnyConnect to Secure Client to SSE.

I do not have concrete numbers that I can share because I do not currently have them, but the customer's experience is that they are spending pretty much no time troubleshooting ZTNA, down from spending a lot of time troubleshooting VPNs. I would estimate it is probably in the 60 to 70% range of time saved when it comes to VPN troubleshooting.

We looked at FortiSassy, Cisco Secure Access, and the customer also looked at Cloudflare.

The AI access feature of Cisco Secure Access is really interesting. I do not think it is really there yet; the product has to mature a bit more for us to give it an honest evaluation. However, from what I have seen in the upcoming feature releases, I think it is a really interesting way to go for the AI agents in the solution.

We do not use VPNaaS in Cisco Secure Access.

I do not know how it has impacted incident resolution time because we have only used the Experience Insights feature in a proof of concept stage, and I have not yet done it in a full rollout.

The AI assistant feature in Cisco Secure Access has helped with the documentation and with administrative duties.

We have not integrated Cisco Identity Intelligence with Secure Access.

Everybody has a need for a VPN; VPN is not as secure as it once was because the market is moving fast. Cisco Secure Access and ZTNA is the way forward to ensure easy access and secure access to your preferred on-premises or cloud instances. I would suggest to customers that they allow us to help them by choosing ZTNA rather than VPN. I rate Cisco Secure Access an eight because an easier license structure, easier pricing structure, and better pricing structure would bring it to a ten.

I use Cisco Secure Access as a VPN service. Cisco Secure Access provides not just securing and filtering capability on the traffic, but also a cloud VPN capability. This basically relieves the company from using the traditional perimeter firewall to connect via VPN. VPN connectivity through the cloud is incredibly flexible and is not constrained by the power of the firewall the company has, because the VPN is through the cloud. This allows companies to provide VPN capability to any remote user on a very short notice and not be limited by their firewall.

I use ZTNA with Cisco Secure Access, which is another very clever capability that Cisco Secure Access has grouped along with several other interesting capabilities in one product. I always recommend and suggest to customers to try a proof of value or proof of concept of the product, which is very easy to do. Cisco allows any customer, literally for free, to test the product by themselves and test, for example, ZTNA capability. Customers can see for themselves with a proof of value how easy it is to install the product and how quickly it can be delivered in production.

I use it with my clients both client-based and clientless with Cisco Secure Access. There are requirements for customers to allow connectivity to subcontractors who cannot install a client on the endpoints. Cisco Secure Access is a crucial solution in these situations because it can protect both employees and subcontractors, or any situation where a client is not feasible to install on the endpoint, while still allowing the same kind of level of protection.

Cisco Secure Access has helped my clients transition from Zero Trust and least privilege principles. It provides protection even with technology such as MFA installed. It provides that seamless, transparent experience for a user that can use an agent installed. Cisco Secure Access covers a different spectrum of situations where the customer needs to protect remote access. There is also a flavor of Cisco Secure Access specific for IoT, which allows recording of the session. This is crucial for contractors when they need to access facilities offshore. This is a classic example of remote access where we cannot install any agent for the subcontractor, but we can record the session for whatever they do.

There are a couple of features that are currently the most valuable in Cisco Secure Access. First of all, the solution deploys very fast, and the other one is the performance. Cisco Secure Access adopted the QUIC protocol, which allows anyone, even when working from a plane with a very bad connection, to perform very well because it is basically a protocol that is adopted now by the industry. Cisco used it in Cisco Secure Access well before other vendors. It is a brilliant solution that allows branches, for example, to connect to cloud resources much easier than using the traditional way of communicating through a firewall.

I have worked with the Experience Insights feature, experience monitoring, and DEM powered by ThousandEyes with Cisco Secure Access. This is another acquisition that Cisco did some years ago, and it has been really instrumental for lots of companies to find out where the communication problem sits. One of the problems the customer faces is identifying where the communication problem is. If we start from the endpoint, we know the endpoint reached the access point, then the network, and then the provider and the internet. However, identifying where the problem is in the communication was difficult. Until ThousandEyes was adopted, it was pretty much a blame game between the provider and the customer, saying who was at fault or where the problem in the communication was. ThousandEyes allows us to say definitively, "This is the provider issue because we can see our network is working very fine until that point," or identify if the problem is in the network. It worked very well in several situations. Cisco in-built ThousandEyes in products such as Meraki and Cisco Secure Access, and you can see it basically now in-built in any product because that visibility is crucial.

Cisco is expanding Cisco Secure Access by protecting AI, especially the AI agent. This has been announced in the keynote this week. I am looking forward to knowing what Cisco is doing about protecting agentic AI. Cisco Secure Access is one of the best products to provide these kinds of capabilities because of the flexibility of the deployment and the ease of installation. It is quite pervasive because it reaches and protects the user wherever they are. For the agent, this is quite a crucial requirement.

For AI, I believe this capability is still in the roadmap for Cisco Secure Access. It should be announced possibly in the second quarter. This is something that, if asked how Cisco Secure Access can be improved, I would say the capability to protect agentic AI is a key improvement area.

I have been working with Cisco Secure Access for six years.

Some years ago, I worked with the technical support for Cisco Secure Access. However, I am now more of a consultant, so I am happy to advise our customers on the best technology available.

The setup generally depends on the scale of complexity, but if you go for a standard deployment of Cisco Secure Access, a couple of hours is all that is needed to have the system going. Depending on the complexity of the policy you want to configure, that could be longer. However, it is amazing that the same day you install the product, you can really use it.

Cisco Secure Access is more than a mature product at this point. Cisco capitalized on the experience with Umbrella, which was basically the previous product, and expanded with capabilities to provide a very effective connection for remote workers wherever they are and using technology such as QUIC, which is adopted by Google. It provides not just security, but also very effective communication wherever the user is working from. I would rate Cisco Secure Access as a nine out of ten because I believe there is always room for improvement, and I am really looking forward to what is coming regarding agentic AI, as I think Cisco Secure Access will play a lead role for that.

The first use case is access to the private application on the data center. The second use case is access to the cloud application on the cloud, plus the branches connected to the branches.

When discussing how easy or difficult it is to manage Cisco Secure Access through the single cloud managed console, I find it very easy. Cisco Secure Access is similar to Umbrella and Meraki; it requires just a few clicks to configure what I need or what use case I have.

The features I have found most valuable in Cisco Secure Access include Data Loss Prevention, Web Security Gateway, Cloud-delivered Firewall, and CASB. All of these features are amazing on Cisco Secure Access.

Regarding the integration of Secure Access with CASB functionality for exposing shadow IT within my organization, it gives me powerful capabilities to control shadow IT and its integration and features for Data Loss Prevention.

For sales, it is easy to tell the client about the benefits because it is simple, with only one or two lines for pricing. For pre-sales, it is very good as I can configure it in two clicks on CCW. The use cases can be summarized in just two or three slides of presentation. The user experience is very easy because the security is invisible to end users, meaning they do not suffer from strict security preventing them from doing their job. I find it an amazing product, and as it is an upgrade for Umbrella, it has all the good sides of Umbrella while removing some bad sides.

Based on my experience, the main point for improvement is the full integration on the Meraki dashboard. Cisco Secure Access with Meraki MX forms what we call a SASE solution. However, currently, Cisco Secure Access does not appear on the Meraki dashboard; they are still using Umbrella, which does not fully unify with Cisco Meraki.

Regarding functionality, I do not find things that need to be improved, except that Cisco should make the security web gateway, URL filtering, IPS, and fire-walling more robust for large businesses. These features are suitable for small and medium businesses but may need enhancements for larger enterprises.

For large businesses, it does need some improvement, but if it improved, I think it will not be enough as it is targeting small and medium businesses. This is not a drawback, just correct sizing.

I have been working with Cisco Secure Access since its launch, which is about two years ago.

For stability, I would rate Cisco Secure Access a nine. It is a new product, and although two years is not long enough to fully judge stability, I have not found anyone who complains about Cisco Secure Access or even its predecessor, Cisco Umbrella.

Positive

Regarding scalability, cloud solutions inherently allow for scaling up and down without issues, but as I mentioned before, it is primarily for small and medium businesses. I cannot judge its applicability for enterprise use at this stage, but for certain, I would give it a nine.

Positive

For technical support from Cisco for Secure Access, I rate them ten out of ten. Cisco is known for its exceptional support, with a lot of team resources available.

Positive

Regarding the initial setup for Cisco Secure Access, I find it very simple, and it is a native cloud solution; it is not on-premises at all. If Cisco decided to create an on-premises version as a unique delivery option, it would be an outstanding out-of-the-box solution.

For pricing, I consider this one of the few drawbacks of Cisco. Cisco is known for its high pricing, so I would give them a six.

Positive

In my opinion, the main competitors in the market for Cisco Secure Access are vendors delivering SASE solutions such as Palo Alto, Fortinet, and maybe Huawei, but I do not have a real branding name for these. I have not done in-depth comparisons with these products, but we can compare features such as DLP on Cisco versus Forcepoint.

Cisco Secure Access operates on the Cisco native cloud and not AWS or Azure; it operates in Cisco data centers.

I can recommend Cisco Secure Access to other users, especially if their country approves cloud solutions for their people. I am 100% confident in recommending this solution. I rate this review an eight out of ten.

We are about to start up with Cisco Secure Access now. We started this last year, but we have a lot of Umbrella that we are moving over to Cisco Secure Access. The main use cases for Cisco Secure Access are mostly the internet, but we are also looking for the client part, including ZTNA and so on, to move over that part from the traditional SSL VPNs.

The feature of Cisco Secure Access that I appreciate the most is the visibility and the ability to have one rule set for all the traffic. You can see the LAN connections and get them with SGT tags. This means you have all the things, not just your managed clients streaming through the policy set.

The features I have mentioned benefit our company overall by giving us one single pane of glass. We can see all the rule sets. We are partners, so we are building for our end customers and they appreciate having one single control point of the network. This is the most important aspect.

I am not using the AI assistant feature of Cisco Secure Access much yet. I think it is a little bit limited right now. This is something that can be improved, and I think it will be.

I hope there will be a good way to transform Umbrella installations over to Cisco Secure Access to improve the transition. I have not looked much into that part yet, but I hope there will be a smooth transition. Otherwise, that is an improvement that needs to be made.

We are about to start up with Cisco Secure Access right now, with the migration beginning last year.

Before using Cisco Secure Access, we were using Umbrella, which is also Cisco. We used Umbrella and also have a lot of traditional VPN as a service, SSL VPN and so on. We are coming from that part and moving to ZTNA. We are in a transition.

From my point of view, the biggest return on investment when using Cisco Secure Access is that we have not reached that point yet. As we have end customers, it is more up to them to say, but we think that it would be a better improvement and a better experience for the users, and probably fewer tickets and easier troubleshooting. I think it will provide a return on investment in the big picture.

My experience with the pricing, the setup costs, and the licensing of Cisco Secure Access is that it is not cheap, but I do not have exact numbers on what it costs. Comparing to Umbrella, I think we are getting a more future-proof solution, and I hope it is worth the money.

We did not consider other solutions before choosing Cisco Secure Access because we are almost 100% into Cisco with our services. We are using Cisco SD-WAN and Catalyst, for example, and we are looking forward to integrating that with Cisco Secure Access also. We are also using ICE and so on. We are quite integrated into the ecosystem with the services we are delivering, so we will use Cisco Secure Access for that part.

The impact of Cisco Secure Access on our help desk ticket volume and the end-user experience has been evolving. I do not have numbers for the help desk, but I think it is going in the right direction.

The deployment of Cisco Secure Access requires that if you do the internet part, you have to get the customer involved. They have to know which applications work well with a proxy and so on. For the ZTNA part and the client part, it is the same. You have to know your traffic patterns and so on, and you may have to start with a bigger, more allowing rule set and turn it down afterwards.

My advice to other companies considering Cisco Secure Access is to look over their needs and see what great opportunities it can bring to the company. The single pane of glass could be beneficial. You will also get your services together in one appliance, and not so spread out. I would rate this solution an 8 out of 10.

Our main use cases for Cisco Secure Access include everything, such as all of our switching and wireless.

I mostly work on the level one switching side. I deal with all the Catalyst 9300 switches and 9280 wireless routers.

It's pretty streamlined. Everything you need to find is in the GUI interface, and if you have any trouble, it's easy to navigate and get around. 

Cisco Secure Access has had a positive impact on protecting our organization from threats such as phishing and ransomware. It provides security and adds additional layers.

I perceive Cisco Secure Access's ability to provide secure access via standard HTTP2, and optionally QUIC protocol, as great and secure.

The licensing is confusing.

I have been using Cisco Secure Access for only a year since joining the company last year. However, the company has been using it for almost ten years.

We have not had any downtime.

Cisco Secure Access scales with the growing needs of my organization. It works effectively for our needs.

I would rate their technical support a nine out of ten. They are quick to respond and generally quick to find a resolution and figure out what's wrong.

Positive

I have not used another solution to address similar needs in another role.

It was already in place when I got here.

It is confusing. When you look at the prices, you have different licensing and years of licensing that you have to purchase. Additionally, it's unclear what service you get from those licenses regarding end-user support. We have a representative who has to walk me through it every time.

The advice I would give to other organizations considering Cisco Secure Access is to implement it as it's pretty straightforward. 

I would rate Cisco Secure Access a nine out of ten.